Employee misconduct ad hoc wireless networks also

This preview shows page 12 - 14 out of 17 pages.

Employee Misconduct Ad-Hoc Wireless Networks also referred to as peer networks, consist of computer-to- computer connected devices that are called nodes without a server. It is used to share files or data with another computer without to a Wi-Fi network. As long as the computers' adapter card is configured for ad-hoc mode, connect to the same SSID and are within 100 meters. The ad-hoc network is deleted when everyone on it disconnects. Ad hoc network threats include routing attacks due to their dynamic topology and lack of any infrastructure, denial of service (DoS) and spoofing attacks, “whereby a compromised node impersonates a legitimate one due to the lack of authentication in the current ad hoc routing protocols.” [Sar13] Self-Configuring Dynamic Networks refers to a horizontally layered network architecture in telecommunications and business model that separates the physical access to the network from the delivery of services. This is used at the company to limit certain activities on the network with is beneficial to the company’s security. Protection Mechanisms To ensure the security of the network securing the routing protocol is very important. According to [Bin] for the DSR protocol, the challenge is to ensure that none of the intermediate nodes can existing nodes or add extra nodes to the route. This is done by attaching a per-hop authenticator for the source routing forwarder list so any changes can be detected right away. Also ensuring each node forwards packages according to the protocol by using reactive methods will protect against black holes happening on the network. Self-Configuring Dynamic Networks To protect against Self-Configuring Dynamic Networks the company can consider signal-hiding
13 Incident Response techniques. This is used to make the wireless access points more difficult to locate thus making it harder for a hacker to locate and attempt to attack the network. This is done by "Turning off the service set identifier (SSID) broadcasting by wireless access points, Assign cryptic names to SSIDs, Reducing signal strength to the lowest level that still provides requisite coverage or Locating wireless access points in the interior of the building, away from windows and exterior walls.“ [Min08] Another way to monitor employee behavior and detect any malicious behavior is to utilize Wireshark, which is a network protocol analyzer. It is used to analyze the network traffic in detail allowing you to see any signed of possible attacks through the packets being deceived. After analyzing the wireless traffic on the company’s network, we found the following: List all of the IP addresses found within this packet capture. 239.255.255.250, 224.0.0.252, 224.0.0.22, 17.253.20.253, 10.0.250.200, 10.0.250.161, 10.0.250.160, 10.0.250.146, and 10.0.250.1 How can you modify the ngrep to include all IP addresses?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture