Towards Development of a Framework for Wireless LAN Security

Camilius Sanga1 and Juma Kilima 1

1

Computer Centre, Sokoine University of Agriculture, P. O. Box 3218 , Morogoro, Tanzania E-mail: {sanga, kilima}@suanet.ac.tz

Abstract. In this paper, we first introduce the readers about the security aspects of Wireless Local Area Network of a developing country university. This is followed by a description of Wireless Local Area Network (WLAN) security threats that we have identified and later, we identified the free and open source tools to be used when security threats need to be dealth with. The performance of some these tools are presented. Finally, we conclude by highlighting the lesson learnt from our research by providing a framework which if taken would minimize the security threats. Categories and Subject Descriptors: C.2.0 [Computer-Communications Networks]: Security and protection; C.2.3 [Computer-Communications Networks]: Network monitoring General Terms: Security, Measurement, Experimentation Keywords: wireless, local area network, security, Free & Open Source, analyzer, tools

1.0 Introduction
Sokoine University of Agriculture (SUA) established the Computer Centre in 1993. This Centre was charged to be the arm of the University responsible for teaching, research and consultancy in areas of Information and communication technology. Among other things, the Computer Centre is responsible for Planning and overseeing the development of infrastructure and ICT as well as coordinating the acquisition, installation and use of computer hardware and software SUA (Sanga et al., 2010). The objective of implementation of WLAN for sure was to enhance security of our LAN to improved training/learning, research and ICT services through increased accessibility of e-resources through wireless LAN (WLAN). 1.1 Justification of WLAN There are a number of advantages which were identified after establishment WLAN. These include: (a) Improving accessibility and coverage of LAN and Internet services because the access to the network can be from anywhere within range of an access point.

1.

(b) It is relatively cheaper than wired network especially the installation cost is usually lower. (c) Installation is usually faster and easier as it eliminates the need to fix cable through walls and ceilings. (d) It is simple to add or move workstations and to install access points to provide connectivity in areas where it is difficult to lay cables. (e) In historic buildings such as those at Solomon Mahlangu Campus (SMC) where traditional cabling would compromise the facade, a WLAN can avoid the need to drill holes in walls. From the above rationale, WLAN was installed at Computer Centre students Laboratories and Library (SNAL) in Main Campus. Also, at Faculty of veterinary medicine WLAN was installed. In SMC, there is WLAN at the tower of Wireless Link with Main Campus. Furthermore, a department of Agribusiness, Crop Science and Soil Science uses the WLAN of Sokoine National Agricultural Library (SNAL). A future plan is to extend WLAN to all departments so that we cater for 8,432 users who can get connected at a time.

Figure 1: A Simple Model for Wireless LAN Figure 1 shows a simple model for the wireless LAN. From this Figure it is worthy noting that a wired LAN is necessary particularly from the server room to the new hostels to provide a backbone to the WLAN. Wireless Devices that were identified to be necessary to implement WLAN at SUA LAN were Wireless Access Point (WAP), Wireless Routers, Mast, Trunks, electric cables indoor and electric cables outdoor. 1.1.1 Wireless Access Points (WAP) These devices extend the LAN while caring its original IP without routing, that is WAN and LAN are in the same network. This allows the clients to be in the same network as the wired network providing an advantage of sharing common utilities.

These devices are needed where clients require SUA intranet facilities and other network advantages. 1.1.2 Wireless Router Works the same way as above WAP but has two parts of network that is WAN is one network while LAN is another network. WAN is the signal source in this case SUA LAN signal and LAN is the client signal in this case wireless clients. Basically the wireless router multiplies the single input IP into bunch o f above 250 IP addresses. 1.1.3 Outdoor and Indoor Systems For the outdoor and indoor wireless systems both systems are needed. The SUA Computer Centre is proposing to use Planet Devices with its Mesh topology. In Mesh topology the system is robust allowing for auto configuration for any additional Planet device. Having said that, the challenge remains how to secure WLAN. Thus, this prompted the authors to do a research on the subject. 1.2 Statement of the Problem

