18
Wireless Network

Wireless v3.0

Embed Size (px)

DESCRIPTION

Wireless v3.0

Citation preview

Page 1: Wireless v3.0

Wireless Network

Page 2: Wireless v3.0

SSID(Service

Set Identifier)

List of SSIDs

Page 3: Wireless v3.0

Security Risks in Wireless Security Risks in Wireless (in any type of wireless communication)(in any type of wireless communication)

Attackers could bypass the firewalls

Short message service (SMS)spamming (ex:- in Mobile communication)

Malicious downloadable code or content (ex:- to Android devices)

Weak Encryption key or non encryption exist at all in wireless communication

Turning on wireless encryption does not mean data is protected end-to-end because the Wired portion of the traffic may still travel in the clear (unencrypted)

Page 4: Wireless v3.0

Wireless (802.11) SecurityWireless (802.11) Security

Page 5: Wireless v3.0

Security Problems of 802.11 Security Problems of 802.11 (wireless)(wireless)Misconfiguration SecurityMisconfiguration Security

• no encryption usedno encryption used• weak (guessable) password used to generate keyweak (guessable) password used to generate key• weak protection of encryption key on client machineweak protection of encryption key on client machine• weak protection of management interface for access pointweak protection of management interface for access point

Physically insecure locationsPhysically insecure locations

Access points should not be placed where they are easily Access points should not be placed where they are easily accessible because they can be accessed, removed and accessible because they can be accessed, removed and tampered with (configurations copied or altered and then tampered with (configurations copied or altered and then returned).returned).

Rogue access pointsRogue access points

These may be illegal access points brought in to the enterprise These may be illegal access points brought in to the enterprise by employees, or poor access point setup by the untrained by employees, or poor access point setup by the untrained employee described above.employee described above.

Page 6: Wireless v3.0

Security Problems of 802.11Security Problems of 802.11Client-to-client attacks (in ad hoc mode)wireless ad-hoc connections are implemented with very little security; no wireless ad-hoc connections are implemented with very little security; no authentication, no access control, no encryption. There represents a authentication, no access control, no encryption. There represents a security risk even between authorized devices, as well as to the client security risk even between authorized devices, as well as to the client itself, data being transferred, and any clients or networks that are itself, data being transferred, and any clients or networks that are connected to it.connected to it.

War drivingActually refers to hackers driving from place to place attempting to find Actually refers to hackers driving from place to place attempting to find wireless connections to which they can connectwireless connections to which they can connect.

Easy to eavesdrop (interception and monitoring)Because Wireless uses the airwaves, it is easy to listen in on network traffic or even connect to a network. Thus Interception and monitoring of wireless traffic is possible. (packet analyzer software freely available)

Theft of servicesConcerns about 'wireless theft' , that is, unauthorized use of a wireless services such as internet connection by unauthorized users or clients by directly accessing the access point and bypass the firewall

Page 7: Wireless v3.0

Security Problems of 802.11Security Problems of 802.11WIFI Jamming (Wi-Fi is aimed at use within unlicensed spectrum)Blocking the wifi signal frequency with overlapping signals to generate a Denial of service situation

Denial or degradation of serviceAttackers sending or flooding bogus packets continuously or by continues association / authentication requests to keep the system busy

Page 8: Wireless v3.0

Establishing Security in WirelessEstablishing Security in Wireless

1. WEP (802.11b)

2. 802.1x3. WPA4. WPA2

(802.11i)

Page 9: Wireless v3.0

Security in WirelessSecurity in Wireless

WEP was an early attempt to secure wireless WEP was an early attempt to secure wireless networks, and better security is now available because networks, and better security is now available because it is an easily broken security algorithm it is an easily broken security algorithm

WEP: Wired Equivalent Privacy (802.11b)

WEP isWEP is•open: just supply correct SSID to connectopen: just supply correct SSID to connect•Uses a shared keyUses a shared key• Without WEP, no confidentiality, integrity, or Without WEP, no confidentiality, integrity, or

authentication of user dataauthentication of user data

• The cipher used in WEP The cipher used in WEP is RC4is RC4, key length ranges from , key length ranges from 40 up to 128 bits40 up to 128 bits

