steven senkus
Download
Skip this Video
Download Presentation
Wireless Security

Loading in 2 Seconds...

play fullscreen
1 / 34

Wireless Security - PowerPoint PPT Presentation


  • 511 Views
  • Uploaded on

Steven Senkus. Wireless Security. What is Wireless Networking?. Transmission of computer-readable data signal through radio waves to the Internet or another computer. Takes place at the physical layer (hardware). A Brief History.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Wireless Security' - Michelle


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
what is wireless networking
What is Wireless Networking?
  • Transmission of computer-readable data signal through radio waves to the Internet or another computer.
  • Takes place at the physical layer (hardware)
a brief history
A Brief History
  • In 1985, the FCC authorized public use of Industrial, Scientific, and Medical bands (902 MHz - 5.85 GHz)
  • The IEEE later created the 802.11 Working Group to standardize wireless LAN communication.
  • The standard was approved and published in 1997. 802.11 uses 2.4 GHz or 5 GHz frequency bands.
  • Due to security demands, WEP (Wired Equivalent Privacy) was added to the 802.11 standard
wi fi alliance
Wi-Fi Alliance
  • Formed in 1999; non-profit industry association that worked to unite 802.11 wireless transmission under one certification standard
  • Ensures interoperability between manufacturers by only allowing the Wi-Fi trademark for certified products.
wi fi is everywhere
Wi-Fi Is Everywhere!
  • Corporations
  • Home Networks
  • Universities
  • Airports
  • Coffee Shops
  • Restaurants
  • Hotels
  • Libraries
  • etc.
advantages of wireless networking
lower infrastructure costs

share resources like printers and shared access to a centralized storage.

Advantages of Wireless Networking
  • mobility
  • ease of adding devices/ network expansion
  • minimal cost
  • speed
  • ranges up to ~300m outdoors / ~70m indoors
disadvantages of wireless networking
Multiple devices on a WLAN can slow Internet access

Wireless transmissions are detectable; security is necessary for privacy and authentication

Disadvantages of Wireless Networking
  • limited frequency
  • suspected health risks from radio communication
  • network size is determined by area of transmission
  • signal interference (cordless phones, other APs, walls)
dangers of an unsecured wlan
Dangers of an Unsecured WLAN
  • Free Internet access for anyone
  • Illegal activity can be traced back to your network
  • Wardriving
  • Intruder configuration of network, installation of malware / backdoors
  • Outsider access to shared resources (printers, computers)
  • Eavesdropping / Identity Theft
slide10
World\'s largest known theft of credit card information
  • A St. Paul, MN Marshalls store (owned by TJX) cut corners on network maintenance, infrastructure, financial standards, and used WEP for Wi-Fi security. Hackers were able to intercept sensitive financial and customer data.
  • TJX claims to have lost 45.7 million credit/debit card numbers as well as personal information of an estimated 500,000 customers.
wep security
WEP Security
  • WEP = “Wired Equivalent Privacy”; introduced in 1997 as part of the 802.11b standard.
  • Two types of authentication: Open System and Shared Key
  • Open System allows any station to connect and encrypts communication.
  • Shared Key encrypts and decrypts data sent between an access point (AP; router) and a station (computer with a wireless NIC) after a valid key is entered.
wep authentication
WEP Authentication
  • 1. Station sends an Authentication frame to the AP.
  • 2. AP replies with a 128 byte random challenge text.
  • 3. Station encrypts this with the shared key and sends it
  • 4. AP decrypts challenge text. If it matches the original sent text, then the AP indicates successful authentication
wep weaknesses
WEP Weaknesses
  • Wired Equivalency Privacy isn\'t.
  • The U.S. Government limited exportable cryptography; as a result, WEP secret keys were limited to 40 bits when first developed.
  • Researchers from the University of Maryland and Berkeley discovered weaknesses in WEP key reuse, weak message authentication, and traffic injection.
  • WEP\'s underlying RC4 algorithm was found to be insecure when multiple packets were analyzed
  • Encrypted packets are predictable and can be decrypted through statistical analysis
wep weaknesses14
WEP Weaknesses
  • FBI agents demonstrated that a WEP-secured network can be cracked in three minutes
  • Several detailed articles and YouTube videos explain the procedure step-by-step
  • Widely understood to be insecure and, as a result, use has been deprecated. However, WEP is still included with hardware for legacy compatibility.
  • WEP is the equivalent of a “No Trespassing Sign”
wpa wpa2
WPA/WPA2
  • In 2001, the IEEE addressed the problem by creating the 802.11i task force to address WEP insecurity.
  • This resulted in the creation of WPA (Wi-Fi Protected Access) and WPA2 after ratification of the 802.11i standard.
  • WPA encrypts information and ensures that the network security key has not been modified.
  • WPA-certified devices retain WEP support for legacy systems.
  • WPA\'s encryption key differs in every packet
  • All hardware certified for 802.11b, g, and n must implement WPA and WPA2.
wpa wpa216
WPA/WPA2
  • PSK = Personal Mode – designed for small networks
  • Network traffic is encrypted with a 256 bit key
  • Keys can be 8-63 ASCII characters or 64 hexadecimal digits
  • TKIP = Temporal Key Integrity Protocol – algorithm – used in WPA and an option in WPA2 – per-packet key mixing and a message integrity check
  • Bruteforce and dictionary attacks are made more difficult with an 8 character minimum passphrases.
slide17
WPA2
  • Interoperability ensured by EAP (Extensible Authentication Protocol) in Wi-Fi Alliance certification programs.
  • EAP is used to validate the identity of network devices.
  • WPA2 was designed to work with RADIUS servers to allow administration, auditing, and logging (username and login required)
  • WPA2-Enterprise is not practical for small networks due to server authentication.
  • Uses the AES-CCMP algorithm instead of the flawed RC4
wpa weaknesses
WPA Weaknesses
  • WPA/WPA2-PSK: The “four-way handshake” packets sent over EAPoL (during client association) can be sniffed and cracked.
  • WPA/WPA2-PSK: Only as strong as the password chosen
  • Greater encryption equals greater packet size = more processing power and network bandwidth required
  • WPA uses the same encryption technology as WEP (RC4)
  • WPA is vulnerable to DoS attacks
  • All devices communicating with WPA must have WPA software.
other methods of securing wireless networks
Other Methods of Securing Wireless Networks
  • VPN – (Virtual Private Network)
  • Firewalls
  • MAC (Media Access Control) Filtering – create a table of authorized client MAC addresses and only allow those clients access to the wireless network
  • RADIUS Authentication and Authorization
  • Kerberos
  • RF Shielding
wireless tools and techniques
Wireless Tools and Techniques
  • Most are Linux based software programs
  • Not all uses are malicious; useful for network auditing
  • Configuration can be painful!
  • Widely available and legal
  • Free and modifiable (open source)
wireless tools and techniques21
MITM (“Man in the Middle”) attacks:

ARP poisoning

DNS redirection

Session Hijacking

DHCP spoofing

Wireless Tools and Techniques
  • War driving
  • Sniffing
  • Jamming
  • Spoofing (MAC address and IP address)
netstumbler
Netstumbler
  • WLAN detection
  • Works with Windows
  • Can be used with a GPS receiver
kismet
Kismet
  • WLAN detector (can detect hidden APs)
  • Packet sniffer
  • Intrusion detection
driftnet
Driftnet
  • Listens to network traffic and picks up images from TCP traffic
ettercap
Ettercap
  • MiTM attack suite
  • Active eavesdropping on several protocols
  • Network traffic interception
  • Password capturing
  • DNS redirection
  • Sniffing
rogue access point
Rogue Access Point
  • An access point that mimics a known access point to trick users and computers into connecting. Traffic can be monitored and directed
  • Also called Wiphishing, as fake websites can be generated to lure users into giving away their credentials
wireless security tips
Wireless Security Tips
  • Change router password from default
  • Set router transmission power or physical location
  • Use wired connections for AP configuration
  • Disable SSID visibility and beacons (broadcasting)
  • Use a firewall
  • Use HTTPS and TLS
  • Use WPA2
wireless security tips31
Wireless Security Tips
  • Use a long and arbitrary password combination consisting of numbers, letters, special characters (if available)
  • For WEP, define all 4 keys and rotate them at regular intervals
  • Disable DHCP and assign static IP addresses
  • MAC address filtering
  • Turn off file sharing for stations connected to a wireless LAN
sources
Sources
  • http://en.wikipedia.org/wiki/Wi-Fi
  • http://www.wi-fi.org/knowledge_center/kc-macfiltering
  • http://kb.netgear.com/app/answers/detail/a_id/1105
  • http://codedrunk.blogspot.com/2008/01/breaking-wep-encryption-easy-way.html
  • http://lifehacker.com/5305094/how-to-crack-a-wi+fi-networks-wep-password-with-backtrack.html
  • http://electronics.howstuffworks.com/how-to-tech/how-to-detect-stealing-wifi[1-5].htm
  • http://en.wikipedia.org/wiki/WPA-PSK
  • http://en.wikipedia.org/wiki/Fluhrer,_Mantin_and_Shamir_attack
  • http://www.smallnetbuilder.com/wireless/wireless-features/24251-thefedscanownyourlantoo
  • http://openmaniak.com/ettercap.php
  • http://www.brighthub.com/computing/smb-security/articles/17766.aspx
  • http://www.brighthub.com/computing/smb-security/articles/17869.aspx
  • http://techdir.rutgers.edu/wireless.html
  • http://en.wikipedia.org/wiki/Wireless_security
  • http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks.htm
sources33
Sources
  • http://windows.microsoft.com/en-US/windows-vista/What-are-the-different-wireless-network-security-methods
  • http://www.wi-fi.org/files/kc_4_Preventing%20Evil%20Twins-Wiphishing%20QandA.pdf
  • http://www.oreillynet.com/pub/a/wireless/2002/04/19/security.html
  • http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy
  • http://www.acm.org/crossroads/xrds9-4/wlan_abc.html
  • http://en.wikipedia.org/wiki/RC4_(cipher)
  • http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
  • http://www.dummies.com/how-to/content/understanding-wep-weaknesses.html
  • http://connect-connect.blogspot.com/2007/09/wireless-security-insight-into-wep.html
  • http://www.bestsecuritytips.com/news+article.storyid+226.htm
  • http://www.differencebetween.net/technology/difference-between-wpa-and-wpa2/
ad