SSE554-Project3-Bufford-Furman

=SSE 554: Object-Oriented Design II - Project 3= by Jill Bufford and Hillarie Furman

flat

Introduction
In this final project, project three, we are to demonstrate our capabilities in Advanced Topics from our textbooks. Our textbooks are Writing Secure Code by Michael Howard and David LeBlanc, and Professional C# 2008 by Christian Nagel, Bill Evjen, Jay Glynn, Karli Watson, and Morgan Skinner.

This project is a collaborative effort between Jill Bufford and Hillarie Furman.

Other reference books used for this project are as follows: 1) Wi-Foo The Secrets of Wireless Hacking by Andrew A. Vladimirov, Konstantin V. Gavrilenki, and Andrei A Mikhailovsky, 2) Security + Study Guide Second Edition by Mike Pastore and Emmett Dulaney, 3) Security + Guide to Network Security Fundamentals by Paul Campbell, Ben Calvert, and Steven Boswell. Internet research has also been a resource for this project.

Visual Studio C#.Net is the development environment used for most code examples in this project.

Overview
Since a major part of Jill's role at work has switched from Software Developer to a combination of Systems Analyst, Software Tester, and Technical Support role, she is approaching this project from more of a Software Tester and, more importantly, a Software Security Tester standpoint. Jill's portion of the project focuses on communications, specifically Wireless Communications and Wireless Security. Jill's goal is to give a "down to earth" explanation of Wireless Technology, ideas for Wireless Security, and practical, affordable ways to apply these to protecting your Wireless Network at home.

Hillarie's portion of the project will focus on C# and .NET 3.5 technical topics. First, generics are discussed and then LINQ to SQL is explored. LINQ to SQL features generics so it's important to understand what generics are and how to use them first.

=Generics= by Hillarie Furman

Prior to the .NET CLR 2.0, creating a flexible class or method that can use a class not known at compile time required the use of Object. This implementation meant we had no type safety during compile time. We relied on casting the object to a specific type at runtime, and this came with a negative performance impact.

With the CLR 2.0 (on which C#2008/.NET 3.5 is based), we have a new option: generics. Generic classes use generic types that are replaced with specific type as needed. The compiler will complain if a specific type is not supported with the generic class, so we have type safety with generics.

Most of the CLR 2.0 collection classes are implemented as generic collections. But, generics are not just limited to classes. We can also use generics to implement delegates, interfaces, and methods.

Overview
Generics can be equated to other language concepts, so they are not entirely a new construct. C++ has templates, but the difference is that the source code of the template is necessary when instantiated. In C#, generics are not just a construct of the language, they are defined in the CLR (Common Language Runtime). So, generics written in C# can be instantiated in code written in Visual Basic as well.

Advantages
The biggest advantage of generics is performance. For example, a non-generic collection of value types results in boxing and unboxing when the value time is converted to a reference type and vice versa. What does this mean? Value types (integers, structs, etc) are stored on the stack, while reference types (classes) are stored on the heap. The stack and heap are two areas of storage in memory. .NET allows us to use value types anywhere a reference type (object) is needed. When a value type is converted to a reference type, this is known as //boxing//. This conversion can happen automatically such as passing a value type to a method that expects it as an object parameter. //Unboxing// is when a boxed value type is converted to a value type and requires a cast operator.
 * Performance**

For example, the System.Collections.ArrayList stores objects and thus adding an integer to it requires boxing. code format="csharp" ArrayList list = new ArrayList; list.Add(42); code To retrieve the integer from the ArrayList, an unboxing operation must be done. code format="csharp" int valType = (int)list[0]; code Boxing and unboxing operations are easy but come with a big performance hit, especially when iterating through a large collection of items.

Generics provides the option of the System.Collections.Generic.List class in which we can define the type (T) when it is used. The specified type is then used inside the class that is generated dynamically from the compiler. Thus, boxing and unboxing is no longer done. code format="csharp" List list = new List ; list.Add(23); int enigma = list[0]; code

Another advantage of generics is type safety. If the System.Collections.ArrayList class is used, objects of any type can be added to the collection. In the following code example, we add an integer, string, and DateTime to the collection. code format="csharp" ArrayList list = new ArrayList; list.Add(42); list.Add("String"); list.Add(new DateTime); code If this collection is iterated using a foreach statement that expects the elements to be integers, the compiler will accept the code without errors. But, we will encounter an runtime exception when the string or DateTime element is encountered in the loop. code format="csharp" foreach (int i in list) { Console.WriteLine(i); } code If we use the generic class List, the generic type T defines what types are permitted to be added to the collection. The compiler will not compile code that tries to add an element of the wrong type.
 * Type Safety**

Generics encourage binary code reuse. A generic class is defined once and then instantiated with many different types. The System.Collections.Generic.List class can have any type defined for T. code format="csharp" List intList = new List ; List controlList = new List; List dateList = new List; code
 * Binary code reuse**

Disadvantage
Generics can lead to **code bloat**. A generic class definition goes into the assembly, so instantiating generic classes with specific types doesn't duplicate these classes in the IL (Intermediate Language) code. But, when the generic classes are compiled by the JIT compiler to native code, a new class for every value type is created. Reference types, on the other hand, share the implementation of the same native class. Reference types require only a 4-byte memory address, but value types can vary in memory requirements and thus a new class for every value type is required.

Naming Guidelines
To distinguish generic types from non-generic types, the following guidelines should be followed when naming:

1. Generic type names should be prefixed with the letter T. 2. If the generic type can be replaced by any class because there's no special requirement, and only one generic type is used, the character T is good as a generic type name: code format="csharp" public class List { } public class LinkedList { } code 3. If there's a special requirement for a generic type, or if two or more generic types are used, descriptive names should be used for the type names. code format="csharp" public delegate void EventHandler (object sender, TEventArgs e); public delegate TOutput Converter(TInput from); public class SortedList { } code

Example: Creating a Generic Class
We will look at the C# 2008 text's example of creating a generic class by first starting with a non-generic LinkedListNode class.

In a linked list, one element references the next one. You must create a class that wraps an object in the linked list and references the next object. The LinkedListNode class contains an object for the current value, and also for the next and previous objects. code format="csharp" public class LinkedListNode {       private object value; public LinkedListNode(object value) {           this.value = value; }

public object Value {           get { return value; } }

private LinkedListNode next; public LinkedListNode Next {           get { return next; } internal set { next = value; } }

private LinkedListNode previous; public LinkedListNode Previous {           get { return previous; } internal set { previous = value; } }   } code The LinkedList class tracks the first and last LinkedListNode objects in the list. It contains an AddLast method to add a new element to the end of the list. The class also implements GetEnumerator so that it is possible to iterate through the list with a foreach statement. code format="csharp" public class LinkedList : IEnumerator {       private LinkedListNode first; public LinkedListNode First {           get { return first; } }

private LinkedListNode last; public LinkedListNode Last {           get { return last; } }

public LinkedListNode AddLast(object node) {           LinkedListNode newNode = new LinkedListNode(node); if (first == null) {               first = newNode; last = first; }           else {               last.Next = newNode; last = newNode; }           return newNode; }

public System.Collections.IEnumerator GetEnumerator {           LinkedListNode current = first; while (current != null) {               yield return current.Value; current = current.Next; }       }    } code At this point, the LinkedList can be used with any type. However, if we use value types, boxing and unboxing will occur as we add items to the LinkedList and then iterate through the collection. If we start by adding integers, then add a string, and iterate through the list with a foreach loop expecting an int to be returned, we will encounter a runtime exception.

To avoid these problems, we can create a generic version of the linked list. The LinkedListNode is declared with a generic type T. The field value is now type T instead of object. The constructor is changed as well to accept T. code format="csharp" public class LinkedListNode {       private T value; public LinkedListNode(T value) {           this.value = value; }

public T Value {           get { return value; } }

private LinkedListNode next; public LinkedListNode Next {           get { return next; } internal set { next = value; } }

private LinkedListNode previous; public LinkedListNode<T> Previous {           get { return previous; } internal set { previous = value; } }   } code We can convert the LinkedList class to a generic LinkedList<T> class in the same way. In addition, we can use the generic version of IEnumerable that returns IEnumerator<T> for GetEnumerator. code format="csharp" public class LinkedList<T> : System.Collections.Generic.IEnumerable<T> {       private LinkedListNode<T> first; public LinkedListNode<T> First {           get { return first; } }

private LinkedListNode<T> last; public LinkedListNode<T> Last {           get { return last; } }

public LinkedListNode<T> AddLast(T node) {           LinkedListNode<T> newNode = new LinkedListNode<T>(node); if (first == null) {               first = newNode; last = first; }           else {               last.Next = newNode; last = newNode; }           return newNode; }

public System.Collections.Generic.IEnumerator<T> GetEnumerator {           LinkedListNode<T> current = first; while (current != null) {               yield return current.Value; current = current.Next; }       }    } code Here is how the generic LinkedList<T> is instantiated with an int type without boxing: code format="csharp" LinkedList list = new LinkedList ; list.AddLast(1); list.AddLast(3); list.AddLast(5);

foreach (int i in list) {               Console.WriteLine(i); } code Of course we are not limited to using an int. We can use a string or any other type, including our own custom classes.

Generic Class Features
For the following discussion of generic class features, we'll follow the C# 2008 Document Manager example. The document manager reads and writes documents from a queue. Here is our starting code: code format="csharp" public class DocumentManager<T> {       private readonly Queue<T> documentQueue = new Queue<T>;

public void AddDocument(T doc) {           lock (this) documentQueue.Enqueue(doc); }

public bool IsDocumentAvailable {           get { return documentQueue.Count > 0; } }   } code

Default Values
It is not possible to assign null to generic types. A generic type can also be instantiated as a value type, and null is only permitted for reference types. To get around this limitation, you can use the keyword 'default'. When 'default' is used, null is assigned to any reference types and '0' is assigned to any value types.

Let's demonstrate this by adding a GetDocument method to the DocumentManager<T> class. code format="csharp" public T GetDocument {           T doc = default(T); lock (this) doc = documentQueue.Dequeue;

return doc; } code Keep in mind that the 'default' keyword has different uses depending on the context of its use. A switch statement's default keyword has a different meaning than the use of default to instantiate a generic as null.