SUA's Network include various unsecured wireless access points, this made the network susceptible to miss-configuration outages. Since there are no mechanisms to authenticate Wireless Local Area Network (WLAN) users, the network is susceptible to the following security threats: Denial of Service, Spoofing and Session Hijacking, sniffing, invasion and resource stealing, traffic redirection, rogue networks and station redirection as well as Eavesdropping. Users (i.e. SUA staff, students, top managers) are allowed to access Internet, some students access network from their hostels. Network users are transmitting university essential data across the network, these posses a challenge to network administrators to put more effort to create a secure and reliable environment. This fact makes it imperative that there is a need to implement strong security measures and policies to protect loss of university data, and understand how to support and monitor the traffic in and out of LAN from the wireless network. Thus, there is a need to conduct a study and recommend best practice measures to overcome these security threats. 2 Related works Wireless computer connection has brought affordable computer connections in many developing countries. This has been explained early in WLAN justification section. Because of its cheaper installation costs there are plenty WLAN being established in different organization in developing countries (Pentland, Fletcher and Hasson, 2004). It is argued that WLAN has helped to narrow down the digital divide between the rich and poor countries (James, 2002). Even though WLAN has potential benefits which can help the developing countries to leapfrog in their development (Flickenger, 2007) but how to secure it, is a challenge

(Sanga, Kilima, and Busagala, 2010). Bakari et al. (2005) concluded that most higher learning institutions in Tanzania has security problem in their WLAN. The literature dealing with the WLAN security threats, namely: sniffing, invasion and resource stealing, traffic redirection, denial of service attacks and rogue networks and station redirection; will be reviewed in the following section: a. Sniffing The nature of an RF based network leaves it open to packet interception by any radio within range of a transmitter. Interception can occur far outside the users working range by using hi-gain antennas. With readily available tools, the eavesdropper is not limited to just collecting packets for later analysis, but can actually see interactive sessions like web pages viewed by a valid wireless user. An eavesdropper can also catch weak authentication exchanges, like some website logins. The eavesdropper could later duplicate the logon and gain access (Vollbrecht, 2002). Encrypting data between the STA and Access Point (AP) can mitigate eavesdropping of user data. However, the ability to sniff also makes attacks on encryption easier, and mandates requirements for strong encryption algorithms (Vollbrecht, 2002). b. Invasion and resource stealing Once an attacker has gained the knowledge of how a WLAN controls admittance, he may be able to either gain admittance to the network on his own, or steal a valid STAs access. Stealing a STAs access is simple if the attacker can mimic the valid STAs Media Access Control (MAC) address and use its assigned Internet Protocol (IP) address. The attacker waits until the valid system stops using the network and then takes over its position in the network (Vollbrecht, 2002). This would allow an attacker direct access to all devices within a network, or to use the network to gain access to the wider Internet, all the while appearing to be a valid user of the attacked network. To mitigate this danger the AP and STA need to support message integrity, which means that each signs every message sent to the other using a shared key (Hamid, 2003). c. Traffic redirection An attacking STA can poison the Address Resolution Protocol (ARP) tables in switches on the wired network through the AP causing packets for a wired station to be routed to the attacking STA. The attacker can either passively capture these packets before forwarding them to the attacked wired system, or attempt a man-inthe-middle attack. In such an attack, all the susceptible systems could be on the wired network (Vollbrecht, 2002). Link-layer authentication stops an outsider from perpetrating this attack. Networklayer (e.g. Internet Protocol Security (IPsec)) stops an insider from perpetrating this attack. d. Denial of service attacks

