Wireless Network Security Position Paper - Technical

Size: px
Start display at page:

Download "Wireless Network Security Position Paper - Technical"

Transcription

1 Wireless Network Security Position Paper - Technical Management, Operational and Technical Issues and Recommendations for the Secure Deployment of Wireless Local Area Networks VERSION 1.1 December 2007

2 Acknowledgement This document was written with the assistance of the Department of the Premier and Cabinet.

3 Table of Contents 1. Purpose and Scope Position Statement Target Audience Introduction Overview of Wireless Technologies Wireless Networks Wireless Network Components and Architectural Models Wireless Technologies and Standards IrDA Bluetooth IEEE WLAN WLAN Security Security Objectives Inherent Characteristics Threats Countermeasures Management Countermeasures Operational Countermeasures Technical Countermeasures...18 WLAN Checklist...19 WPAN Checklist Recommendations...21 Recommendation 1 Develop a Strategy...21 Recommendation 2 Develop a Business Case...21 Recommendation 3 Develop Policies and Ensure Compliance...21 Recommendation 4 Monitor for Wireless Devices...21 Recommendation 5 Use only Best Practice WLAN Mode Conclusion Appendix A IEEE802.11i Security Technical Discussion Pre-IEEE i Security Service Set Identifier (SSID) Media Access Control (MAC) Address Filters Wired Equivalent Privacy (WEP) IEEE i Security Appendix B Acronyms and Abbreviations Appendix C Glossary of Terms Appendix D References...31

4 1. Purpose and Scope The purposes of this paper are to raise awareness of security risks posed by wireless computer networks, and to provide agencies with guidance for establishing secure wireless networks. This paper includes suggested management, operational and technical countermeasures to help mitigate security risks specific to wireless computing technologies. A previous paper, Securing Wireless Technologies a Discussion Paper 1, was developed in October 2002 and updated and re-released in September 2006 to raise awareness of the security issues associated with wireless networks. This more comprehensive paper, and a higher-level Wireless Network Security Position Paper Overview for CEOs, have been developed in response to the Auditor General's Second Public Sector Performance Report 2007, Report 3 April This paper provides some general information on wireless networks and wireless network security. It provides specific information for Wireless Local Area Networks (WLANs) using the standard Institute of Electrical and Electronics Engineers (IEEE) Other wireless technologies are outside the scope of this paper, however for completeness some general information is also provided on IrDA and Bluetooth. Recommendations for using external networks, such as public Internet access points ( hot spots ), are also outside the scope of this paper. 1 Department of Finance 4

5 2. Position Statement Key findings of the Auditor General's Second Public Sector Performance Report 2007, Report 3 April 2007 show serious weaknesses at the strategic, policy and operational levels in almost all agencies audited that had deployed wireless networks. Premier s Circular 2004/09 (Computer Information and Internet Security) noted that on 20 January 2003, Cabinet directed that the Chief Executive Officer of each agency is responsible for ensuring their agency implements an appropriate level of information and Internet security. Agencies should consider and implement the recommendations laid out in this paper for new or existing wireless networks. Department of Finance 5

6 3. Target Audience This paper covers details specific to wireless technologies and solutions. This paper is technical in nature; however it provides the necessary background (and other reference material) to understand the topics that are discussed. The following list highlights how different people might use this paper: Managers who are planning to employ wireless networked computing devices in their agencies Systems engineers and architects who design and implement wireless networks System and network administrators who administer, patch, secure or upgrade wireless networks Auditors, security consultants, and others who perform security assessments of wireless environments Researchers and analysts who are trying to understand the underlying wireless technologies This paper assumes that the readers have at least some operating system, networking, and security expertise. Because of the constantly changing nature of the wireless security industry and the threats and vulnerabilities to these technologies, readers are strongly encouraged to take advantage of other resources (including those listed in this paper) for more current and detailed information. Department of Finance 6

