1 / 56

Wireless Security

Wireless Security. Objectives. Wireless Auditing Tools Gathering Information Unauthorized Access Denial of Service Legal Issues Security Policies Authentication Encryption WEP & WPA. Wireless Auditing Tools. Objectives. Wireless Auditing Tools Discovery Tools Password Capture

cynthia-woodward
Download Presentation

Wireless Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wireless Security

  2. Objectives • Wireless Auditing Tools • Gathering Information • Unauthorized Access • Denial of Service • Legal Issues • Security Policies • Authentication • Encryption • WEP & WPA

  3. Wireless Auditing Tools

  4. Objectives • Wireless Auditing Tools • Discovery Tools • Password Capture • Protocol Analyzers • O/S Fingerprinting and Port Scanning • Jamming Tools • Hijacking Tools • Others

  5. Wireless Auditing Tools Discovery Tools • Wireless Auditing Tools • Discovery Tools • NetStumbler  Scan 2.4 – 5GHz • MiniStumbler  Runs on PocketPC platform • Kismet  Runs on Linux  802.11 wireless packet analyzer • dstumbler  Runs on BSD • … • Hardware Tools • Online Databases • Proactive Countermeasures

  6. Wireless Auditing Tools Password Capture • Wireless Auditing Tools • Password Capture • WinSniffer (FTP, HTTP, ICQ, Telnet, SMTP, POP3, NNTP, & IMAP) – installed on Windows-based system • Revelation – installed on Windows • ettercap – supports most O/S platforms • Others…

  7. Wireless Auditing Tools Protocol Analyzers • Wireless Auditing Tools • Protocol Analyzers • Wildpackets Airopeek • AirMagnet • Fluke WaveRunner Wireless Tester • Ethereal • Network Associates Sniffer Pro wireless • Network Instruments Observer • Ephiphan CEniffer • Tamosoft Commview

  8. Wireless Auditing Tools O/S Fingerprinting and Port Scanning • Wireless Auditing Tools • O/S Fingerprinting and Port Scanning • Service Packs Installed • Missing Security Patches • Network Shares • Open Ports • Services in Use • Users and Groups • Strength of Passwords • Known Vulnerabilities

  9. Wireless Auditing Tools RF Jamming Tools • Wireless Auditing Tools • RF Jamming Tools • Auditor Use • Testing • Force Roaming • Attacker Use • DoS • Hijacking

  10. Wireless Auditing Tools Hijacking Tools • Wireless Auditing Tools • Hijacking Tools • ZoomAir AP (Windows) • Cqure (Linux) • Orinoco Client Utility

  11. Wireless Auditing Tools Others • Wireless Auditing Tools • Others • Share Enumerators • ShareEnum • Application Layer Analyzers • Email (including attachments) • Login information • Websites Visited • Network Discovery Tools

  12. Gathering Information

  13. Objectives • Gathering Information • Target Profiling • Tools of the Trade • Social Engineering • Traffic Pattern Analysis

  14. Gathering InformationTarget Profiling • Gathering Information • Target Profiling • Publicly Available Information • Public WLAN Maps • Search Engines • Garbage Collection • War Driving • War Chalking

  15. Gathering InformationTools of the Trade • Gathering Information • Tools of the Trade • Social Engineering • Help Desk • Contractors • Employees

  16. Gathering InformationTraffic Pattern Analysis • Gathering Information • Traffic Pattern Analysis • Where is Traffic Going? • How Much Traffic? • What Time of Day?

  17. What do they have in common?

  18. Unauthorized Access

  19. Objectives • Unauthorized Access • Rogue Devices • Data Theft and Malicious Insertion • Unauthorized Use • Security Feature Weaknesses and Vulnerabilities

  20. Unauthorized AccessRogue Devices • Unauthorized Access • Rogue Devices • Access Points • Wireless Bridges

  21. Unauthorized AccessData Theft and Malicious Insertion • Unauthorized Access • Data Theft and Malicious Insertion • Illegal, Unethical, or Inappropriate Content • Viruses & Spyware

  22. Unauthorized AccessUnauthorized Control & Use • Unauthorized Access • Unauthorized Control • Network Management Tools • Configuration Changes • Third Party Attacks • Unauthorized Use • Spamming • Internet Access • Information Transfer and Theft

  23. Unauthorized AccessSecurity Feature Weaknesses & Vulnerabilities • Unauthorized Access • Security Feature Weaknesses and Vulnerabilities • WEP (Wired Equivalent Privacy) • PSK (Pre-Shared Key) • LEAP (Lightweight Extensible Authentication Protocol) • PPTP (Point-to-Point Tunneling Protocol)

  24. Denial of Service

  25. Objectives • Denial of Service • Physical Layer DoS • MAC Layer DoS • Eavesdropping

  26. Denial of ServicePhysical Layer DoS • Denial of Service • Physical Layer DoS • RF Jamming • Testing equipment that act as power signal generators

  27. Denial of ServiceMAC Layer DoS • Denial of Service • MAC Layer DoS • Hijacking • Unauthorized user takes control of an authorized user’s connection • Data Flooding • Overwhelm a device

  28. Denial of ServiceEavesdropping • Denial of Service • Eavesdropping • Capture MAC Address • Must capture MAC address to perform session hijacking

  29. Legal Issues

  30. Objectives • Legal Issues • Acts of US Congress • State Laws • International Regulations • Intrusion Forensics and Source Discovery

