Wireless networking has numerous benefits. Productivity remarkably enhances due to the higher accessibility to the information resource. Network configuration as well as reconfiguration becomes easier, quicker, and overall less expensive. Nonetheless, this technology also poses new threats as well as brings change in the already existing profile of risk in the information security. Explaining this terminology, as we all know that the communication occurs "through the air" utilizing the radio frequencies, the inception risk are higher in comparison to the wired networks. In case the messages are not encrypted, or just encrypted having a relatively weak algorithm, then the ...view middle of the document...
For any provided networking situation, the wireless Networks might not be as desirable for many reasons. Majority among those have connections with inherent limitations related to this technology. The major disadvantages related to utilizing any wireless network may be: Security concerns, Range, Reliability as well as the Speed.
Wireless Vulnerabilities, Threats and Countermeasures
Wireless networks basically comprise of some prime components as discussed: The first one is the transmission of the data utilizing the radio frequencies; Next is the access points which provide the connection to organizational networks as well as to the devices of the client (laptops, PDAs,); and also to the users. Each one among those components offers a potential avenue for the attack which may very well lead in the compromise of the basic objectives of fundamental security which are confidentiality, integrity as well as the availability.
Fig. 1: Wireless networking components
Cross-Site Scripting vulnerability (XSS)
Cross-Site Scripting (XSS) attacks are such a kind of the injection issues faced by the wireless internet security, in which the scripts which are of malicious content are injected in the relatively benign as well as trusted web sites. Those attacks happen whenever any attacker utilizes a web based application in order to send the malicious codes, usually in the form of any script of the browser side, to any alternate end user. Flaws which permit such attacks to complete are relatively widespread and could occur anywhere the web application utilizes the input from any user within the output generated by it without encoding or validating it.
Any attacker could utilize the XSS in order to send any script of malicious contents to any unsuspecting users. The browsers of the end users have indeed no method to enquire that whether such script shall be trusted or not, and would implement the script. Due to the fact that it assumes the script are from the trusted sources, the script of the malicious content could have an access towards any of the cookies, session token, or any other information which is sensitive retained by the browser as well as used along with that particular site. Such scripts could even re-write the contents of that HTML page.
Fig. 2: Tools Vulnerable to XSS
METHODS FOR THE PREVENTION OF THE CROSS-SITE SCRIPTING VULNERABILITIES
Contextual output encoding/escaping of string inputs