7 4. Introduction Traditional wired networks use cables to transfer information, and these are protected by physical controls, such as buildings, that enclose them. To gain unauthorised access to a wired network, you must bypass the physical security of the building or breach network perimeter security devices, such as firewalls. While wireless networks are exposed to many of the same risks as wired networks, they are also vulnerable to additional risks. Wireless networks transmit data through the air using radio frequencies. These wireless signals can travel through the walls, ceilings and windows of buildings up to hundreds of metres outside of the building walls, and are accessible by anyone in range thus providing a network access point that is beyond the physical security controls of the wired network. Once they have accessed systems, intruders can launch denial of service attacks, steal identities, violate the privacy of legitimate users, insert viruses or malicious code, and disable operations. Sensitive information that is transmitted between two wireless devices can be intercepted and disclosed if not protected by strong encryption. Despite the additional security risks to networks, the use of wireless devices and WLANs is growing rapidly. Many devices today such as laptops are now wireless enabled by default. Wireless communications give great flexibility in information delivery and in responding to changes in ICT infrastructure needs. Wireless connectivity also creates new security risks that agencies need to understand and factor into their business decisions. A particular danger with wireless technologies highlighted by the Auditor General is that they can be easily procured and installed without the knowledge of management. As well, laptops connected to the wired network with the wireless card enabled pose an ongoing risk to agencies networks. Department of Finance 7

8 5. Overview of Wireless Technologies 5.1 Wireless Networks Wireless networks allow devices to be moved about with varying degrees of freedom and still maintain communication with each other. They also offer greater flexibility than cabled networks and significantly reduce the time and resources needed to set up new networks and allow for ad hoc networks to be easily created, modified or torn down. There are many forms of wireless networks. One way of categorizing wireless networks is to consider the relative range and complexity of each type of network. For example: Wireless Personal Area Network (WPAN) a small-scale wireless network that requires little or no infrastructure and operates within a short range. A WPAN is typically used by a few devices in a single room instead of connecting the devices with cables. Examples include print services or enabling a wireless keyboard or mouse to communicate with a computer. Section 5.3 contains additional information on technologies used to deploy WPANs. Wireless Local Area Networks (WLANs) are groups of wireless networking nodes within a limited geographic area, such as an office building or campus, that are capable of radio communications. WLANs are usually implemented as extensions to existing wired local area networks to provide enhanced user mobility. Section 5.3 contains additional information on technologies used to deploy WLANs. Wireless Metropolitan Area Networks (WMANs) can provide connectivity to users located in multiple facilities generally within a few miles of each other. Many WMAN implementations provide wireless broadband access to customers in metropolitan areas. Details of WMAN technologies and security are outside the scope of this paper. Wireless Wide Area Networks (WWANs) connect individuals and devices over large geographic areas. WWANs are typically used for mobile voice and data communications, as well as satellite communications. Details of WWAN technologies and security are outside the scope of this paper. Department of Finance 8

9 5.2 Wireless Network Components and Architectural Models IEEE has two fundamental architectural components, as follows: Station (STA). A STA is a wireless endpoint device, also called a client device. STAs enable end users to gain access and utilize resources provided by wireless networks. Examples include laptop computers, personal digital assistants, mobile phones and other consumer electronic devices with IEEE capabilities. Access Point (AP). An AP logically connects STAs with a distribution system (DS), which is typically an organisation's wired network. APs can also logically connect wireless STA with each other without accessing a distribution system. Wireless APs provide users with a mobile capability by allowing users to freely move within an APs coverage area while maintaining connectivity between the user's client device and the AP. APs can also be linked together using wired infrastructure to allow users to "roam" between APs within a building or campus. The IEEE standard also defines the following two WLAN design structures or configurations, as follows: Ad Hoc Mode. The ad hoc mode does not use APs. Ad hoc mode is sometimes referred to as infrastructureless because only peer-to-peer STAs are involved in the communications. This mode of operation is possible when two or more STAs are able to communicate directly to one another. Examples are laptops, mobile phones, PDAs, printers and scanners being able to communicate with each other without an AP. One of the key advantages of ad hoc WLANs is that theoretically they can be formed any time and anywhere, allowing multiple users to create wireless connections cheaply, quickly, and easily with minimal hardware and user maintenance. However, an ad hoc WLAN cannot communicate with external networks. A further complication is that an ad hoc network can interfere with the operation of an AP-based infrastructure mode network that exists within the same wireless space. Infrastructure Mode. In infrastructure mode, an AP logically connects STAs to each other or to a distribution system (DS), which is typically an organisation's wired network. The DS is the means by which STAs can communicate with the organisation's wired LANs and external networks such as the Internet. Infrastructure mode is the most commonly used mode for WLANs. Department of Finance 9

