NoCat – Wireless Network Security
By Danny Tsechansky, Staff Writer
Monday, 12 January 2004 08:41 EST
Wireless technology, with its freedom of flexibility, its low cost equipment, provides a powerful solution to connect large numbers of computers through an air-network without cables. Despite of its advantages, if not treated correctly, wireless technology provides a real threat to wireless-based communities and networks.
As the built-in wireless security mechanism, WEP (Wired Equivalent Privacy) has shown its weaknesses, problems and its disability to provide authentication and data integrity checks, more and more third-party tools where developed in order to bolster wireless networks security.
On of these tools is the open source program – NoCatAuth. Herein, a glimpse at NoCatAuth system as a tool for enhancing wireless networks security is given.
Captive Portals
Captive portals became very popular among wireless community and hotspot operator, since they provide user authentication and resource management solutions. The authentication is usually done via a central authentication server and any connections beyond that server are prohibited.
A captive portal operates in two modes when dealing with wireless infrastructure: a closed captive portal and an open captive portal.
In closed operation mode, a user must supply authentication credentials before an access is granted. In open operation mode, the user must accept the terms of use before an access is granted – this mode is usually deployed in public wireless networks.
NoCatAuth
NoCatAuth is an open source captive portal, which operates in both modes and designed to provide high-level authentication system for gateways. It’s written in Perl and designed to run under Linux. NoCatAuth is comprised of two major components: a gateway service and an authentication service.
The NoCatAuth authentication service component is responsible for presenting a login prompt and as a middle service between the gateway service and the user. If the supplied credentials match the user database, the authentication service sends a PGP singed message to the gateway service, which can now verify the authenticity of the message. To keep user privacy, the authentication credentials are supplied using an SSL web page.
The gateway service is responsible for blocking any data-flow (except the authentication service) until the user is authenticated. Once the authentication process is completed, data-flow is granted.
NoCatAuth becomes the credential backbone in wireless-based communities and networks. That’s not surprising, due to its minimal requirements and its independence of any specific wireless technology.
|
|
|
Latest News
eEye released integer overflow auditing tool
16.02.07 Vulnerability research company eEye Security has released a free security vulnerability auditing tool that helps spotting possible integer overflow vulnerabilities.
AES Password Manager 2.3 released
16.02.07 AES software has announced the availability of AES Password Manager 2,3, the latest version of their password management application that allows users automatically access password-protected web sites and email accounts.
IBM safeguards against Microsoft vulnerabilities
16.02.07 IBM’s security division, Internet Security Systems, offers protection from several critical vulnerabilities announced by Microsoft.
Firefox cookie-stealing vulnerability
15.02.07 A new zero-day vulnerability in Mozilla Firefox allows malicious web sites to forge authentication cookies for certain web sites.
Valentine’s Day: a powerful lure for spreading malware
09.02.07 As Valentine´s Day approaches, users should keep a wary eye on any romantic messages received by email, as many of them could contain malicious code.
Skype reads out your BIOS data
09.02.07 The Windows version of the Voice-over-IP software Skype reads and stores the BIOS and motherboard serial number of a user’s computer.
Utimaco SafeGuard Enterprise supports BitLocker
09.02.07 Utimaco has announced that its SafeGuard Enterprise now supports Windows Vista BitLocker drive encryption.
|
|