Constraints
After adding a public interface called IDocument, with two getter/setters Title and Content, and a Document which implements this interface, we'll need to add constraints if our generic class needs to invoke these methods. The DocumentManager<T> will display all document titles via a DisplayAllDocuments method, so a constraint is needed.

The reason for this is that the "old" way of casting the type to IDocument specifically to accomplish this task will result in a runtime exception if the type T does not implement IDocument. Instead, we define a constraint with the DocumentManager<TDocument> class so that TDocument must implement the interface IDocument. Casting to IDocument will then no longer be necessary, and the compiler will catch any non-IDocument types used as T that may cause a runtime exception. Adding a constraint is done with the where keyword in the class declaration: code format="csharp" public class DocumentManager<TDocument> where TDocument : IDocument code Other constraint types are available to use.
 * where T : struct //Type T must be a value type//
 * where T : class //Type T must be a reference type//
 * where T : IFoo //Type T must implement interface IFoo//
 * where T : Foo //Type T is required to derive from base class Foo//
 * where T : new //Type T must have a default constructor//
 * where T1 : T2 //Type T1 must derive from generic type T2 (naked type constraint)//

Constraints can be combined as such: code format="csharp" public class GenericClass<T> where T : IFormatProvider, new code

Inheritance
A generic type can implement a generic interface or it can derive from a generic base class. The Derived class must repeat the same generic types, or specify the type of the base class as such: code format="csharp" class Derived<T> : Base {   } code You can specialize for specific types in this way: code format="csharp" public abstract class Calc<T> {       public abstract T Add(T x, T y); public abstract T Sub(T x, T y); }

public class IntegerCalc<T> : Calc {       public override int Add(int x, int y)        { return x + y;       }

public override int Sub(int x, int y)       { return x - y;       } } code

Static Members
Static members of a generic class are only shared with one instantiation of the class. For example, the generic class StaticDemo<T> contains a static field x as type integer. If we instantiate two StaticDemo<T> with a string and an int type, we get two static fields representing x. code format="csharp" StaticDemo .x = 4; StaticDemo<DateTime>.x = 9;

Console.WriteLine("int value = {0}", StaticDemo .x); Console.WriteLine("DateTime value = {0}", StaticDemo<DateTime>.x); code The resulting output will be: code format="csharp" int value = 4 DateTime value = 9 code

flat

=LINQ to SQL= The .NET Language Integrated Query Framework (LINQ) was a big feature introduced into C# 2008. LINQ is a lightweight facade over programmatic data integration. In the words of our text authors, data is king. Moving from a strongly typed object-oriented language like C# into the data tier can be a challenge to developers. LINQ provides a strongly typed interface to underlying data stores such as databases and XML files. Queries become first-class citizens that are treated like types in the system.

LINQ to SQL in particular is a means of strongly typing an interface to a SQL Server database. Other LINQ technologies exist for Objects, DataSets, Entities, and XML. LINQ to SQL not only allows us the ability to query data, but to also perform CRUD operations (Create / Read / Update / Delete). In addition, we can interact with and customize CRUD actions with our own business logic.

For the purposes of this project, we will use a test database for a web application that provides the U.S. Navy access to radar threat libraries. Submarine crew connect to this web app and download libraries to load into their systems. We will not be using production data due to the sensitive and classified nature of the data.

Example: How to Setup LINQ to SQL in Visual Studio
Visual Studio 2008 provides valuable user interface tools to work with LINQ to SQL. By default, the LINQ to SQL DLL is referenced when you create a new project as System.Linq is part of the System.Core assembly.

To begin, we will add a SQL Server database to the project by right-clicking the project in Visual Studio Solution Explorer, and selecting "Add Existing Item". Then, we select the MDF file which represents our database. Visual Studio then prompts us to select with database objects (tables, stored procedures, etc.) that should be included in the DataSet it is going to create on our behalf.

Figure 2.1 Visual Studio's Data Source Configuration Wizard that allows user to pick the objects to include in the DataSet.

This configuration utility will then create a DataSet XSD file which represents our database structures. Visually, this file looks like a database diagram that shows the objects and their relationships. The next task is to add a LINQ to SQL class to our project. A LINQ to SQL class is not a plain-jane class, but it's own option in the Visual Studio "Add New Item" dialog. We will name the new class NavyDB.dbml.

The Visual Studio IDE provides an O/R Designer tool that is activated when we double-click the NavyDB.dbml file. It is made up of two parts: One panel is for data classes (tables, classes, associations, and inheritances) and the other panel is for methods that can map to the stored procedures within a database. Objects can be dragged and dropped onto these panels to auto-generate the code to support interaction with them.

Creating a User Object
For this example, we will work with the Users table. To setup our project to work with the table, we open the Solution Explorer and drag the Users table onto the O/R Designer interface.

Figure 2.2 Dropping the User table onto the O/R Designer allows us to begin interacting with the table as an object.