10 5.3 Wireless Technologies and Standards Wireless computer networks are generally based on infrared, radio or microwave transmissions using various protocol suites. The most common of these are: Infrared Data Association (IrDA); Bluetooth; and IEEE standard for Wireless Local Area Networks (WLANs). The focus of this paper is IEEE , however for completeness some general information is also provided on IrDA and Bluetooth IrDA IrDa infrared links typically establish single point-to-point connections at close range up to at least 1 metre to form a wireless Personal Area Network (WPAN). Examples include IrDA connections between two laptop devices or between a PDA and a printer or a mobile phone, where these devices are IrDA capable. IrDA is principally a line-of-sight transmission technology. It has no link level security and anyone within the unobstructed maximum 30 beam can monitor the transmission, including outside glass doors and windows and reflections from surfaces in rooms and vehicles Bluetooth Bluetooth is a short-range (approximately 10 metres), low bandwidth wireless technology designed to establish a wireless Personal Area Network (WPAN). The Bluetooth specification led to the development of the IEEE standard. It allows up to eight devices to connect together into a piconet. Examples include synchronizing a PDA with a computer, providing print services, enabling a wireless keyboard or mouse to communicate with a computer, and allowing mobile telephones wireless headsets and handsfree use in cars. Pairing of Bluetooth devices requires a shared secret or Personal Identification Number (PIN) that is entered manually in each of the devices and not transmitted in the clear. Eavesdropping on an authenticated Bluetooth session is difficult without the PIN. However, if the PIN is known (and 50% of used PINs are '0000') the key can be recovered from the pairing exchanges IEEE WLAN IEEE is the dominant WLAN standard. It was developed by a voluntary industry standards committee, and provides specifications for high-speed networks that support most of today's applications. The IEEE standard specifies 'over-the-air' interface between a wireless client and a base station or access point, as well as among wireless clients. The IEEE standard can be compared to the IEEE standard for Department of Finance 10

11 Ethernet for wired LANs. The IEEE specifications address both the Physical (PHY) and Media Access Control (MAC) layers and are tailored to resolve compatibility issues between manufacturers of WLAN equipment. The reliable coverage range for IEEE WLANs varies significantly depending on several factors, including data rate requirements and capacity, sources of Radio Frequency interference, physical area characteristics, power, connectivity, and antenna usage. The typical range for connectivity is up to approximately 100 metres indoors, with significantly greater ranges achievable outdoors. Increased power output and special high-gain directional antennas can increase the range to several kilometres. The IEEE standard has evolved through a series of amendments, either ratified or proposed, that build on the original standard. IEEE b and anecdotally IEEE802.11g are currently the most widely deployed WLAN technologies. IEEE i, the most recently ratified amendment, was specifically designed to overcome security shortcomings of the standard. This paper does not go into the detail of each of the amendments to the IEEE standard, however the technical security issues of pre- IEEE802.11i implementations and the IEEE802.11i amendment are discussed in some detail in Appendix A. Department of Finance 11

12 6. WLAN Security This section provides a high-level overview of general wireless network security. The information in this section is intended to apply to many types of wireless networks. It first lists the security objectives for wireless networks, the inherent characteristics of wireless technology, and the most common threats against the security objectives. It next discusses countermeasures to mitigate these risks from management, operational and technical perspectives. 6.1 Security Objectives Wireless technologies typically need to support several security objectives, the most common being: Confidentiality ensure that communications cannot be read by unauthorised parties Integrity detect any intentional or unintentional changes to data that occur in transit Availability ensure that devices and individuals can access a network and its resources whenever needed Access Control restrict the rights of devices or individuals to access a network or resources within a network The security objectives for wireless and wired networks are the same, as are the major high-level categories of threats that they face. However, while these objectives are well understood and addressed in the relatively mature wired network environment this has not always been the case in the new and rapidly evolving wireless environment. In itself, deployment of insecure wireless technology poses a new security threat to a connected wired network environment by providing a network access point that bypasses existing security controls and mechanisms in place. As such, the wireless network needs to be secured against both the threats that a connected wired network faces and the threats that are specific to wireless. Department of Finance 12

