An example of the usage of wireless LAN technologyfor multimedia: see Berlin live!
News
People
Research
Papers
Teaching
Resources
Location


Intern
TKN - Telecommunication Networks Group TU-Berlin
Head of Group: Prof. Adam Wolisz Faculty of Electrical Engineering and Computer Science

SecureWLAN Home Page

Welcome to the SecureWLAN Home Page. This project has been developped at the Technical University of Berlin (TUB), in the Telecommunications Networks Group (TKN). It is the result of the Diploma Thesis Secure WLAN Operation and Deployment in Home and Small to Medium Size Environments of the student Rodrigo Blanco under the tutoring of the Dr.-Ing. Günter Schäfer. The project began in September 2001 and ended in March 2002.

This software is intended to secure the communications over WLANs. It secures various WLANs from one single workstation acting as a Gateway for all of them, in a secure manner. 

All of the programs which can be downloaded here are free software and you may use them at your own risk and discretion. It should run in Windows 2000 machines, or higher (the program has been tested for Windows 2000 Professional).

This work has been supported by a grant from Microsoft Research, Cambridge, UK.

CONTENTS: 

INTRODUCTION:

The relatively low cost and easy deployment of wireless local area networks (WLAN) according to the standard IEEE 802.11 together with their sufficient bandwidth for most office and home data oriented applications makes them not only an economic technology for connecting notebook computers to a wired networking infrastructure, but also an economic and easy-to-install alternative to wired networks. However, the fact that the wireless medium is generally easier to attack than a fixed wire, demands for increased security measures.

While the IEEE 802.11 standard provides comprises some primitive security protocols called ''wired equivalent privacy (WEP)'' and ''shared key authentication'',  they are often not even used in practice, as there is no standardized key management available to generate and distribute the required group keys. Furthermore, the WEP has been proven to be broken. As a consequence many IEEE 802.11 WLANs represent an easy-to-attack target for even the most unskilled attackers, who happen to pass by near a building where an IEEE 802.11 WLAN is operated.

The problem of securing a WLAN is of special concern in home or small business environments where there are usually no trained personal and no dedicated security infrastructure components (firewalls etc.) available.

This solution is based on a VPN technology, IPsec, which provides security services at the IP level. IPsec is integrated in the Windows 2000/XP operating system. The programs that integrate SecureWLAN provide a simple set of tools to achieve the automatic configuration of the IPsec settings, both on the clients and on the wired infrastructure.

There are no special software or hardware requirements in order to run SecureWLAN, just to have Windows 2000 Professional operating system (or later). 

LICENSE:

The programs available here are freeware. The license is "Public Domain". This means that you can take the source code and use it or modify it as you wish. No license or fee needs to be payed. However, you take and use this software at your own risk. The authors are in no way responsible for the results of its use:

  • Disclaimer of warranty

The Software is provided AS IS, without a warranty of any kind and as such the author shall NOT be held liable for any loss of data, down time, loss of revenue or any other direct or indirect damage or claims caused by this program.

ALL EXPRESS OR IMPLIED REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED.

  • Severability

The user must assume the entire risk of using the program. IN NO EVENT WILL THE AUTHOR BE LIABLE FOR ANY DAMAGES DERIVED FROM USING THE SOFTWARE.

DOCUMENTATION:

ARTICLE: A publication describing the basics of the project and explaining the proposed architecture and configuration solution. PDF PS

PROJECT SLIDES: A brief introduction providing a good insight in the principles of the project and the achieved solution PPT PDF

PROJECT WHITEPAPER: This document describes the project in depth. It is the best reference in order to understand how this set of programs works, and what the underlying security concepts are. PDF PS.

NETWORK LAYOUT: A brief explanation of how the topology of the WLAN should look like in order to install and run this software.

SOFTWARE USER'S GUIDE: A step-by-step guide that provides some hints on the installation and running of the SecureWLAN software.

SOFTWARE:

DOWNLOADS: Here you can download the binaries and the source code files. Also some useful links to other associated tools are provided

HOW TO:

Install a program to run as an NT service

Use ipsecpol to tune your IPSec policies

Enable IP forwarding on your Security Gateway (article Q230082 of Microsoft Product Support Services, U.S.)

SUPPORT

FAQ

Contact us in blanco@ft.ee.tu-berlin.de for bug report or if you come across problems while installing / running the SecureWLAN software.

Last updated: Wednesday, 20. March 2002



Questions? Contact webmaster.

Contents subject to change. All rights reserved.
Mit dem Urteil vom 12. Mai 1998- 312 O 85/98- "Haftung für Links" hat das Landgericht Hamburg entschieden, daß man durch die Anbringung eines Links, die Inhalte der gelinkten Seite ggf. mit zu verantworten hat. Dies kann nur dadurch verhindert werden, daß man sich ausdrücklich von diesen Inhalten distanziert.
"Hiermit distanzieren wir uns ausdrücklich von allen Inhalten aller extern gelinkten Seiten auf unserem Server und machen uns diese Inhalte nicht zu eigen. Diese Erklärung gilt für alle auf unserem Server angebrachten externen Links."