From the basic definition we identify network as connection between two or more computers with a purpose of sharing information, resources etc. On a broader perspective, network can be classified into wired and wireless. Cyber-attacks being very often these days use both wired and wireless networks as primary medium of transmission. The main reason being, the necessity of internet in many organizations and confidential information is being transmitted.
Wired network is a traditional way of connecting computers through wires and physical network access points. Ethernet cables for Local area networks and Wide area networks comes under this. Frequency of cyber security attacks in wired networks are comparatively lower than that of wireless networks because of its fixed network structure. Here are some ways of securing wired network through firewall technologies (Stallings & Brown, 2018).
· Packet filtering firewall consists of a proxy which blocks unauthorized network traffic. This proxy server has the capability of filtering both incoming and outgoing traffic.
· Stateful packet inspection firewall controls the network traffic by creating stricter outbound rules for TCP traffic.
· Application level gateway is a type of firewall which requires valid user credentials to connect to remote host.
· Circuit level gateway is slightly different from application level gateway where it does not allow every user request to connect to remote host but instead creates two TCP connections and only allows users to connect from one to another. An easier example would be organization employees being trusted and given access by system admin.
Wireless networks on other hand have gained prominence during the past couple of decades due to its convenience of being able to connect without a wire, within closer distances. Because of its comfort, wireless networks are becoming more sophisticated with higher generations like 4G, 5G and increasing bandwidths. Not only wireless networks are gaining more fame and user base, but also cyber attackers/abusers. Hence many security and privacy concerns are faced by organizations and strong firewall system is really needed. Firewall can be understood as a wall between enterprise network and overall network. Every operating system comes with and inbuilt system firewall. Wireless networks can be secured in following ways.
· Use a strong firewall to control and protect all incoming and outgoing network traffic.
· Enabling only authorized domain URLs, applications through firewall. Allowing certain IP addresses is better. Encrypt entire network traffic and dismiss all incoming unauthorized traffic. Standardize and make a note of application running on each port.
Potential exposures
· Rogue access points: Setting up a rogue access point is very prominent way of exposing wireless networks. This could either be done intentionally by a hacker or unknowingly by an employee when he connects his drive/device to corporate network, and this becomes a way for hackers to intrude.
· Denial of service: Which means limiting the capability of host by sending loads of unwanted traffic to that service. Another simpler way could be by interfering with devices on the wireless network. For example, a wireless network having a bandwidth of 2.4 GHz has limitation of three channels and interference can even be caused by a device like oven on the same channel.
· Passive capturing: Attacker can be in the network range of a wireless networking and stealing the information passively. However, this exposure occurs mainly in the unsecured wireless networks like malls, airports, etc.
References
1. Wilkins, S. (2019, April 05). Common Wireless Network Security Threats. Retrieved July 19, 2020, from https://www.pluralsight.com/blog/it-ops/wireless-lan-security-threats
2. Stallings, W., & Brown, L. (2018). Computer security: Principles and practice. New York: Pearson
3. U. Murthy, O. Bukhres, W. Winn and E. Vanderdez, “Firewalls for security in wireless networks,†Proceedings of the Thirty-First Hawaii International Conference on System Sciences, Kohala Coast, HI, USA, 1998, pp. 672-680 vol.7, doi: 10.1109/HICSS.1998.649269
4. Securing Your Wireless Network. (2018, March 13). Retrieved July 20, 2020, from https://www.consumer.ftc.gov/articles/0013-securing-your-wireless-network
Wi-Fi is a wireless network technology that permits gadgets, cell phones and other hardware to interface with the Internet. Most households and organizations put forth an admirable attempt to keep unauthorized clients off their networks, however Wi-Fi passages and routers can give hackers a helpful route in.
Firewall – It is designed to prevent any external or unauthorized users from bugging in even from their private network. These firewalls protect any unrecognized users from accessing organizations private network like intranets. The few types of firewalls include Packet Filters, Stateful inspection, Next generation, Circuit-level and Application level gateway.
There are several ways in which we can protect wireless networks –
•Use a secure WPA password – Each and every router comes with encryption. This encryption is helpful in scrambling the data which makes it unreadable. The password used here should be random and long so that it is almost impossible for the hacker to crack it.
•Changing the Router’s SSID – Service set identifier (SSID) is used as a default by many vendors who ship their wireless networks using the same. If we still use the default SSID then it signals the hackers that your wireless network is not properly configured and thus is prone to attack.
•Providing separate network for guests
•Using a firewall
•Change the credentials of router’s admin
•To ensure Wifi connection is strong
•Remote Management should be turned off
Many hardware firewalls are using packet filtering, to find out the destination and source we need to look at the packet header. This provides details whether to use the packet means it is legitimate or not, if so we can discard it.Software firewall provides better network traffic or idea to pass through the device and they usually run on the end point of the device.
