NoCat – Wireless Network Security
Wireless technology, with its freedom of flexibility, its low cost equipment, provides a powerful solution to connect large numbers of computers through an air-network without cables. Despite of its advantages, if not treated correctly, wireless technology provides a real threat to wireless-based communities and networks.
As the built-in wireless security mechanism, WEP (Wired Equivalent Privacy) has shown its weaknesses, problems and its disability to provide authentication and data integrity checks, more and more third-party tools where developed in order to bolster wireless networks security.
On of these tools is the open source program – NoCatAuth. Herein, a glimpse at NoCatAuth system as a tool for enhancing wireless networks security is given.
Captive portals became very popular among wireless community and hotspot operator, since they provide user authentication and resource management solutions. The authentication is usually done via a central authentication server and any connections beyond that server are prohibited.
A captive portal operates in two modes when dealing with wireless infrastructure: a closed captive portal and an open captive portal.
NoCatAuth is an open source captive portal, which operates in both modes and designed to provide high-level authentication system for gateways. It’s written in Perl and designed to run under Linux. NoCatAuth is comprised of two major components: a gateway service and an authentication service.
The NoCatAuth authentication service component is responsible for presenting a login prompt and as a middle service between the gateway service and the user. If the supplied credentials match the user database, the authentication service sends a PGP singed message to the gateway service, which can now verify the authenticity of the message. To keep user privacy, the authentication credentials are supplied using an SSL web page.
The gateway service is responsible for blocking any data-flow (except the authentication service) until the user is authenticated. Once the authentication process is completed, data-flow is granted.
NoCatAuth becomes the credential backbone in wireless-based communities and networks. That’s not surprising, due to its minimal requirements and its independence of any specific wireless technology.