13 6.2 Inherent Characteristics Wireless communication is inherently insecure because it relies on an open transmission medium making it susceptible to attacks. IEEE WLANs are a broadcast technology, with the signal passing to and from any station (friend or foe) capable of receiving or transmitting it. This is virtually inescapable in day-to-day use, without the assistance of special purpose buildings or environments to contain electromagnetic emissions. These characteristics jeopardize confidentiality by providing information, not only in the content of the signal, the data in the message body and the identity information in the message headers, but in the signal itself, its strength and location. The characteristics of the medium make WLANs highly susceptible to Denial of Service attacks on the availability of the services. Examples are flooding (an attacker sends large numbers of messages at a high rate to prevent the wireless network from processing legitimate traffic), jamming (a device emits electromagnetic energy on the wireless network's frequency to make it unusable), or the easy insertion of unauthenticated management frames to deauthenticate or disassociate a STA from its controlling AP. These latter attacks can be used in isolation or as the initial part of a more sophisticated attack to interrupt communications as a prelude to various masquerading attacks. The lack of inherent confidentiality and weak protection of availability, coupled with the intrinsic ability for easy injection of traffic into the medium by any STA, anywhere, with sufficient transmitting power and appropriate antennae, also threatens WLAN information integrity. Hostile STAs may masquerade as legitimate STAs to an AP or as the legitimate AP to an unsuspecting STA or even both at the same time as in a man-in-the-middle attack, completely controlling the communications between the legitimate STA and AP. Department of Finance 13

14 6.3 Threats Most threats against wireless networks involve an attacker with access to the radio link between wireless devices. Several of the threats listed below rely on an attacker's ability to intercept and inject network communications. This highlights the most significant difference between protecting wireless and wired networks: the relative ease of intercepting wireless network transmissions and inserting new or altered transmissions from what is presumed as the authentic source. For a wired network, an attacker would have to gain physical access to the network or remotely compromise systems on the network: for a wireless network, an attacker simply needs to be within range of the wireless transmissions, making eavesdropping a particularly prevalent threat. Another common threat against wireless networks is the deployment of rogue wireless devices. For example, an attacker could deploy a device, most likely a rogue AP that has been configured to appear as part of an organisation's wireless network infrastructure. This provides a back door into the wired network, bypassing perimeter security mechanisms, such as firewalls. Additionally, if clients inadvertently connect to the rogue device, the attacker can view and manipulate the clients' communications. Attacks on wireless networks, either passive or active, are essentially on confidentiality, integrity and network availability. Attacks Passive Active Eavesdropping Traffic Masquerade Replay Analysis Message Modification Denial of Service Department of Finance 14

15 Passive Attack - An attack in which an unauthorised party gains access to an asset and does not modify its content. Eavesdropping - The attacker monitors transmissions for message content. An example of this attack is a person listening into the transmissions on a LAN between two workstations or tuning into transmissions between a wireless handset and a base station. Traffic Analysis. - The attacker, in a more subtle way, gains intelligence by monitoring the transmissions for patterns of communication. A considerable amount of information is contained in the flow of messages between communicating parties. Active Attack - An attack whereby an unauthorised party makes modifications to a message, data stream, or file. It is possible for these attacks to be detected but they may not always be preventable. Active attacks may take the form of one of four types (or combination thereof) listed below. Masquerading - The attacker impersonates an authorised user and thereby gains certain unauthorised privileges. Replay - The attacker monitors transmissions (passive attack) and retransmits messages as the legitimate user. Message Modification - The attacker alters a legitimate message by deleting, adding to, changing, or reordering it. Denial of Service - The attacker prevents or prohibits the normal use or management of communication facilities. 6.4 Countermeasures Organisations can mitigate risks to WLANs by applying countermeasures to address specific threats and vulnerabilities. Countermeasures at the management, operational and technical levels can be effective in reducing the risks commonly associated with WLANs Management Countermeasures In light of the security issues, any deployment of wireless technology on an agency's computing network must be subject to usual risk management processes and underpinned by a sound business case as to why this technology should be used. The cornerstone of an effective WLAN security strategy involves documenting, deploying and enforcing WLAN security policies and practices. Department of Finance 15