Denial of service attacks against a WLAN can range from simple radio interference (a 2.4 GHz cordless phone is an example of such an attacking device) to more subtle attacks against a single STA or AP. An attacking system could replay a captured 802.11 disassociate message, or an 802.1x EAPOL-log off message, and effectively disconnect a STA from the WLAN. It is considered impossible to build a network without some DOS attacks, thus the thrust is to minimize them and to be able to recognize and trace them back to their source (Vollbrecht, 2002). e. Rogue networks and station redirection An 802.11 wireless network is very susceptible to a rogue AP attack. A rogue AP is one owned by an attacker that accepts STA connections and then at a minimum intercepts traffic if not also performing man-in-the-middle attacks before allowing traffic to flow to the proper network. The goal of a rogue is pulling valid traffic from the WLAN to a wired network for attacking (or to conduct the attack directly within the rogue AP) and then reinserting the traffic into the proper network (Vollbrecht, 2002). A newer form of a rogue AP is a STA with two wireless cards. With one, it acts as a valid station to the ESS, with the other it acts as an AP to other STAs. Such rogue Aps could readily be deployed in public areas as well as shared office space areas. 3 Practical Solutions for Securing WLAN Despite the risks and vulnerabilities associated with wireless networking, there are certainly circumstances that demand their usage. Even with the Wired equivalent privacy (WEP) flaws, it is still possible for users to secure their WLAN to an acceptable level. This could be done by implementing the following actions to minimize attacks into the main networks:
i. SSID Service Set Identifier Each ESS has an SSID that it uses to identify the APs that are a part of the ESS. A common way of configuring a network is to require each STA to know the SSID of the AP to which it wants to connect. By default, all APs broadcast their SSID as an advertisement of their presence. SSID provides a very modest amount of control. It keeps a STA from accidentally connecting to a neighboring AP. It does not, by itself, help with other security issues, and in particular it does not keep an attacker from accessing the ESS or from setting up a rogue AP that uses the same SSID as a valid AP (Hamid, 2003). It is possible to turn off SSID broadcasts. This does make WLAN discover by an attacker harder, but when a station PROBES for an AP SSID, the AP responses with a one-time broadcast, so the patient attacker will still discover SSIDs. SSID hiding is impossible, and is not a security measure. ii. Media Access Control (MAC) address filters Some APs provide the capability for checking the MAC address of the STA before allowing it to connect to the network. This provides an additional layer of control in

that only STAs with a registered MAC address can connect. This approach requires that the list of MAC addresses be configured. The list may be kept in long-term memory on the AP, or the AP may send a Remote Authentication Dial-in User service (RADIUS) request with the MAC address as the userid (and a null password) to a central RADIUS server and the RADIUS server will check the list. The RADIUS approach is especially appropriate if the MAC addresses are to be used with multiple APs (Hamid, 2003). Using MAC filters is considered to be very weak security because on many wireless cards it is possible to change the MAC address by reconfiguring the card. An attacker could sniff a valid MAC address from the wireless network traffic and then configure his card to use it and gain access.
iii. Static WEP keys WEP is part of the 802.11 specification. Static WEP key operation requires keys on the STA and AP that are used to encrypt data sent between them. With WEP encryption, sniffing is eliminated and session hijacking is difficult (or impossible). STA and AP are configured with a set of 4 keys, and when decrypting each is used in turn until decryption is successful. This allows keys to be changed dynamically. As described above, keys are the same in all STAs and APs. This means that there is a community key shared by everyone in the ESS. The danger is that if any one in the community is compromised, the community key, and hence the network and everyone else using it, is at risk. As it turns out, the current version of WEP encryption has been proven to be vulnerable. A new security component is being developed within 802.11. Until it is available and deployed, WEP is not strong protection, but provides an important first line of defense according to many security professionals (Hamid, 2003). iv. Dynamics WEP keys There are a number of methods for dynamically setting the WEP keys. The most commonly used now is 802.1x. Kerberos is also used (Hamid, 2003). v. Virtual Private Network (VPPs) Many people use VPNs to protect their connection over a wireless network. This is not strictly a wireless solutionit can be used in any remote access situation. VPNs do provide protection for some of the areas where current Wireless LAN solutions are weak. In particular, VPNs can provide integrity checking and, optionally, encryption of sessions. VPNs only protect the STA traffic routed through the VPN, not the STAs or the network. Without WEP or an equivalent to support Link layer integrity, the connection between the STA and the AP is vulnerable to unsophisticated, easy to mount, denial of service attacks. In addition, the STA and Client are vulnerable to direct attacks. Adding a personal firewall product at a financial and management cost can mitigate the Client risk ( Gayal, 2001). Deploying a firewall between the AP and the network that only allows authenticated VPNs access can provide network protection against attacks, but at a price. The firewall will require each workstation to establish a separate tunnel to the firewall. Authentication of the tunnel is required, and will be managed after the network