Dropping this table onto the designer performed a lot of "magic". Here's some code that was generated in the NavyDB.dbml file. code format="csharp" [Table(Name="dbo.nuwc_User")] public partial class nuwc_User : INotifyPropertyChanging, INotifyPropertyChanged {

private static PropertyChangingEventArgs emptyChangingEventArgs = new PropertyChangingEventArgs(String.Empty);

private decimal _User_ID;

private decimal _UserType_ID;

private decimal _Org_ID;

private string _LoginName;

private string _Password;

private bool _IsActive;

private string _FirstName;

private string _LastName;

private string _Street1;

private string _Street2;

private string _City;

private string _State;

private string _Country; code As you can see from this code snippet, it's created a new nuwc_User class and auto-generated some properties that represent the fields in the table. To work with these new objects, we can perform a query like this: code format="csharp" NavyDBDataContext dataContext = new NavyDBDataContext; var query = dataContext.nuwc_Users;

foreach (nuwc_User user in query) {               Console.WriteLine("{0} | {1}",                    user.FirstName, user.LastName); } code The DataContext object maps to a Connection type object and connects to our database for any required operations. The next line uses the a var keyword, an implicitly typed variable. The type will be set by the compiler. In this example, the actual type that will be used by the compiler is System.Data.Linq.Table<nuwc_User>. The same line of code could have been explicitly written as: code format="csharp" Table<nuwc_User> query = dataContext.nuwc_Users; code The preference of whether to explicitly type the variables, or to use var is up for debate. Programmers who inherit this code may more easily understand what is going on if variables are explicitly typed.

The foreach loop then selects each nuwc_User object from the Table<nuwc_User> and simply outputs the first and last name. It is not a complicated query but this gives a brief insight into how to begin building LINQ to SQL queries. Here's the output of our test database: <span style="font-family: 'Courier New',monospace;"> MERC | ADMIN USS | Asheville USS | Atlanta USS | CHICAGO USS | JIMMYCARTER Hillarie | Furman AUDIT | USER Joe | Smith James | Bond

Example: Working Without O/R Designer
What if we choose not to use the Visual Studio O/R Designer? While the tool makes LINQ to SQL easy to setup and use, we can do everything manually to provide the most control and understand what is actually happening "under the hood".

Custom Object
In this example, we'll setup LINQ to SQL for the nuwc_Library table. The first step is to create a custom object to expose the table as a class. To do so, we need to use the System.Data.Linq.Mapping assembly to add LINQ attributes to our class and properties. The Table attribute allows us to name our class a more programming-friendly "Library" rather than "nuwc_Library" as the database table is actually named. Likewise, we can use LibraryId for the property name rather than "Library_ID" as it's corresponding table column is named. The Column attribute also has a IsPrimaryKey property we can set as true for the LibraryId property. code format="csharp" using System.Data.Linq.Mapping;

namespace LINQtoSQL_Example {   [Table(Name="nuwc_Library")] public class Library {       [Column(IsPrimaryKey = true, Name = "Library_ID")] public int LibraryId { get; set; }

[Column(Name = "LibraryFormat_ID")] public int LibraryFormatId { get; set; }

[Column(Name = "User_ID")] public int UserId { get; set; }

[Column(Name = "GeoArea_ID")] public int GeoAreaId { get; set; }

[Column] public string Name { get; set; }

[Column] public string CalendarYear { get; set; }

[Column] public string Version { get; set; }

[Column] public DateTime UploadDate { get; set; }

[Column] public DateTime ExpireDate { get; set; }

[Column] public string ZipDirectory { get; set; } } } code

Querying the Custom Object
We can then query the database for the nuwc_Library table. In the Visual Studio example, we used a custom DataContext object that was created by the Visual Studio O/R Designer and it was strongly-typed. We can also create a custom, strongly-typed DataContext object, but for right now we will demonstrate how to use the base DataContext object.

We can create a DataContext object by passing it a Data Source connection string to the MDF file. The Log property is set to Console.Out so we can see the query the DataContext object uses when we ask for something. In this example, we ask for the collection of Library objects by using the GetTable<TEntity> method, passing Library in for TEntity. Then we can iterate through the table with a foreach statement. code format="csharp" DataContext dc = new DataContext(@"Data Source=.\SQLEXPRESS;       AttachDbFilename=ESLibrary_Data.MDF;        Integrated Security=True; User Instance=True;");

dc.Log = Console.Out;

Table<Library> libraries = dc.GetTable<Library>;

foreach (Library lib in libraries) {        Console.WriteLine("{0}: {1}", lib.Name, lib.Version); } code Here is the output that includes both the query and the libraries iteration: <span style="font-family: 'Courier New',Courier,monospace;"> SELECT [t0].[Library_ID] AS [LibraryId], [t0].[LibraryFormat_ID] AS [LibraryFormatId], [t0].[User_ID] AS [UserId], [t0].[GeoArea_ID] AS [GeoAreaId], [t0].[Name], [t0].[CalendarYear], [t0].[Version], [t0].[UploadDate], [t0].[ExpireDate], [t0].[ZipDirectory] FROM [nuwc_Library] AS [t0] -- Context: SqlProvider(Sql2005) Model: AttributedMetaModel Build: 3.5.30729.1

rnb-56.asc: 00 rnb-56.asc: 01 rnb-58.asc: 01 csl-sol.csl: 00 csl-hp.csl: 00 rnb-56.asc: 02 rnb-56.asc: 03 rnb-56.asc: 04 rnb-58.asc: 01 If we do not need all the columns in our query, we can omit the corresponding properties in the Library class.