16 A security policy, and compliance therewith, is the foundation on which other operational and technical countermeasures are rationalised and implemented. A WLAN security policy should include the following: Centralise the management of Access Points so that each Access Point must authenticate to the controller before it is allowed onto the network Identify who may use WLAN technology in an agency Identify whether Internet access is required Describe who can install and configure access points and other wireless equipment Provide limitations on the location and physical security for access points Describe the type (and classification)of information that may be sent over the wireless links Describe conditions under which wireless devices are allowed to be used and operated Define standard security settings for access points Describe limitations on how the wireless device may be used, such as location Prohibit laptops connecting into the wired network if their wireless card is enabled Describe the hardware and software configuration of all wireless devices Provide guidelines on reporting losses of wireless devices and security incidents Provide guidelines for the protection of wireless clients to minimize/reduce theft Provide guidelines on the use of encryption and key management Define the frequency and scope of security assessments to include rogue wireless equipment discovery, and Use channel hopping Access Points to detect and triangulate rogue Access Points. Department of Finance 16

17 Organisations should ensure that all critical personnel are properly trained on the use of wireless technology. Network administrators need to be fully aware of the security risks that WLANs and wireless devices pose. They must work to ensure security policy compliance and to know what steps to take in the event of an attack. Finally, the most important countermeasure is trained and aware users Operational Countermeasures Physical security is a fundamental step for ensuring that only authorised users have access to wireless equipment. Physical security combines such measures as access controls, personnel identification, and external boundary protection. As with facilities housing wired networks, facilities providing wireless network connectivity need physical access controls. For example, photo identification, card badge readers, or biometric devices can be used to minimise the risk of improper physical penetration of facilities. External boundary protection can include locking doors and installing surveillance cameras around the perimeter of a site to discourage unauthorised access to wireless networking components such as wireless APs. Additionally, security mechanisms should be put in place to prevent the theft, alteration or misuse of wireless infrastructure placed throughout an agency. Wired network infrastructure is generally placed within a wiring or network closet, but because APs are dispersed throughout a physical location, each device needs to be locked and secured in an appropriate fashion. It is important to consider the range of each AP that will be deployed as part of a WLAN environment. Design for security: when placing wireless APs for strategic coverage, consider signal bleed into uncontrolled areas where transmissions may be intercepted. If the range extends beyond the physical boundaries of the building's walls, the extension creates a security vulnerability. Agencies should use site survey tools to measure the range of AP devices, both inside and outside of the building where the wireless network is located. Every precaution should be taken to control WLAN signals, including the use of directional antennas to control Radio Frequency (RF) emanations. Directional antennas do not protect network links, they merely help control coverage range by limiting signal dispersion. Site survey tools should also be used determine the best channel to use. Over time other wireless networks may be implemented in the vicinity and if they use the same channel the performance of the wireless signal may be diminished due to co-channel interference. In addition, agencies should use wireless security assessment tools (e.g. vulnerability assessment) and regularly conduct scheduled audits. Department of Finance 17

18 6.4.3 Technical Countermeasures Technical countermeasures involve the use of hardware and software solutions to help secure the wireless environment. Software countermeasures include proper Access Point configurations (i.e. the operational and security settings on an AP), software patches and upgrades, authentication, intrusion detection systems, personal firewalls for wireless devices, and encryption. Hardware solutions include smart cards, virtual private networks (VPNs), public key infrastructure (PKI), a separate switching infrastructure for the wireless network (separating it from a wired network), and biometrics. It should be noted that hardware solutions, which generally have software components, are listed simply as hardware solutions. Additionally, due to the mobile nature of wireless networks, hard disk encryption is also highly recommended. Department of Finance 18