connection is established, requiring different support in either the client or the AP. A VPN gateway CAN provide this level of protection directly. However, if the user needs to establish an additional tunnel, to a remote corporate firewall for instance, this will require a tunnel over a tunnel, which is expensive in CPU cycles on the STA and for most VPN clients has not been heavily tested ( Gayal , 2001). In most current situations, using a VPN with a single firewall is a good idea whether dialing in from a remote location or connecting via a wireless Access Point. Adding WEP to the wireless session solves the wireless specific issues ( Gayal, 2001).

Figure 2: Securing a wireless AP (Adapted Gayal, 2001)

vi. Standards-based authentication to WLAN The open nature of WLAN requires authentication of the STAs to the APs. There are no wires to follow to determine which STAs are parts of the network. An authentication process will allow an AP to restrict which STAs can associate with it. However, session authentication by itself, as will be shown, is inadequate for WLAN. WEP lacks message integrity, an essential component in security (ISS, 2001). vii. 802.1X Authentication Wireless networking, compared to other networking technology, needs an authentication and access control mechanism to ensure security. Authentication mechanisms includes: Open system authentication and Shared key authentication (Reference). In open system authentication a client needs an SSID for successful Association. On the other hand in a shared system authentication the client cannot authenticate himself if he doesnt have the WEP shared secret key. WEP protocol is used for encryption (ISS, 2001). Authentication is a process of binding a name to something known and then using that name in all future interactions. The name in 802.11 is the media access or MAC address; the 48-bit value assigned to the WLAN card by its manufacturer. 802.1x is an authentication dialog between the system needing network services and the network. This dialog uses the IETF Extensible Authentication Protocol (EAP). 802.11 WLAN is now specifying the use of IEEE 802.1x (Port-Based Network Access Control) to provide the station authentication. 802.1x consists of a Port Access

Entity (PAE) in all STAs and APs, EAP encapsulation over LANs (EAPOL), and RADIUS Authentication Servers (ASs). 802.1x redefines our traditional understanding of a network interface and adds access authentication services to it. In 802.1x the principal component is the Network Access Port (or just Port) that can either be a physical network interface or a virtual MAC. Above the Port is the Port Access Entity (PAE); the controlling logic that manages which devices packets will be accepted by another device (ISS, 2001).

4 Tools for Protecting WLAN

Different authors used different tools to implement the practical solutions mentioned and discussed in previous section, the tools are: i. AirDefense It is a commercial wireless LAN intrusion protection and management system that discovers network vulnerabilities, detects and protects a WLAN from intruders and attacks, and assists in the management of a WLAN. AirDefense also has the capability to discover vulnerabilities and threats in a WLAN such as rogue APs and ad hoc networks. Apart from securing a WLAN from all the threats, it also provides a robust WLAN management functionality that allows users to understand their network, monitor network performance and enforce network policies (http://www.symantec.com/connect/articles/wireless-intrusion-detection-systems/). ii. Isomair Wireless Sentry This also it is a commercial product that automatically monitors the air space of the enterprise continuously using unique and sophisticated analysis technology to identify insecure access points, security threats and wireless network problems. This is a dedicated appliance employing an Intelligent Conveyor Engine (ICE) to passively monitor wireless networks for threats and inform the security managers when these occur. It is a completely automated system, centrally managed, and will integrate seamlessly with existing security infrastructure. No additional man -time is required to operate the system (http://www.symantec.com/connect/articles/wireless-intrusiondetection-systems/). iii. Wireless Security Auditor (WSA) It is an IBM research prototype of an 802.11 wireless LAN security auditor, running on Linux on an Personal Digital Assistant (PDA). WSA helps network administrators to close any vulnerability by automatically audits a wireless network for proper security configuration. While there are other 802.11 network analyzers such as Ethereal, Sniffer and Wlandump (Reference), WSA aims at protocol experts who want to capture wireless packets for detailed analysis. Moreover, it is intended f or the more general audience of network installers and administrators, who want a way to easily and quickly verify the security configuration of their networks, without having to understand any of the details of the 802.11 protocols (http://www.symantec.com/connect/articles/wireless-intrusion-detection-systems/).

