Steven senkus
Download
1 / 34

Wireless Security - PowerPoint PPT Presentation


  • 507 Views
  • Updated On :

Steven Senkus. Wireless Security. What is Wireless Networking?. Transmission of computer-readable data signal through radio waves to the Internet or another computer. Takes place at the physical layer (hardware). A Brief History.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Wireless Security' - Michelle


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Steven senkus l.jpg

Steven Senkus

Wireless Security


What is wireless networking l.jpg
What is Wireless Networking?

  • Transmission of computer-readable data signal through radio waves to the Internet or another computer.

  • Takes place at the physical layer (hardware)


A brief history l.jpg
A Brief History

  • In 1985, the FCC authorized public use of Industrial, Scientific, and Medical bands (902 MHz - 5.85 GHz)

  • The IEEE later created the 802.11 Working Group to standardize wireless LAN communication.

  • The standard was approved and published in 1997. 802.11 uses 2.4 GHz or 5 GHz frequency bands.

  • Due to security demands, WEP (Wired Equivalent Privacy) was added to the 802.11 standard


Wi fi alliance l.jpg
Wi-Fi Alliance

  • Formed in 1999; non-profit industry association that worked to unite 802.11 wireless transmission under one certification standard

  • Ensures interoperability between manufacturers by only allowing the Wi-Fi trademark for certified products.


Wi fi is everywhere l.jpg
Wi-Fi Is Everywhere!

  • Corporations

  • Home Networks

  • Universities

  • Airports

  • Coffee Shops

  • Restaurants

  • Hotels

  • Libraries

  • etc.


Advantages of wireless networking l.jpg

lower infrastructure costs

share resources like printers and shared access to a centralized storage.

Advantages of Wireless Networking

  • mobility

  • ease of adding devices/ network expansion

  • minimal cost

  • speed

  • ranges up to ~300m outdoors / ~70m indoors


Disadvantages of wireless networking l.jpg

Multiple devices on a WLAN can slow Internet access

Wireless transmissions are detectable; security is necessary for privacy and authentication

Disadvantages of Wireless Networking

  • limited frequency

  • suspected health risks from radio communication

  • network size is determined by area of transmission

  • signal interference (cordless phones, other APs, walls)


Dangers of an unsecured wlan l.jpg
Dangers of an Unsecured WLAN

  • Free Internet access for anyone

  • Illegal activity can be traced back to your network

  • Wardriving

  • Intruder configuration of network, installation of malware / backdoors

  • Outsider access to shared resources (printers, computers)

  • Eavesdropping / Identity Theft


Slide10 l.jpg

  • World's largest known theft of credit card information

  • A St. Paul, MN Marshalls store (owned by TJX) cut corners on network maintenance, infrastructure, financial standards, and used WEP for Wi-Fi security. Hackers were able to intercept sensitive financial and customer data.

  • TJX claims to have lost 45.7 million credit/debit card numbers as well as personal information of an estimated 500,000 customers.


Wep security l.jpg
WEP Security

  • WEP = “Wired Equivalent Privacy”; introduced in 1997 as part of the 802.11b standard.

  • Two types of authentication: Open System and Shared Key

  • Open System allows any station to connect and encrypts communication.

  • Shared Key encrypts and decrypts data sent between an access point (AP; router) and a station (computer with a wireless NIC) after a valid key is entered.


Wep authentication l.jpg
WEP Authentication

  • 1. Station sends an Authentication frame to the AP.

  • 2. AP replies with a 128 byte random challenge text.

  • 3. Station encrypts this with the shared key and sends it

  • 4. AP decrypts challenge text. If it matches the original sent text, then the AP indicates successful authentication


Wep weaknesses l.jpg
WEP Weaknesses

  • Wired Equivalency Privacy isn't.

  • The U.S. Government limited exportable cryptography; as a result, WEP secret keys were limited to 40 bits when first developed.

  • Researchers from the University of Maryland and Berkeley discovered weaknesses in WEP key reuse, weak message authentication, and traffic injection.

  • WEP's underlying RC4 algorithm was found to be insecure when multiple packets were analyzed

  • Encrypted packets are predictable and can be decrypted through statistical analysis


Wep weaknesses14 l.jpg
WEP Weaknesses

  • FBI agents demonstrated that a WEP-secured network can be cracked in three minutes

  • Several detailed articles and YouTube videos explain the procedure step-by-step

  • Widely understood to be insecure and, as a result, use has been deprecated. However, WEP is still included with hardware for legacy compatibility.

  • WEP is the equivalent of a “No Trespassing Sign”


Wpa wpa2 l.jpg
WPA/WPA2

  • In 2001, the IEEE addressed the problem by creating the 802.11i task force to address WEP insecurity.

  • This resulted in the creation of WPA (Wi-Fi Protected Access) and WPA2 after ratification of the 802.11i standard.

  • WPA encrypts information and ensures that the network security key has not been modified.

  • WPA-certified devices retain WEP support for legacy systems.

  • WPA's encryption key differs in every packet

  • All hardware certified for 802.11b, g, and n must implement WPA and WPA2.


Wpa wpa216 l.jpg
WPA/WPA2

  • PSK = Personal Mode – designed for small networks

  • Network traffic is encrypted with a 256 bit key

  • Keys can be 8-63 ASCII characters or 64 hexadecimal digits

  • TKIP = Temporal Key Integrity Protocol – algorithm – used in WPA and an option in WPA2 – per-packet key mixing and a message integrity check

  • Bruteforce and dictionary attacks are made more difficult with an 8 character minimum passphrases.