Example: Create a Custom DataContext Object
We can exert more control by creating a custom DataContext object rather than using the base DataContext. We just need a new class that inherits from DataContext: code format="csharp" public class NuwcDataContext : DataContext {       public Table<Library> Libraries;

public NuwcDataContext : base(@"Data Source=.\SQLEXPRESS;               AttachDbFilename=ESLibrary_Data.MDF;                Integrated Security=True; User Instance=True;") {

}   } code Note that we can now strongly-type our nuwc_Library table with the property Table<Library> Libraries. Our previous code now can be modified to use this new DataContext: code format="csharp" NuwcDataContext dc = new NuwcDataContext; Table<Library> libraries = dc.Libraries;

foreach (Library lib in libraries) {               Console.WriteLine("{0}: {1}", lib.Name, lib.Version); } code

Example: More Advanced Queries
Rather than using this syntax: code format="csharp" Table<Library> libraries = dc.Libraries; code We can also use a **query expression** to achieve the same result of selecting all records. code format="csharp" var query = from p in dc.Libraries select p;

foreach (Library lib in query) {               Console.WriteLine("{0}: {1}", lib.Name, lib.Version); } code There are many query expressions we can use in our code:


 * **Segmentation** || **Syntax** ||
 * Project || select <//expression//> ||
 * Filter || where <//expression//>, distinct ||
 * Test || any <//expression//>, all <//expression//> ||
 * Join || <//expression//> join <//expression//> on <//expression//> equals <//expression//> ||
 * Group || group by <//expression//>, into <//expression//>, <//expression//> group join <//decision//> on <//expression//> equals <//expression//> into <//expression//> ||
 * Aggregate || count([<//expression//>]), sum(<//expression//>), min(<//expression//>), max(<//expression//>), avg(<//expression//>) ||
 * Partition || skip [while] <//expression//>, take [while] <//expression//> ||
 * Set || union, intersect, except ||
 * Order || order by <//expression//>, <//expression//> [ascending | descending] ||

We can filter with the where and distinct keywords. The bonus here is that we're not limited to SQL statements! We can use C# methods as such: code format="csharp" var query = from p in dc.Libraries where p.Name.StartsWith("rnb") select p; code Query expressions can also be concatenated: code format="csharp" var query = from p in dc.Libraries where p.Name.StartsWith("rnb") where p.Version.Equals("00") select p; code
 * Filtering**

We can work with multiple tables and perform joins with query expressions. Here's an example of joining the LibraryQueue (a table that stores what libraries a user has selected to download during their current browsing session, similar to a shopping cart on an e-commerce website) to the Library table: code format="csharp" var query = from q in dc.Queue join l in dc.Libraries on q.LibraryId equals l.LibraryId orderby q.AddDate select new { q.AddDate, l.Name, l.Version };
 * Joins**

foreach (var item in query) {               Console.WriteLine("{0} ({1}), {2}",                    item.Name, item.Version, item.AddDate.ToShortDateString); } code For each record (LibraryQueue object) in the LibraryQueue, join it to the Library record in the Library table that matches on the LibraryId property. Order the records by AddDate and only select the AddDate, Name, and Version columns. We can then iterate through this query and Visual Studio Intellisense will know from our query expressions which columns can be accessed by the item variable. Here is the output: <span style="font-family: 'Courier New',Courier,monospace;"> rnb-56.asc (03), 6/20/2008 rnb-56.asc (03), 3/15/2010 rnb-56.asc (00), 3/15/2010

Example: Using Stored Procedures
Perhaps you already have an extensive set of stored procedures in your database and don't wish to replicate the queries in LINQ to SQL. Fear not, LINQ to SQL is still a viable option. If you use the O/R Designer, you can drag and drop a stored procedure to create methods to call from the DataContext object.

In this example, we'll drag the "nuwc_spGetGeoAreaList" stored procedure onto the O/R Designer. The method name defaults to the name of the stored procedure, but since we like more friendly method names, we can change it to GetGeoAreaList.

Here is how we'll call the stored procedure using LINQ to SQL: code format="csharp" NavyDBDataContext dataContext = new NavyDBDataContext;

ISingleResult<nuwc_spGetGeoAreaListResult> result = dataContext.GetGeoAreaList;

foreach (nuwc_spGetGeoAreaListResult item in result) {               Console.WriteLine(item.DisplayText); } code You must use the ISingleResult object collection to store the results of the stored procedure call.

Summary
The LINQ capabilities in C# 2008 are exciting and spectacularly easy to setup and begin using out of the box. You gain the benefit of strongly-typed queries and familiar C# syntax and keywords. You can begin writing queries or you can adapt to use existing stored procedures.

flat

=Wireless Communications= by Jill Bufford

Wireless Network Technology
While most people think of the neighborhood bookstore or coffee shop's "hotspot" when wireless network is mentioned, it is both that and many other things as well. A wireless network can be a network that uses electromagnetic waves (Radio Frequency waves) to carry data over the airwaves. A wireless network can also use light waves of visible or infrared light (in either normal or laser form) as its transmission media.
 * What is the Technology of a Wireless Network?**

While Radio Frequency wireless is by far the most common wireless media, light wave is commonly utilized where containment of data within a defined area is needed (such as military high security areas).