Following are the few ways that can expose firewall security-
1. The more we modernized the firewall, the more difficult it become to operate and manage.
2. Oversize integration and poor management can also lead to blind spot the admins to handle the chaos.
3. Due to great evolution in firewall industry, as they can look for the originating application or user device. It requires deep technology to look for the thread which again lead to breakage of complete security system.
References-
Soewito, B., & Hirzi. (2014). Building secure wireless access point based on certificate authentication and firewall captive portal. EPJ Web of Conferences. Issue 68, p1-6. 6p
Abbas, M.A., Song, H., &Hong, J. (2019). Secure Wireless Communications in Broadcast Channels With Confidential Messages. IEEE Access Access, IEEE. 7:170525-170533
Thompson, Scott D. (2005). Securing your wireless LAN electronically and physically. Cabling Installation & Maintenance. Vol. 13 Issue 5, p32-38. 4p
What are wired and wireless network
Wired networks uses electric pules or light waves within physical cables to facilitate data transfer between devices. Wireless networks uses radio frequencies over air between devices to facilitate data transfer using wireless access points (WAP) and wireless network interface cards (WNIC) .
Wireless network vulnerabilities
1. Packet sniffing
An attacker can connect to a network and phish the content of packets for any valuable information.
2. Man in the middle attack
Attackers can modify the information/data being sent over a network and fool the sender and receiver if the network is vulnerable.
3. Distributed Denial of service attack
Attackers send multiple packets to throttle a network thus disallowing legit users to access network resources.
4. War driving
Attackers drive through an area on a moving vehicle and search for vulnerable networks to attack.
5. Camp out An attacker can ‘camp out’ at free public wifi networks like cafeteria or restaurants or airports which are usually less secure and attempt to check out data from users by inspecting packets.
How does firewall protect a system or a network
Firewall acts a layer of protection that tries to act as a shield to a system or a network thus protecting it from unnecessary traffic or malicious software attacking a system.
Firewalls can be of two types software and hardware.
1. Software firewall:
In this case a firewall software is installed in a system to protect the system itself against threats from the outside world as well as network access by applications installed on the system. One of the disadvantages for a software firewall is that since its installed on the system itself, it restricts the ability of the software to detect and stop attacks or malicious software outside the system. The other disadvantage is that it is difficult to manage multiple systems in a network since the installed software has to be updated on each system, If even one system is compromised it can have adverse effects on the network itself.
2. Hardware firewall:
These are physical components that are placed between the system and the network. A disadvantage of having physical hardware is that since it’s a sophisticated device it requires trained professional to make sure that the device is configured correctly and maintained.
References
Understanding Firewalls for Home and Small Office Use. https://us-cert.cisa.gov/ncas/tips/ST04-004
Joe Kelmencic. Basic Security Mechanisms for Wireless Networks. https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=b362d5fa-e29c-4e2c-add4-8203da7b9ceb&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments
Firewall is a quintessential feature of cybersecurity architecture that ensures the security of networks, be it wired or wireless. It provides the authority to the administrators to execute access controls between the internal network and the external world.
Today, wireless networks are everywhere and enable the wireless network users to access it from anywhere and anytime. But this freedom comes at a risk, and it also poses high security risks and threats to the network. It’s relatively easier to intercept the communication between the users and the network and the introduction of malicious software. But this could be controlled by using WiFi firewall – these are the servers that have the capacity to observe and sift the WiFi traffic. They are also known as WIPS (Wireless Intrusion Prevention System) that enables security enforcement all through the entire WLAN (wireless LAN).
The wired networks are susceptible too and to protect it, a user/admin can utilize some measures to ensure security. One would be to audit and map the network by clearly recognizing the infrastructure of the network, keeping the network up to date by staying on top of software updates and assessing settings to spot any insecure configuration. MAC address filtering is another approach that avoids the neighbor intrusion if not the hacker intrusion.
Although firewalls can protect the networks, it is also vulnerable to issues such as – insider attacks, any missed security patches if the associated software is not managed properly, any configuration anomalies occurred during the firewall setup and DDoS – Distributed Denial of Service that could cause protracted inability to deliver services.
References
Firewalls for Security in Wireless Networks U. Murthy1 , O. Bukhres2 , W. Winn2 , E. Vanderdez 3
Jeong, J., Chung, M., & Choo, H. (2006). Secure User Authentication Mechanism in Digital Home Network Environments
The post Discuss the current methodologies used to secure wired or wireless networks via current Firewall technologies and the potential exposures that currently exist appeared first on Versed Writers.