Slide17 l.jpg
WPA2

  • Interoperability ensured by EAP (Extensible Authentication Protocol) in Wi-Fi Alliance certification programs.

  • EAP is used to validate the identity of network devices.

  • WPA2 was designed to work with RADIUS servers to allow administration, auditing, and logging (username and login required)

  • WPA2-Enterprise is not practical for small networks due to server authentication.

  • Uses the AES-CCMP algorithm instead of the flawed RC4


Wpa weaknesses l.jpg
WPA Weaknesses

  • WPA/WPA2-PSK: The “four-way handshake” packets sent over EAPoL (during client association) can be sniffed and cracked.

  • WPA/WPA2-PSK: Only as strong as the password chosen

  • Greater encryption equals greater packet size = more processing power and network bandwidth required

  • WPA uses the same encryption technology as WEP (RC4)

  • WPA is vulnerable to DoS attacks

  • All devices communicating with WPA must have WPA software.


Other methods of securing wireless networks l.jpg
Other Methods of Securing Wireless Networks

  • VPN – (Virtual Private Network)

  • Firewalls

  • MAC (Media Access Control) Filtering – create a table of authorized client MAC addresses and only allow those clients access to the wireless network

  • RADIUS Authentication and Authorization

  • Kerberos

  • RF Shielding


Wireless tools and techniques l.jpg
Wireless Tools and Techniques

  • Most are Linux based software programs

  • Not all uses are malicious; useful for network auditing

  • Configuration can be painful!

  • Widely available and legal

  • Free and modifiable (open source)


Wireless tools and techniques21 l.jpg

MITM (“Man in the Middle”) attacks:

ARP poisoning

DNS redirection

Session Hijacking

DHCP spoofing

Wireless Tools and Techniques

  • War driving

  • Sniffing

  • Jamming

  • Spoofing (MAC address and IP address)


Netstumbler l.jpg
Netstumbler

  • WLAN detection

  • Works with Windows

  • Can be used with a GPS receiver


Kismet l.jpg
Kismet

  • WLAN detector (can detect hidden APs)

  • Packet sniffer

  • Intrusion detection




Driftnet l.jpg
Driftnet

  • Listens to network traffic and picks up images from TCP traffic


Ettercap l.jpg
Ettercap

  • MiTM attack suite

  • Active eavesdropping on several protocols

  • Network traffic interception

  • Password capturing

  • DNS redirection

  • Sniffing



Rogue access point l.jpg
Rogue Access Point

  • An access point that mimics a known access point to trick users and computers into connecting. Traffic can be monitored and directed

  • Also called Wiphishing, as fake websites can be generated to lure users into giving away their credentials


Wireless security tips l.jpg
Wireless Security Tips

  • Change router password from default

  • Set router transmission power or physical location

  • Use wired connections for AP configuration

  • Disable SSID visibility and beacons (broadcasting)

  • Use a firewall

  • Use HTTPS and TLS

  • Use WPA2


Wireless security tips31 l.jpg
Wireless Security Tips

  • Use a long and arbitrary password combination consisting of numbers, letters, special characters (if available)

  • For WEP, define all 4 keys and rotate them at regular intervals

  • Disable DHCP and assign static IP addresses

  • MAC address filtering

  • Turn off file sharing for stations connected to a wireless LAN


Sources l.jpg
Sources

  • http://en.wikipedia.org/wiki/Wi-Fi

  • http://www.wi-fi.org/knowledge_center/kc-macfiltering

  • http://kb.netgear.com/app/answers/detail/a_id/1105

  • http://codedrunk.blogspot.com/2008/01/breaking-wep-encryption-easy-way.html

  • http://lifehacker.com/5305094/how-to-crack-a-wi+fi-networks-wep-password-with-backtrack.html

  • http://electronics.howstuffworks.com/how-to-tech/how-to-detect-stealing-wifi[1-5].htm

  • http://en.wikipedia.org/wiki/WPA-PSK

  • http://en.wikipedia.org/wiki/Fluhrer,_Mantin_and_Shamir_attack

  • http://www.smallnetbuilder.com/wireless/wireless-features/24251-thefedscanownyourlantoo

  • http://openmaniak.com/ettercap.php

  • http://www.brighthub.com/computing/smb-security/articles/17766.aspx

  • http://www.brighthub.com/computing/smb-security/articles/17869.aspx

  • http://techdir.rutgers.edu/wireless.html

  • http://en.wikipedia.org/wiki/Wireless_security

  • http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks.htm


Sources33 l.jpg
Sources

  • http://windows.microsoft.com/en-US/windows-vista/What-are-the-different-wireless-network-security-methods

  • http://www.wi-fi.org/files/kc_4_Preventing%20Evil%20Twins-Wiphishing%20QandA.pdf

  • http://www.oreillynet.com/pub/a/wireless/2002/04/19/security.html

  • http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy

  • http://www.acm.org/crossroads/xrds9-4/wlan_abc.html

  • http://en.wikipedia.org/wiki/RC4_(cipher)

  • http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html

  • http://www.dummies.com/how-to/content/understanding-wep-weaknesses.html

  • http://connect-connect.blogspot.com/2007/09/wireless-security-insight-into-wep.html

  • http://www.bestsecuritytips.com/news+article.storyid+226.htm

  • http://www.differencebetween.net/technology/difference-between-wpa-and-wpa2/



ad