Although a wireless network adds security challenges, it also provides numerous advantages. A computer or other network device can be used without network wiring anywhere in the coverage area of the network. Several computers can share a single internet connection. Printers or other peripherals can be setup within the coverage area and accessed by any of the connected computers. File sharing, game playing with multiplayer software, easy relocation of computers, and easy integration a variety of other electronic devices are just some of the advantages.
 * Advantages of a Wireless Network**

A wireless network can contain a wide variety of devices; however, most will contain at least the following:
 * Most Common Wireless Network Devices**


 * A **Modem** (modulator-demodulator) is a device which connects the network to the world-wide-web. The exact type would depend on how the internet was provided to the wireless network. Some of the types of modem include dial-up, DSL, and cable modems.
 * **Computers** or other devices for e-mail or web surfing
 * **Network printer** (which allows one printer to service any network user).
 * **Wireless router** A device that controls communication to and from the wireless devices. The router may also contain a network switch to allow some computers to be connected with Ethernet cables.

Figure 1.1 – A Typical Wireless Network Configuration


 * Other Wireless Network Devices**

Other devices that are becoming more common on wireless networks include
 * Video gaming consoles like the X-box or Play Station
 * Home entertainment centers
 * Telephone over internet devices such as Skype. Skype takes voice and/or video and connects to another computer somewhere around the globe, and sets up a telephone or telephone with video, 2-way conversation. Skype and Vontage are two of the most popular telephone over internet device types.
 * Hardwire Firewalls (hardware built into router and switch in a wireless network).


 * Industry Standards for Equipment in a Wireless Network**

There are industry standards for equipment in wireless networks to ensure that network parts work together without conflict. These standards (Wi-Fi Technologies) are usually referred to by their IEEE section number 802.11 with individual releases having a letter suffix (ie. 802.11g). Each release has individual parameters.

There are several specifications in the 802.11 family. The following is a Wireless LAN Standards chart from the Quick Reference section of Webopedia which gives an excellent comparison.


 * **Standard** || **Data Rate** || **Modulation Scheme** || **Security** || **Pros/Cons & More Info** ||
 * IEEE 802.11 || Up to 2Mbps in the 2.4GHz band || FHSS or DSSS || WEP & WPA || This specification has been extended into 802.11b. ||
 * IEEE 802.11a (Wi-Fi) || Up to 54Mbps in the 5GHz band || OFDM || WEP & WPA || Products that adhere to this standard are considered "Wi-Fi Certified." Eight available channels. Less potential for RF interference than 802.11b and 802.11g. Better than 802.11b at supporting multimedia voice, video and large-image applications in densely populated user environments. Relatively shorter range than 802.11b. Not interoperable with 802.11b. ||
 * IEEE 802.11b (Wi-Fi) || Up to 11Mbps in the 2.4GHz band || DSSS with CCK || WEP & WPA || Products that adhere to this standard are considered "Wi-Fi Certified." Not interoperable with 802.11a. Requires fewer access points than 802.11a for coverage of large areas. Offers high-speed access to data at up to 300 feet from base station. 14 channels available in the 2.4GHz band (only 11 of which can be used in the U.S. due to FCC regulations) with only three non-overlapping channels. ||
 * IEEE 802.11g (Wi-Fi) || Up to 54Mbps in the 2.4GHz band || OFDM above 20Mbps, DSSS with CCK below 20Mbps || WEP & WPA || Products that adhere to this standard are considered "Wi-Fi Certified." May replace 802.11b. Improved security enhancements over 802.11. Compatible with 802.11b. 14 channels available in the 2.4GHz band (only 11 of which can be used in the U.S. due to FCC regulations) with only three non-overlapping channels. ||
 * IEEE 802.16 (WiMAX) || Specifies WiMAX in the 10 to 66 GHz range || OFDM || DES3 and AES || Commonly referred to as WiMAX or less commonly as WirelessMAN or the Air Interface Standard, IEEE 802.16 is a specification for fixed broadband wireless metropolitan access networks (MANs) ||
 * IEEE 802.16a (WiMAX) || Added support for the 2 to 11 GHz range. || OFDM || DES3 and AES || Commonly referred to as WiMAX or less commonly as WirelessMAN or the Air Interface Standard, IEEE 802.16 is a specification for fixed broadband wireless metropolitan access networks (MANs) ||
 * Bluetooth || Up to 2Mbps in the 2.45GHz band || FHSS || PPTP, SSL or VPN || No native support for IP, so it does not support TCP/IP and wireless LAN applications well. Not originally created to support wireless LANs. Best suited for connecting PDAs, cell phones and PCs in short intervals. ||
 * HomeRF || Up to 10Mbps in the 2.4GHZ band || FHSS || Independent network IP addresses for each network. Data is sent with a 56-bit encryption algorithm. || Note: HomeRF is no longer being supported by any vendors or working groups. Intended for use in homes, not enterprises. Range is only 150 feet from base station. Relatively inexpensive to set up and maintain. Voice quality is always good because it continuously reserves a chunk of bandwidth for voice services. Responds well to interference because of frequency-hopping modulation. ||
 * HiperLAN/1 (Europe) || Up to 20Mbps in the 5GHz band || CSMA/CA || Per-session encryption and individual authentication. || Only in Europe. HiperLAN is totally ad-hoc, requiring no configuration and no central controller. Doesn't provide real isochronous services. Relatively expensive to operate and maintain. No guarantee of bandwidth. ||
 * HiperLAN/2 (Europe) || Up to 54Mbps in the 5GHz band || OFDM || Strong security features with support for individual authentication and per-session encryption keys. || Only in Europe. Designed to carry ATM cells, IP packets, Firewire packets (IEEE 1394) and digital voice (from cellular phones). Better quality of service than HiperLAN/1 and guarantees bandwidth. ||
 * OpenAir || Pre-802.11 protocol, using Frequency Hopping and 0.8 and 1.6 Mb/s bit rate || CSMA/CA with MAC retransmissions || OpenAir doesn't implement any encryption at the MAC layer, but generates Network ID based on a password (Security ID) || OpenAir is the proprietary protocol from Proxim. All OpenAir products are based on Proxim's module. ||