Since the above discussed tools are commercial thus, they have the following disadvantages which are: being costfully, locking a customer to specific company/organization which produced the tool and also, it comes with some license fees. These reasons make them not feasible / viable for the Higher Learning Institutions which have limited budget.

5.0 Method used

For this study, WLANs security will be tested using various free and/or open source (FOS) WLAN analyzers tools and utilities to test and monitor wireless LAN protection at SUA. Analyzers help detection of security vulnerabilities and active attacks, monitor performance and pin-point potential problems, and evaluate network and application usage to spot emerging trends. Table summarizes some of free wireless security tools that can be used: S / No 1 Wireless security tool NetStumbler Description NetStumbler displays wireless access points, SSIDs, channels, whether WEP encryption is enabled and signal strength. NetStumbler can connect with GPS technology to accurately log the precise location of access points (http://www.netstumbler.com).

WEPCrack was the first of the WEP encryption cracking utilities. WEPCrack is an open-source tool used to break 802.11 WEP keys (Beck and Tews, 2008 ) 3 Airsnort Airsnort is a wireless LAN (WLAN) tool which cracks WEP encryption keys. AirSnort passively monitors wireless transmissions and automatically computes the encryption key when enough packets have been gathered (Torres et al., 2010). 4 Kismet Kismet is an 802.11 wireless network detector, sniffer, and intrusion detection system. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of nonbeaconing networks via data traffic (Kismet . 2011). 5 WiFi Scanner WifiScanner analyzes traffic and detects 802.11b stations and access points. It can listen alternatively on all 14 channels, write packet information in real time, search access points and associated client stations. All network traffic may be saved in the libpcap format for post analysis (Paciga and Lutfiyya, 2005). Table 1: FOS WLAN Analyzer tools

WEPCrack

Also, a proposed framework of practical solutions for securing a wireless LAN (WLAN) will be used to study WLAN security measures that have been implemented by SUA. 6.0 Results and Discussions

This section presents the results and analysis after the implementation of free and/or open source WLAN analyzers tools Analysis using Wireshark network protocol analyzer

Figure 3: Wireshark network protocol analyzer Result from Wireshark network protocol analyzer (network sniffer) captured the Internet Protocol (IP) address of a nearby wireless router (Access Point) as well as the MAC address of the wireless router (Access Point). Figure 3 above revealed the captured IP address captured was 192.168.0.1 with a MAC address of 00:13:46:CD:BF:E8. According to Vollbrecht (2002) an attacker can gain the knowledge of how a WLAN controls admittance and be able to either gain admittance to the network on his own, or steal a valid STAs access. Stealing a STAs access is simple if the attacker can mimic the valid STAs MAC address and use its assigned IP address. The attacker waits until the valid system stops using the network and then takes over its position in the network. Use of sniff software like Wireshark, attacker can sniff IP address and MAC address of a valid Access Point and this will allow an attacker direct access to all devices within a network, or to use the network to gain access to the wider Internet . When this happens it will be difficult to identify the attacker (or intruder or hacker) since the intruder / hackers appear to be valid user of the attacked network. Result obtained by using Retina WiFi Scanner Security Information

10

WEP Encryption

WEP Key is not set.

802.11 Wireless Parameters SSID MAC address mazimbu 00:13:46:CD:BF:E8 Max RSSI Network Type Infrastructure Mode Beacon Period ATIM Window -41 (dBm) Direct Sequencing Infrastructure 100 (Kusec) 0 (Kusec) 6

Vendor WEP Rates Standard

Unknown OFF 1,2,5,11,6,12,24,36

IEEE 802.11b Channel Table 2: Retina WiFi Scanner

Table 2 above reveals information about Access Point (AP) obtained using Retina WiFi Scanner. Observation shows that the AP has no WEP Encryption key, the SSID for this particular AP was mazimbu. On the other hand this particular AP has MAC address of 00:13:46:CD:BF:E8 and uses IEEE 802.11b standard. Absence of WEP Encryption key shows that this particular Wireless LAN does not have even basic security features. Hamid, (2003) argues that WEP is not strong protection, but provides an important first line of defense according to many security professionals. With WEP encryption, sniffing is eliminated and session hijacking is difficult (or impossible).

