wireless networking n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Wireless Networking PowerPoint Presentation
Download Presentation
Wireless Networking

Loading in 2 Seconds...

play fullscreen
1 / 31

Wireless Networking - PowerPoint PPT Presentation


  • 158 Views
  • Uploaded on

Wireless Networking. Outline. Wireless Network Communications Background Security Issues WEP / WPA. Hardening Wireless Local Area Networks (WLAN). By 2007, >98% of all notebooks will be wireless-enabled Serious security vulnerabilities have also been created by wireless data technology:

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Wireless Networking' - germane-nieves


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
outline
Outline

Wireless Network Communications

Background

Security Issues

WEP / WPA

hardening wireless local area networks wlan
Hardening Wireless Local Area Networks (WLAN)

By 2007, >98% of all notebooks will be wireless-enabled

Serious security vulnerabilities have also been created by wireless data technology:

Unauthorized users can access the wireless signal from outside a building and connect to the network

Attackers can capture and view transmitted data

Employees in the office can install personal wireless equipment and defeat perimeter security measures

Attackers can crack wireless security with kiddie scripts

ieee 802 11 standards
IEEE 802.11 Standards

A WLAN shares same characteristics as a standard data-based LAN with the exception that network devices do not use cables to connect to the network

RF is used to send and receive packets

In September 1999, a new 802.11b High Rate was amended to the 802.11 standard. It added two higher speeds, 5.5 and 11 Mbps to original speeds of 1, 2 Mbps

Communications distance varies with bandwidth to a maximum range of up to 300 ft.

With faster data rates, 802.11b quickly became the standard for WLANs

ieee 802 11 standards1
IEEE 802.11 Standards

At same time, the 802.11a standard was released

802.11a has a maximum rated speed of 54 Mbps and also supports 48, 36, 24, 18, 12, 9, and 6 Mbps transmissions at 5 GHz

802.11g added in 2003. It adds transmission rates of 18, 36, and 54 Mbps to the rates available under 802.11b.

802.11n draft product in 2007, standardized in 2009. Added rates up to 600 mbps

data rates range
Data Rates / Range

802.11b

1 Mbps / 90+ m.

2 Mbps / 75 m.

5.5 Mbps / 60 m.

11 Mbps / 50 m.

802.11g

All of 802.11b

18 Mbps / 50 m.

36 Mbps / 35 m.

54 Mbps / 20 m.

802.11n – per stream

(4 streams max)

20 MHz band

7.2, 14.4 … 72.2 Mbps

40 MHz band

15, 30 … 150 Mbps

“Twice the distance of 802.11g”

Typical configurations 2 transmit / receive streams

Can transmit on 2.4 or 5 GHz

wlan components
WLAN Components

Each network device must have a wireless network interface card installed

Wireless NICs are available in a variety of formats:

Type II PC card – Mini PCI

CompactFlash (CF) card – USB device

USB stick

wlan components cont
WLAN Components (cont)

An access point (AP) consists of three major parts:

An antenna and a radio transmitter/receiver to send and receive signals

An RJ-45 wired network interface that allows it to connect by cable to a standard wired network

Special bridging software

basic wlan security
Basic WLAN Security

Two areas:

Basic WLAN security

Enterprise WLAN security

Basic WLAN security uses two new wireless tools and one tool from the wired world:

Service Set Identifier (SSID) beaconing

MAC address filtering

Wired Equivalent Privacy (WEP)

service set identifier ssid beaconing
Service Set Identifier (SSID) Beaconing

A service set is a technical term used to describe a WLAN network

Three types of service sets:

Independent Basic Service Set (IBSS)

Basic Service Set (BSS)

Extended Service Set (ESS)

Each WLAN is given a unique SSID

mac address filtering
MAC Address Filtering

Another way to harden a WLAN is to filter MAC addresses

The MAC address of approved wireless devices is entered on the AP

A MAC address can be spoofed

When wireless device and AP first exchange packets, the MAC address of the wireless device is sent in plaintext, allowing an attacker with a sniffer to see the MAC address of an approved device

wired equivalent privacy wep
Wired Equivalent Privacy (WEP)

Optional configuration for WLANs that encrypts packets during transmission to prevent attackers from viewing their contents

Uses shared keys―the same key for encryption and decryption must be installed on the AP, as well as each wireless device