Security for Wireless Networks
While the introduction of wireless has added a number of new vulnerabilities, technology development is providing counter measures for each of them. As with most things in life, as the white hats close a vulnerability window, the black hats open another. This of course provides employment opportunities for both sides.

Below is a recap of the typical configuration of a wireless network, since we will be discussing this further.

Figure 1.2: Recap- Configuration of a Typical Wireless Network


 * Defining the Threat and War Driving**

To understand what security is needed for a wireless network, we must first understand the threat. We must determine who wants to penetrate our network, why would they want to do so, and what do they wish to accomplish when they get there. I live in a semi-rural part of Bibb County, Georgia, close to a highly traveled state highway (Hwy 247). In a twenty mile stretch close to my house, 247 passes residential, commercial, industrial, military, and farming areas. Driving down this highway shows numerous networks from open (no security), to well secured networks. Addition of antenna boosters and packet sniffer software (War Driving), would show many more networks with even better security, from mostly commercial and military sources.

To quote Wikipedia, "**Wardriving** is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer or PDA". As I look at the list of networks generated in the short drive (mentioned in the paragraph above), it becomes obvious that there can be as many motives for "cracking" as there are networks. In our present society, information is a most valuable commodity. Motives such as untraceable access for pedophiles, identity theft, industrial espionage, customer lists, financial information, and military secrets come immediately to mind.All of the above motives combined with the ease of penetrating a wireless network with little chance of being caught (and even less of being prosecuted); produce an open season on wireless networks.

How do you know the security status of your wireless network, even for instance, your wireless network at home? Making sure your anti-virus/malware software is activated and current is probably the first security item to check. Next, make sure your operating system updates are current.
 * Wireless Security Testing – Site Survey**

In addition, with proper planning, penetration testing of your own network would allow you to quickly obtain a large amount of information concerning the state of your network. Part of this would include a site survey. A site survey is a comprehensive mapping of the "electronic footprint" of your network as well as any nearby networks that may cause interference.

To conduct this testing, a certain amount of equipment would be required. Some type of cpu (computer processing unit) would be needed. While many sources would suggest a PDA, I feel that for most people, a laptop would be a better choice as it would not require extensive modification to perform the job. For some purposes, two PCMCIA slots are needed on the laptop. Also, to the laptop, you would need to add a wireless client card. The wireless client card acts as a stronger wireless receiver than the receiver that’s built-in to your laptop. Plus, the wireless client card will allow you to connect to an external antenna such as a directional antenna or a gain antenna. Now, add some packet sniffer and other software and you are ready for a little "War Driving". To quote wikipedia once more, "Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer or PDA." Wardriving is really fun by the way!

"Software for wardriving is freely available on the Internet, notably NetStumbler for Windows, Kismet or SWScanner for Linux, FreeBSD, NetBSD, OpenBSD, DragonFly BSD, and Solaris, and KisMac for Macintosh. There are also homebrewed wardriving applications for handheld game consoles that support Wi-Fi, such as sniff_jazzbox/wardrive for the Nintendo DS, Road Dog for the Sony PSP, WiFi-Where for the iPhone, and |G-MoN for the Android operating system and WlanPollution for Symbian NokiaS60 devices. There also exists a mode within Metal Gear Solid: Portable Ops for the Sony PSP (wherein the player is able to find new comrades by searching for wireless access points) which can be used to wardrive. Treasure World for the Nintendo DS is a commercial game in which gameplay wholly revolves around wardriving."

Wireless Security - How to Affordably Protect Your Home Wireless Network
What can you do to secure your wireless network? Most home networks don’t use the most basic of security measures. The best lock in the world doesn’t work if you don’t use it. As stated above, making sure your anti-virus/malware software is activated and current, is probably the first security item to check. Next, make sure your operating system updates are current.

