Steven senkus
1 / 34

Wireless Security - PowerPoint PPT Presentation

  • Updated On :

Steven Senkus. Wireless Security. What is Wireless Networking?. Transmission of computer-readable data signal through radio waves to the Internet or another computer. Takes place at the physical layer (hardware). A Brief History.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Wireless Security' - Michelle

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Steven senkus l.jpg

Steven Senkus

Wireless Security

What is wireless networking l.jpg
What is Wireless Networking?

  • Transmission of computer-readable data signal through radio waves to the Internet or another computer.

  • Takes place at the physical layer (hardware)

A brief history l.jpg
A Brief History

  • In 1985, the FCC authorized public use of Industrial, Scientific, and Medical bands (902 MHz - 5.85 GHz)

  • The IEEE later created the 802.11 Working Group to standardize wireless LAN communication.

  • The standard was approved and published in 1997. 802.11 uses 2.4 GHz or 5 GHz frequency bands.

  • Due to security demands, WEP (Wired Equivalent Privacy) was added to the 802.11 standard

Wi fi alliance l.jpg
Wi-Fi Alliance

  • Formed in 1999; non-profit industry association that worked to unite 802.11 wireless transmission under one certification standard

  • Ensures interoperability between manufacturers by only allowing the Wi-Fi trademark for certified products.

Wi fi is everywhere l.jpg
Wi-Fi Is Everywhere!

  • Corporations

  • Home Networks

  • Universities

  • Airports

  • Coffee Shops

  • Restaurants

  • Hotels

  • Libraries

  • etc.

Advantages of wireless networking l.jpg

lower infrastructure costs

share resources like printers and shared access to a centralized storage.

Advantages of Wireless Networking

  • mobility

  • ease of adding devices/ network expansion

  • minimal cost

  • speed

  • ranges up to ~300m outdoors / ~70m indoors

Disadvantages of wireless networking l.jpg

Multiple devices on a WLAN can slow Internet access

Wireless transmissions are detectable; security is necessary for privacy and authentication

Disadvantages of Wireless Networking

  • limited frequency

  • suspected health risks from radio communication

  • network size is determined by area of transmission

  • signal interference (cordless phones, other APs, walls)

Dangers of an unsecured wlan l.jpg
Dangers of an Unsecured WLAN

  • Free Internet access for anyone

  • Illegal activity can be traced back to your network

  • Wardriving

  • Intruder configuration of network, installation of malware / backdoors

  • Outsider access to shared resources (printers, computers)

  • Eavesdropping / Identity Theft

Slide10 l.jpg

  • World's largest known theft of credit card information

  • A St. Paul, MN Marshalls store (owned by TJX) cut corners on network maintenance, infrastructure, financial standards, and used WEP for Wi-Fi security. Hackers were able to intercept sensitive financial and customer data.

  • TJX claims to have lost 45.7 million credit/debit card numbers as well as personal information of an estimated 500,000 customers.

Wep security l.jpg
WEP Security

  • WEP = “Wired Equivalent Privacy”; introduced in 1997 as part of the 802.11b standard.

  • Two types of authentication: Open System and Shared Key

  • Open System allows any station to connect and encrypts communication.

  • Shared Key encrypts and decrypts data sent between an access point (AP; router) and a station (computer with a wireless NIC) after a valid key is entered.

Wep authentication l.jpg
WEP Authentication

  • 1. Station sends an Authentication frame to the AP.

  • 2. AP replies with a 128 byte random challenge text.

  • 3. Station encrypts this with the shared key and sends it

  • 4. AP decrypts challenge text. If it matches the original sent text, then the AP indicates successful authentication

Wep weaknesses l.jpg
WEP Weaknesses

  • Wired Equivalency Privacy isn't.

  • The U.S. Government limited exportable cryptography; as a result, WEP secret keys were limited to 40 bits when first developed.

  • Researchers from the University of Maryland and Berkeley discovered weaknesses in WEP key reuse, weak message authentication, and traffic injection.

  • WEP's underlying RC4 algorithm was found to be insecure when multiple packets were analyzed

  • Encrypted packets are predictable and can be decrypted through statistical analysis

Wep weaknesses14 l.jpg
WEP Weaknesses

  • FBI agents demonstrated that a WEP-secured network can be cracked in three minutes

  • Several detailed articles and YouTube videos explain the procedure step-by-step

  • Widely understood to be insecure and, as a result, use has been deprecated. However, WEP is still included with hardware for legacy compatibility.