Keys:

40 bit (5 byte) key + 24 bit IV = 64 bits

104 bit (13 byte) key + 24 bit IV = 128 bit

No data integrity function

wep shared key authentication
WEP - Shared Key Authentication

Access Point

Client

Authentication

Request

Challenge

Text

Encrypt

Challenge

w/key

Compare

Authentication

Frame

wep encryption

IV

Ciphertext

WEP Encryption

1

Text

CRC

=

Text

ICV

2

Secret Key

PRNG

=

Keystream

IV

+

3

4

XOR

5

ICV = Integrity Check Value

IV = initialization Vector

wep frame layout
WEP Frame layout

encrypted

IV

Data >=1

ICV

4 bytes

Inititialization Vector

Key ID

3 bytes

1 byte

ICV = Integrity check value (CRC)

wep weaknesses
WEP Weaknesses
  • IV sent as cleartext. Since key never changes, once we know two packets share the same IV, we know their keys are identical
    • XOR the two ciphertext messages
    • XOR of plaintext will have same value as XOR of ciphertext!
    • We will know some of the transmitted data
      • ARP requests
      • DNS
      • Etc.
untrusted network
Untrusted Network

The basic WLAN security of SSID beaconing, MAC address filtering, and WEP encryption is not secure enough for an organization to use

One approach to securing a WLAN is to treat it as an untrusted and unsecure network

Requires that the WLAN be placed outside the secure perimeter of the trusted network

trusted network
Trusted Network

It is still possible to provide security for a WLAN and treat it as a trusted network

Wi-Fi Protected Access (WPA)

Developed by WECA in 2002 as interim solution

Intended to be a software upgrade for WEP (use RC4)

WPA-2 – 802.11 standard

Has two Domains:

Personal Wireless Security

Enterprise Wireless Security

personal wireless security wpa 1
Personal Wireless SecurityWPA -1
  • Authentication – Based on Pre-Shared Key
  • Encryption – Temporal Key Integrity Protocol
    • Mixes IV and Extended IV with secret key
    • EIV includes sequence counter
    • Adds 8 byte Message Integrity Check
    • Uses RC4 as encryption mechanism
    • Includes ICV for backward compatibility

encrypted

MAC h.

IV

EIV

Data >=1

MIC

ICV

FCS

personal wireless security wpa 2
Personal Wireless SecurityWPA -2
  • Authentication – Based on Pre-Shared Key
  • Encryption – AES – CCMP
    • Counter mode-CBC MAC Protocol
    • Mixes IV and Extended IV with secret key
    • EIV includes sequence counter
    • Adds Message Integrity Check
    • Uses AES as encryption mechanism

encrypted

MAC h.

IV

EIV

Data >=1

MIC

FCS

enterprise wireless security
Enterprise Wireless Security

Network supporting the 802.1x protocol consists of three elements:

Supplicant: client device, such as a desktop computer or personal digital assistant (PDA), which requires secure network access

Authenticator: serves as an intermediary device between supplicant and authentication server

Authentication server: receives request from supplicant through authenticator

enterprise authentication
Enterprise Authentication
  • Extensible Authentication Protocol
    • Used to pass information from supplicant to AS

WN

AP

AS

Security Capabilities Discovery

Authentication

Key management

Key Distribution

Data protection

ieee 802 1x cont
IEEE 802.1x (cont)

Several variations of EAP can be used with 802.1x:

EAP-Transport Layer Security (EAP-TLS)

Lightweight EAP (LEAP)

EAP-Tunneled TLS (EAP-TTLS)

Protected EAP (PEAP)

Flexible Authentication via Secure Tunneling (FAST)

enterprise wireless security1
Enterprise Wireless Security
  • Data Encryption – WPA 1
    • TKIP
  • Data Encryption – WPA 2
    • AES - CCMP
wireless security summary
Wireless Security Summary

Broadcast nature of Wireless LAN makes communication more vulnerable than wired networks

Several mechanisms can be used to limit access

Encryption used to protect data transmission (and access).

references
References:

Wireless Security

802.1x - tldp.org/HOWTO/802.1X-HOWTO

IPSec – tldp.org/IPSec-HOWTO

summary
Summary

Wireless Network Communications

Background

Security Issues

WEP / WPA