Another one of the easiest ways to implement decent security on a wireless network is to start with a decent router. Cisco’s Linksys Wireless-G Router (WRT54G) is a good example. It is inexpensive, commonly available, easily configurable, and it has four built in hard wired ports.

The software security settings available for a wireless router include:
 * Disabled
 * WPA Personal
 * WPA Enterprise
 * WPA2 Personal
 * WPA2 Enterprise
 * RADIUS
 * WEP

Authentication is the process of identifying the user, and authorization occurs afterward to verify if the identified user is allowed to access a specific resource. According to wikipedia, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.

WPA is a security technology for wireless networks. WPA improves on the authentication and encryption features of WEP (Wired Equivalent Privacy). In fact, WPA was developed by the networking industry in response to the shortcomings of WEP.
 * WPA**

One of the key technologies behind WPA is the Temporal Key Integrity Protocol (TKIP). TKIP addresses the encryption weaknesses of WEP. Another key component of WPA is built-in authentication that WEP does not offer. With this feature, WPA provides roughly comparable security to VPN tunneling with WEP, with the benefit of easier administration and use.

RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service. By itself, RADIUS does little for security, but adds additional security with the use of WEP.
 * RADIUS (Remote Authentication Dial In User Service)**

WEP is a protocol that adds security to wireless local area networks (WLANs) based on the 802.11 Wi-Fi standard. WEP is an OSI Data Link layer (Layer 2) security technology that can be turned "on" or "off." WEP was designed to give wireless networks the equivalent level of privacy protection as a comparable wired network.
 * WEP**

WEP is based on a security scheme called RC4 that utilizes a combination of secret user keys and system-generated values. The original implementations of WEP supported so-called 40-bit encryption, having a key of length 40 bits and 24 additional bits of system-generated data (64 bits total). Research has shown that 40-bit WEP encryption is too easy to decode, and consequently product vendors today employ 128-bit encryption (having a key length of 104 bits, not 128 bits) or better (including 152-bit and 256-bit WEP systems).

When communicating over the wire, wireless network equipment uses WEP keys to encrypt the data stream. The keys themselves are not sent over the network but rather are generally stored on the wireless adaptor or in the Windows Registry.

Regardless of how it is implemented on a wireless LAN, WEP represents just one element of an overall WLAN security strategy. WEP is probably what I recommend as the best for home use.

You can enable or disable SSID broadcast (the broadcasting of the network name).

The WRT54G has a built in firewall with options to block anonymous internet requests, filter multicast, filter internet NAT redirection, and filter IDENT (poor 113).


 * Other Security Settings on a Wireless Router**

//Block WAN Request// By enabling the Block WAN Request feature, you can prevent your network from being "pinged," or detected, by other Internet users. The Block WAN Request feature also reinforces your network security by hiding your network ports. Both functions of the Block WAN Request feature make it more difficult for outside users to work their way into your network. This feature is enabled by default. Uncheck to disable this feature.

//Filter Multicast// Enable this option if you do not wish to receive multicast traffic that is sometime sent by your ISP.

//Filter Internet NAT Redirection// This feature uses Port Forwarding to prevent access to local servers from your local networked computers.

//Filter IDENT (Port 113)// This filter prevents outside intruders from attacking the router through the internet using service port 113. Select Enable to prevent attack through this service port. However, some applications may require this service port to be available. If needed, uncheck to allow those applications to work

VPN - Virtual Private Network
Virtual Private Networking (VPN) is typically used for work-related networking.

As defined by Wikipedia, "//a Virtual Private Network (VPN) is a computer network that is layered on top of an underlying computer network. The private nature of a VPN means that the data travelling over the VPN is not generally visible to, or is encapsulated from, the underlying network traffic. Similarly, the traffic within the VPN appears to the underlying network as just another traffic stream to be passed. A VPN connection can be envisioned as a "pipe within a pipe", with the outer pipe being the underlying network connection.//" In other words, a VPN is separated by software, from the normal data stream, to where it’s not obvious that it’s really there.


 * VPN Pass-Through**

In VPN you can also enable or disable IPSEC, PPTP, and L2TP pass-through.

Virtual Private Networking (VPN) is typically used for work-related networking. For VPN tunnels, the Router supports IPSec Pass-Through and PPTP Pass-Through.
 * //IPSec// - Internet Protocol Security (IPSec) is a suite of protocols used to implement secure exchange of packets at the IP layer. To allow IPSec tunnels to pass through the Router, IPSec Pass-Through is enabled by default. To disable IPSec Pass-Through, uncheck the box next to IPSec.
 * //PPTP// - Point-to-Point Tunneling Protocol is the method used to enable VPN sessions to a Windows NT 4.0 or 2000 server. To allow PPTP tunnels to pass through the Router, PPTP Pass-Through is enabled by default. To disable PPTP Pass-Through, uncheck the box next to PPTP.

Summary
Jill has approached this project from a Software Security Tester’s standpoint. Jill's portion of the project focused on the advanced topic of communications, specifically Wireless Communications and Wireless Security. Jill gave a "down to earth" explanation of Wireless Technology, ideas for Wireless Security, and practical, affordable ways to apply these to protecting your Wireless Network at home. Remember, a wireless router with all default settings, is better than nothing at all.

flat