  • WEP is the equivalent of a “No Trespassing Sign”

Wpa wpa2 l.jpg

  • In 2001, the IEEE addressed the problem by creating the 802.11i task force to address WEP insecurity.

  • This resulted in the creation of WPA (Wi-Fi Protected Access) and WPA2 after ratification of the 802.11i standard.

  • WPA encrypts information and ensures that the network security key has not been modified.

  • WPA-certified devices retain WEP support for legacy systems.

  • WPA's encryption key differs in every packet

  • All hardware certified for 802.11b, g, and n must implement WPA and WPA2.

Wpa wpa216 l.jpg

  • PSK = Personal Mode – designed for small networks

  • Network traffic is encrypted with a 256 bit key

  • Keys can be 8-63 ASCII characters or 64 hexadecimal digits

  • TKIP = Temporal Key Integrity Protocol – algorithm – used in WPA and an option in WPA2 – per-packet key mixing and a message integrity check

  • Bruteforce and dictionary attacks are made more difficult with an 8 character minimum passphrases.

Slide17 l.jpg

  • Interoperability ensured by EAP (Extensible Authentication Protocol) in Wi-Fi Alliance certification programs.

  • EAP is used to validate the identity of network devices.

  • WPA2 was designed to work with RADIUS servers to allow administration, auditing, and logging (username and login required)

  • WPA2-Enterprise is not practical for small networks due to server authentication.

  • Uses the AES-CCMP algorithm instead of the flawed RC4

Wpa weaknesses l.jpg
WPA Weaknesses

  • WPA/WPA2-PSK: The “four-way handshake” packets sent over EAPoL (during client association) can be sniffed and cracked.

  • WPA/WPA2-PSK: Only as strong as the password chosen

  • Greater encryption equals greater packet size = more processing power and network bandwidth required

  • WPA uses the same encryption technology as WEP (RC4)

  • WPA is vulnerable to DoS attacks

  • All devices communicating with WPA must have WPA software.

Other methods of securing wireless networks l.jpg
Other Methods of Securing Wireless Networks

  • VPN – (Virtual Private Network)

  • Firewalls

  • MAC (Media Access Control) Filtering – create a table of authorized client MAC addresses and only allow those clients access to the wireless network

  • RADIUS Authentication and Authorization

  • Kerberos

  • RF Shielding

Wireless tools and techniques l.jpg
Wireless Tools and Techniques

  • Most are Linux based software programs

  • Not all uses are malicious; useful for network auditing

  • Configuration can be painful!

  • Widely available and legal

  • Free and modifiable (open source)

Wireless tools and techniques21 l.jpg

MITM (“Man in the Middle”) attacks:

ARP poisoning

DNS redirection

Session Hijacking

DHCP spoofing

Wireless Tools and Techniques

  • War driving

  • Sniffing

  • Jamming

  • Spoofing (MAC address and IP address)

Netstumbler l.jpg

  • WLAN detection

  • Works with Windows

  • Can be used with a GPS receiver

Kismet l.jpg

  • WLAN detector (can detect hidden APs)

  • Packet sniffer

  • Intrusion detection

Driftnet l.jpg

  • Listens to network traffic and picks up images from TCP traffic

Ettercap l.jpg

  • MiTM attack suite

  • Active eavesdropping on several protocols

  • Network traffic interception

  • Password capturing

  • DNS redirection

  • Sniffing

Rogue access point l.jpg
Rogue Access Point

  • An access point that mimics a known access point to trick users and computers into connecting. Traffic can be monitored and directed

  • Also called Wiphishing, as fake websites can be generated to lure users into giving away their credentials

Wireless security tips l.jpg
Wireless Security Tips

  • Change router password from default

  • Set router transmission power or physical location

  • Use wired connections for AP configuration

  • Disable SSID visibility and beacons (broadcasting)

  • Use a firewall

  • Use HTTPS and TLS

  • Use WPA2

Wireless security tips31 l.jpg
Wireless Security Tips

  • Use a long and arbitrary password combination consisting of numbers, letters, special characters (if available)

  • For WEP, define all 4 keys and rotate them at regular intervals

  • Disable DHCP and assign static IP addresses

  • MAC address filtering

  • Turn off file sharing for stations connected to a wireless LAN

Sources l.jpg
















Sources33 l.jpg