Page 10: Wireless v3.0

WEP OperationWEP OperationIV

RC4

key

IV encrypted packet

original unencrypted packet checksum

The IV is often a counter that starts at zero Hence, rebooting causes IV reuse Also, there are only 16 million possible IV’s, so after

intercepting enough packets, there are sure to be repeats

Reuse of the same IV produces identical key streams

Page 11: Wireless v3.0

WEP: Security IssuesSecurity in WirelessSecurity in Wireless

Key is Key is sharedshared by all clients and the base station by all clients and the base station• Therefore compromising one node compromises the entire Therefore compromising one node compromises the entire

networknetwork

Manual key distributionManual key distribution among clients among clients • thus making changes to the key difficultthus making changes to the key difficult

Initialization Vector (IV) used during encryption is Initialization Vector (IV) used during encryption is only 24 only 24 bitsbits long long

How to crack information: find packets with duplicate How to crack information: find packets with duplicate public IVspublic IVs• repetition of IV guaranteed on busy networks due to small IV repetition of IV guaranteed on busy networks due to small IV

space space

Tools: Tools: WEPCrackWEPCrack, , AirSnortAirSnort• 15 minutes to 24 hours to collect enough packets15 minutes to 24 hours to collect enough packets

Page 12: Wireless v3.0

Improvement (to WEP) #1: Improvement (to WEP) #1: 802.1x802.1x Port-based user authentication and key distributionPort-based user authentication and key distribution This control feature lets administrators control who can send traffic through and receive traffic from the This control feature lets administrators control who can send traffic through and receive traffic from the

network (individual switch ports). It does not allow a node to send or receive traffic through a port until the network (individual switch ports). It does not allow a node to send or receive traffic through a port until the user of the node has by authenticated (user name / password)by a RADIUS server. user of the node has by authenticated (user name / password)by a RADIUS server.

Security in WirelessSecurity in Wireless

Page 13: Wireless v3.0

Security in WirelessSecurity in Wireless

Improvement #2: Improvement #2: WPAWPA (Wi-Fi Protected Access)(Wi-Fi Protected Access)

Incorporates 802.1X security Incorporates 802.1X security Use of TKIP (Temporal Key Integrity Protocol) Use of TKIP (Temporal Key Integrity Protocol) AdvantagesAdvantages

• stronger, centralized user authenticationstronger, centralized user authentication• automatically negotiated per-user keys with frequent key automatically negotiated per-user keys with frequent key

updatesupdates• stronger encryption algorithm choicesstronger encryption algorithm choices

Page 14: Wireless v3.0

Security in WirelessSecurity in Wireless

TKIP implements a complex key mixing function that TKIP implements a complex key mixing function that combines the secret key with the initialization vector before combines the secret key with the initialization vector before passing it to the RC4. (WEP, in comparison, merely XOR the passing it to the RC4. (WEP, in comparison, merely XOR the initialization vector with the root key before passing it to the initialization vector with the root key before passing it to the RC4)RC4)

WPA implements a sequence counter to protect against replay WPA implements a sequence counter to protect against replay attacks. Packets received out of order will be rejected. attacks. Packets received out of order will be rejected.

TKIP implements a 64-bit Message Integrity Check TKIP implements a 64-bit Message Integrity Check Extension of IV to 48 bitsExtension of IV to 48 bits TKIP ensures that every data packet is sent with a unique TKIP ensures that every data packet is sent with a unique

encryption key (reduces frequent key change requirement)encryption key (reduces frequent key change requirement)

Features of TKIP Features of TKIP (Temporal Key Integrity Protocol)(Temporal Key Integrity Protocol)

Page 15: Wireless v3.0

Security in WirelessSecurity in Wireless

AES is the primary encryption algorithm with AES is the primary encryption algorithm with block chaining modeblock chaining mode

802.11i is also called 802.11i is also called WPA2WPA2..