Security Information WEP Encryption WEP Key is not set.

802.11 Wireless Parameters

11

SSID MAC address

ACMSMC01 1C:BD:B9:BE:19:06

Max RSSI Network Type Infrastructure Mode Beacon Period ATIM Window

-76 (dBm) Direct Sequencing Infrastructure 100 (Kusec) 0 (Kusec) 1

Vendor WEP Rates Standard

Unknown OFF 1,2,5,11,9,18,36,54

IEEE 802.11g Channel Table 3: Retina WiFi Scanner

Table 3 above display information about Access Point (AP) obtained using Retina WiFi Scanner. Observation shows this particular AP has no WEP Encryption key, the SSID for this particular AP was ACMSMC01. On the other hand this particular AP has MAC address of 1C:BD:B9:BE:19:06 and uses IEEE 802.11g standard. Absence of WEP Encryption key shows that this particular Wireless LAN does not have even basic security features as well. Wright (2003) argues that WEP is not strong protection, but provides an important first line of defense according to many security professionals. With WEP encryption, sniffing is eliminated and session hijacking is almost (or impossible) (Wright, 2003).

Security Information WEP Encryption WEP Key is not set.

802.11 Wireless Parameters

12

SSID MAC address

ACMSMC02 00:1E:58:9D:37:2 0 Unknown OFF 1,2,5,11,6,12,24,3 6

Max RSSI Network Type Infrastructure Mode Beacon Period ATIM Window

-75 (dBm) Direct Sequencing Infrastructur e 100 (Kusec) 0 (Kusec) 8

Vendor WEP Rates Standard

IEEE 802.11b Channel Table 4: Retina WiFi Scanner

Table 4 above display information about Access Point (AP) obtained using Retina WiFi Scanner. Observation shows this particular AP has no WEP Encryption key, the SSID for this particular AP was ACMSMC02. On the other hand this particular AP has MAC address of 00:1E:58:9D:37:20 and uses IEEE 802.11b standard. Absence of WEP Encryption key shows that this particular Wireless LAN does not have even basic security features. According to many security professionals who argue that WEP is not strong protection, but provides an important first line of defense (Hamid, 2003). With WEP encryption, sniffing is eliminated and session hijacking is difficult (or impossible).

7.0 Proposed Security measures

The deduced information from the above section results and analysis enables the authors to propose the following summary of the security measures for securing Wireless LAN: S/No Proposed Security Measure 1 Implement SSID on all WAPs 2 Implement MAC Address Filters 3 Implement Static as well as Dynamic WEP 4 Utilize Virtual Private Network (VPN) 5 Implement Remote Authentication Dial-in User Service (RADIUS) Server authentication mechanisms Table 5: Framework for securing WLAN

8.0 Conclusion
Since SUA LAN contains some vulnerabilities, then there are some countermeasures, which cannot overcome fully the problem of WLAN, but can protect to a great extent. In this paper, we addressed the problems of security aspects of Wireless Local Area Network at SUA. Then, we applied the free and open source tools to overcome the identified problem.

13

Thereafter the framework to follow in order to minimize the vulnerabilities is proposed (see Table 5). The techniques and experiences recommended from other framework has been incorporated in this paper to enahance the security of IEEE 802.11 WLAN (Yeo, Youssef, and Agrawala. 2004). We restricted access of users to the hotspots (i.e. physical security). No unauthorized person gets access of your laptop or any Work Station, which is in the network because s/he can just copy the secret key or access the WLAN. Thereafter, we configured Access Points for allowing only few MAC addresses, which are there in the Access Control Lists (ACLs). The results are as described in the above section. As proposed by other researchers like (Woodward, 2005) that even though the solutions given in this paper will aid system administrators, IT security experts and network engineers in developing secure measure for their wireless computer network, none of the solutions are absolute. Thus, this calls for more researches in this area. Our future study will be in how we can develop an intrusion detection system for our WLAN.