  31. Legal Issues • Legal Issues • Acts of US Congress • 1998 Identity Theft and Assumption Deterrence Act • 1986 Computer Fraud and Abuse Act • 1986 Electronic Communications Privacy Act • State Laws • International Regulations • Intrusion Forensics and Source Discovery • Keep a Record (auditing) • Logging • Trace the Path to the Attacker • Combine Physical Security and Network Security

  32. Security Policies

  33. Objectives • Security Policies • General • Risk Assessment • Impact Analysis • Security Auditing • Guidelines and Baselines • Policy Essentials • General Guidelines • Baseline Practices • Design and Implementation • Interoperability • Intrusion Monitoring • Layering • Segmentation • Authentication & Encryption • Role Based Access Control • Physical Security and Social Engineering

  34. Security PoliciesGeneral • Security Policies • General • General Guidelines • Management Buy-in • Communicate Policies • Monitor and Audit • Respond and Enforce • Risk Assessment • Asset Protection • Threat Prevention • Legal Liabilities • Costs

  35. Security PoliciesGeneral • Security Policies • General • Impact Analysis • Potential Damage to the Company? • Direct / Indirect • Legal • Security Auditing • Independent Testing • Sources of Information

  36. Security PoliciesGuidelines and Baselines • Security Policies • Guidelines and Baselines • Policy Essentials • Password Policies • Network Staff and End-User Training Requirements • Acceptable Use • Consistent Implementation / Staging Procedures • Implementation and Management Procedures • Regular Audits and Penetration testing • General Guidelines • Use Secure Applications • Security Checklist • Asset Management • Change Management

  37. Security PoliciesGuidelines and Baselines • Security Policies • Guidelines and Baselines • Baseline Practices • Change Default SSID (Service Set Identifier) • Don’t Rely on MAC Filters • Static WEP is not Appropriate • Default Configuration Settings • Firmware Upgrades • Rogue Equipment • Outdoor Bridge Security • RF Cell Sizing • Disable Discovery Protocols Not in Use • Remote Configuration • Client Security • IP Services • Switches and Hubs • Staging and testing • Equipment Installation • Standardized Equipment • Public Access Networks

  38. Security PoliciesDesign and Implementation • Security Policies • Design and Implementation • Interoperability • Intrusion Monitoring • Layering • Segmentation • Authentication & Encryption • Role Based Access Control

  39. Security PoliciesDesign and Implementation • Security Policies • Design and Implementation • Interoperability • Check Before Purchasing • Intrusion Monitoring • Layering • OSI Layers • Layer 2 (Data Link) • WEP • 802.1x/EAP • Enterprise Encryption Gateways • Layer 2 Tunneling Protocol (L2TP) • Layer 3 (Network) • Point-to-Point Tunneling Protocol (PPTP) • IP Security (IPSec) • Layer 7 (Application) • Secure Shell (SSH) • Secure Shell v2 (SSH2) • Microsoft Active Directory (AD)

  40. Security PoliciesDesign and Implementation • Security Policies • Design and Implementation • Segmentation & VLANs • Firewalls • Gateways • Routers • Layer 3 Switch • VPN Concentrator • SSH2 Server • Authentication & Encryption • Who Can Access • How the Data is Protected • Role Based Access Control • Feature of Some Wireless Gateways • Assign Access Based on Roles

  41. Security PoliciesPhysical Security and Social Engineering • Security Policies • Physical Security and Social Engineering • Physical Security • Rogue Access Point • Ad Hoc Networks • RF Jamming & Data Flooding • Hardware Placement & Security • Social Engineering • Response Procedures

  42. Authentication

  43. Objectives • Authentication • Overview • Credentials • 802.1X Framework • Extensible Authentication Protocol (EAP) • Authentication Server Types

  44. Authentication • Authentication • Overview • Advanced Authentication Systems • Credentials • Protection • Storage • Access Methods

  45. Authentication • Authentication • 802.1X Framework • Advantages • Mutual Authentication • Port-based Control • 802.1X/EAP • Extensible Authentication Protocol (EAP) • EAP Types • Supplicant Authenticator Authentication Server • 802.1X/EAP/EAPOL RADIUS

  46. Authentication • Authentication • Authentication Servers • RADIUS (Remote Access Dial-In User Service) • Authentication, Authorization, & Accounting • RADIUS Server Features • KERBEROS (three headed dog) • Key distribution Center • Authentication Service • Ticket Granting Service • LDAP (Lightweight Directory Access Protocol) • Small records of information in hierarchical structure

  47. Encryption

  48. EncryptionEncryption Algorithms • Encryption • Encryption Algorithms • RC4 • Data Encryption Standard (DES) • Triple DES (3DES) • Advanced Encryption Standard (AES)

  49. EncryptionEncryption Algorithms • Encryption • Encryption Algorithms • RC4 • Used in many security protocols (WEP, WPA (TKIP), SSL/TLS) • 64, 128, 256 bits • Data Encryption Standard (DES) • 64-bit • SSH, IPSec

  50. EncryptionEncryption Algorithms • Encryption • Encryption Algorithms • Triple DES (3DES) • Three-Key Mode • 192 bits • SSL/TLS, SSH, IPSec • Two-Key Mode • 128 bits • SSL/TLS, SSH, IPSec • Advanced Encryption Standard (AES) • 128, 192, 256 bits • 802.11i – CCMP, SSH, PGP

More Related