AIS300 - Scheme of Work - Scholarly Commons Home
AIS300 - Scheme of Work - Scholarly Commons Home
AIS300 - Scheme of Work - Scholarly Commons Home
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
protocol, and the SSID. Lin et al. (2004) from their wardriving survey reported that a<br />
minimum <strong>of</strong> 60% <strong>of</strong> the WLAN devices identified in their study do not have the WEP<br />
encryption enabled while 67% <strong>of</strong> the WLAN devices are still using the factory default<br />
SSID. The study did not report on the number <strong>of</strong> ad-hoc and infrastructure WLAN<br />
detected in Auckland CBD which will show the growth <strong>of</strong> peer to peer wireless growth.<br />
Hole, Dyrnes and Thorsheim (2005) carried out a comparable study to Lin et al. (2004)<br />
by applying wardriving and warwalking methods to asses the security level <strong>of</strong> WLAN<br />
in Bergen, Norway. The focus <strong>of</strong> their study however is on the security issue <strong>of</strong><br />
corporate employees connecting to the company network using wireless devices while<br />
at home or while on the road. From the study, the authors identified that a majority <strong>of</strong><br />
the WLANs users in Bergen, both private users and businesses users, are only<br />
implementing WEP a security measure. The argument brought up by the authors is on<br />
the credibility and reliability <strong>of</strong> the WEP protocol alone in securing WLANs. The<br />
authors recommended WPA, virtual private network (VPN), and captive portal to<br />
replace WEP in WLAN (Hole, Dyrnes, & Thorsheim, 2005). Another similar<br />
experiment by Curran and Smyth (2005) was conducted in Londonderry in United<br />
Kingdom to investigate the number <strong>of</strong> wireless devices that are enabled with WEP. The<br />
authors confered on the weaknesses <strong>of</strong> default security mechanism such as WEP and<br />
SSID. WLANs attacks are listed out by the authors which includes the passive attacks,<br />
traffic analysis, man-in-the-middle attacks, session hijacking, MAC Spo<strong>of</strong>ing (identity<br />
theft), IP redirection, and injecting traffic (Curran & Smyth, 2005).<br />
The focus <strong>of</strong> the data gathered by all the researchers are on the WEP and SSID. It is<br />
arguable that eventhough the detected WLAN device is using WEP and the default<br />
SSID, those devices could also be secured through other more advanced security<br />
methods such as VPN and firewalls. However, a wardriving may not be able to detect<br />
such security features and thus require a more specific testing environment to do so.<br />
2.7 Summary<br />
The serious security hiccups that exist during WLAN earlier implementation such as the<br />
WEP and open system authentication will not render WLAN growth in the future. One<br />
the many reasons would be due to the benefit <strong>of</strong> network mobility and flexibility that is<br />
lacking in the existing wired LAN infrastructure. The increasing and affordable<br />
wireless devices are also a factor that generates WLAN future growth. Individuals and<br />
companies are currently using the wireless technology to conduct important<br />
19