Improvement #3: Improvement #3: 802.11i (WPA2)802.11i (WPA2)

Page 16: Wireless v3.0

Recommendations for WLAN SecurityRecommendations for WLAN Security WEP - WEP - Poor – do not usePoor – do not use WPA – WPA – fair (but not recommended now)fair (but not recommended now) WPA2 (802.11i) -WPA2 (802.11i) -RecommendedRecommended

Security in WirelessSecurity in Wireless

Page 17: Wireless v3.0

Wireless Security RecommendationsWireless Security Recommendations1.1. Hide Hide SSIDSSID

2.2. EnableEnable MAC filtering MAC filtering

3.3. Change default passwords Change default passwords of Access points and other wireless devicesof Access points and other wireless devices

4.4. Configure the wireless system to use Configure the wireless system to use "strong" passwords"strong" passwords

5.5. limit the number of limit the number of unsuccessful login attempts unsuccessful login attempts to the wireless networkto the wireless network

6.6. Use centralized user authentication (Use centralized user authentication (RADIUSRADIUS) to configure the access ) to configure the access pointpoint

7.7. Disable ad hocDisable ad hoc mode mode • Because wireless ad-hoc mode invites access by unauthorized nodes Because wireless ad-hoc mode invites access by unauthorized nodes

to your computerto your computer

8.8. Be informedBe informed about risks and threats about risks and threats

9.9. Carry out regular Carry out regular security auditssecurity audits and penetration assessments on the and penetration assessments on the wireless networkwireless network

Page 18: Wireless v3.0

Security Through Other MeansSecurity Through Other Means Use Use firewallsfirewalls to isolate wireless traffic from to isolate wireless traffic from

wired networkwired network Use Use intrusion detectionintrusion detection to detect attacks on to detect attacks on

wireless networks (like IDS)wireless networks (like IDS) Use Use IPSec / VPNsIPSec / VPNs to protect traffic at IP layer to protect traffic at IP layer Use Use TLS (SSL)TLS (SSL) to protect traffic at to protect traffic at

application layerapplication layer


Cours Contreventement V3.0

Cours Contreventement V3.0

Documents
Stageverslag v3.0

Stageverslag v3.0

Documents
Webseiten dokumentation v3.0

Webseiten dokumentation v3.0

Technology
Manual W7410 v3.0

Manual W7410 v3.0

Documents
3G2055 v3.0

3G2055 v3.0

Documents
LTG Flysheet v3.0

LTG Flysheet v3.0

Business
Kabini V3.0

Kabini V3.0

Documents
HAL v3.0 formation_administrateur_6_novembre_2014

HAL v3.0 formation_administrateur_6_novembre_2014

Science
Hdsd Calc v3.0

Hdsd Calc v3.0

Documents
Manual Msx88 v3.0

Manual Msx88 v3.0

Documents
Praktijkboek V3.0

Praktijkboek V3.0

Documents
HEGOSLAB introduction v3.0

HEGOSLAB introduction v3.0

Documents
ManualUsuario SAECO v3.0

ManualUsuario SAECO v3.0

Documents
Allware V3.0 ABE

Allware V3.0 ABE

Technology
RES-ADMISION v3.0

RES-ADMISION v3.0

Documents
회사소개서 휴빌론 V3.0

회사소개서 휴빌론 V3.0

Business
V3.0 introduction

V3.0 introduction

Documents
Diapositiva Itil V3.0

Diapositiva Itil V3.0

Documents
MT50II1 V3.0

MT50II1 V3.0

Documents
Pdd Focsani v3.0

Pdd Focsani v3.0

Documents
TecHelp - Presentación V3.0

TecHelp - Presentación V3.0

Documents
Paladin_guide_Panzar_by_JanDeApT-Full v3.0

Paladin_guide_Panzar_by_JanDeApT-Full v3.0

Documents
Diapo milgram v3.0

Diapo milgram v3.0

Documents
Processing workshop v3.0

Processing workshop v3.0

Education
Tutorial Decoder v3.0

Tutorial Decoder v3.0

Documents
Informe_Idea2 - V3.0

Informe_Idea2 - V3.0

Documents
Digitalisaatiosta v3.0

Digitalisaatiosta v3.0

Leadership & Management
Grupo #2 V3.0

Grupo #2 V3.0

Documents
Calidad 005 v3.0

Calidad 005 v3.0

Documents
Twitter Periodistas v3.0

Twitter Periodistas v3.0

Documents