References
[1] Beck, M. and Tews, E. (2008). Practical attacks against WEP and WPA.Cryptology ePrint Archive, Report 2008/472, 2008. http://eprint.iacr.org/, Last accessed February 12, 2011. [2] Farschi, J. (2003). Wireless Intrusion http://www.securityfocus.com/infocus/1742 Detection Systems. URL:

[3] Gayal S and S. A. Vetha Manickam, (2002). Wireless LAN Security Today and Tomorrow. Pune, India: Center for Information and Network Security, Pune University, URL: http://www.itsec.gov.cn/docs/20090507163620550203.pdf [4] http://www.interlinknetworks.com/rad accessed on 30/10/2010

[5] http://www.symantec.com/connect/articles/wireless-intrusion-detection-systems accessed 19/11/2010 [6] Internet Security Systems (ISS) (2001): Wireless LAN Security 802.11b and Corporate Networks, URL: http://documents.iss.net/whitepapers/wireless_LAN_security.pdf [7] Hamid R.A (2003), Wireless LAN: Security Issues and Solutions, URL: http://www.sans.org/reading_room/whitepapers/wireless/wireless -lan-security-issuessolutions_1009 [8] Kismet . (2011). URL: http://www.kismetwireless.net [9] Paciga, M.; Lutfiyya, H.; "Herecast:an open infrastructure for locationbased services using WiFi," Wireless And Mobile Computing, Networking And

14

Communications, 2005. (WiMob'2005), IEEE International Conference on , vol.4, no., pp.21-28, 24-22 Aug. 2005 [10] Torres, L.M.; Magana, E.; Izal, M.; Morato, D.; Santafe, G.; (2010) "An anomaly-based intrusion detection system for IEEE 802.11 networks," Wireless Days (WD), 2010 IFIP , vol., no., pp.1-6, 20-22 Oct. 2010 [11] Vollbrecht, John, David Rago, and Robert Moskowitz (2002). Wireless LAN Access Control and Authentication, a white paper from Interlink Networks Resource Library, http://www.interlinknetworks.com/images/resource/WLAN_Access_Control.p [12] Woodward A, "Recommendations for wireless network security policy: an analysis and classification of current and emerging threats and solutions for different organisations", in Proc. 3rd Australian Information Security Management Conference, Perth, Western Australia, 2005, pp. 133-140. [13] Wright J. (2003). Detecting wireless LAN MAC address spoofing, URL: www.uninett.no/wlan/download/wlan-mac-spoof.pdf. [14] Pentland, A.; Fletcher, R.; Hasson, A.; "DakNet: rethinking connectivity in developing nations," Computer , vol.37, no.1, pp. 78- 83, Jan. 2004 [15] Jeffrey James, Low-cost information technology in developing countries: current opportunities and emerging possibilities, Habitat International, Volume 26, Issue 1, January 2002, Pages 21-31, ISSN 0197-3975 [16] Jabiri Kuwe Bakari, Charles N. Tarimo, Louise Yngstr?, Christer Magnusson, "State of ICT Security Management in the Institutions of Higher Learning in Developing Countries: Tanzania Case Study," icalt, pp.1007-1011, Fifth IEEE International Conference on Advanced Learning Technologies (ICALT'05), 2005 [17] Sanga, C., Kilima, J. and Busagala, L.S. P. (2010). Optimizing Internet Bandwidth in Higher Learning Institutions: A Case of Sokoine University of Agriculture. International Journal of Computing and ICT Research, Vol. 4, Issue 2, pp. 27-36, ISSN 1996-1065. [18] Flickenger, R. (2007). Wireless Networking in the Developing World. Hacker Friendly LLC. [18] Jihwang Yeo, Moustafa Youssef, and Ashok Agrawala. 2004. A framework for wireless LAN monitoring and its applications. In Proceedings of the 3rd ACM workshop on Wireless security (WiSe '04). ACM, New York, NY, USA

15