19 WLAN Checklist Here are some suggestions that might prevent hackers compromising your WLAN. This is a suggested checklist only, and mainly covers design, usage and configuration for WLAN devices. It does not cover other more technically detailed areas such as cryptographic protection or user authorisation features of IEEE Agencies should have their own checklist tailored to their business needs. Design for security: when placing wireless APs for strategic coverage, consider signal bleed into uncontrolled areas where transmissions may be intercepted. Survey your site for other wireless networks in the vicinity using the same channel that may cause co-channel interference. Segment the AP wired portion of your network on to a separate VLAN this allows you to separate this traffic and may lessen the access that a hacker gets to your LAN. Routing protocols should be filtered to the APs this can eliminate network injection attacks. Secure all user accounts with complex hard to guess passwords. Monitor your network traffic. Deny by default, and only allow specific IP ranges. Audit your authorised wireless networks, and proactively look for rogue wireless networks. Audit your wired networks for connected devices with wireless enabled. Use WPA2 in WPA2 Only Mode. Change the default SSID name to something that can't be easily guessed and that does not identify your network. Default SSIDs alert hackers to vulnerable WLANs. Disable the SSID broadcast option where the AP constantly broadcasts its SSID as a beacon in search of stations with which to connect. By turning this default feature off, stations must know the SSID in order to connect to the AP. Change any default passwords on wireless devices. Default passwords are set by the manufacturer and are known by hackers. By changing your passwords you can prevent hackers from going in and changing your network settings. Enable MAC address filtering. Disable laptop file and print sharing disabling this can further limit a hacker's ability to steal data or commandeer resources. Department of Finance 19

20 Protect wireless device personal firewalls can protect individual devices from attacks launched via the wireless connection or from the Internet. Control the reset function. A specific type of reset such as a power surge or power failure may restart the AP in the default factory settings that do not include encryption, authentication, or other security measures with which they were configured. Disable wireless by default on all client devices. Patch and upgrade regularly to ensure new vulnerabilities are corrected quickly. Ensure that your wireless users are fully trained in computer security awareness and the risks associated with wireless technology Make sure that APs are turned off when they are not used (e.g. after hours) Disable all non-essential protocols on the APs. Be aware that PDAs and laptops hidden in bags and briefcases can be recording all your WLAN traffic. WPAN Checklist Here are some suggestions that might prevent hackers compromising your WPAN. Beware of the infrared port. Disable it when not in use. Ensure the power up state has infrared disabled by default. When using infrared, disable any automatic acceptance of transfers. Infrared is a line-of-sight technology. Be aware of who and what is around you including unattended devices on desks and tables within the reflective area or outside glass doors and windows. Disable Bluetooth where possible Unplug Bluetooth expansion cards when not in use. Keep Bluetooth devices in the 'nondiscoverable' state, so that only the devices authorised to connect will attempt to. Only pair Bluetooth devices in a safe place clear of potential eavesdroppers (of either the pairing exchange or watching for the PIN). Use random Bluetooth PINs. Never use '0000'. On Bluetooth devices keep sensitive data in an encrypted form where possible. Department of Finance 20

Wireless Network Security Position Paper. Overview for CEO s

Wireless Network Security Position Paper. Overview for CEO s Wireless Network Security Position Paper Overview for CEO s VERSION 1.1 December 2007 Acknowledgement This document was written with the assistance of the Department of the Premier and Cabinet. Table of

More information

CS 356 Lecture 29 Wireless Security. Spring 2013

CS 356 Lecture 29 Wireless Security. Spring 2013 CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter

More information

chap18.wireless Network Security

chap18.wireless Network Security SeoulTech UCS Lab 2015-1 st chap18.wireless Network Security JeongKyu Lee Email: jungkyu21@seoultech.ac.kr Table of Contents 18.1 Wireless Security 18.2 Mobile Device Security 18.3 IEEE 802.11 Wireless

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,

More information

Wireless Security with Cyberoam

Wireless Security with Cyberoam White paper Cyberoam UTM Wireless Security with Cyberoam Robust, Fault-tolerant security is a must for companies sporting wireless networks. Cyberoam UTM strengthens the existing Wireless Security Architecture

More information

Lecture 24 Wireless Network Security. modified from slides of Lawrie Brown

Lecture 24 Wireless Network Security. modified from slides of Lawrie Brown Lecture 24 Wireless Network Security modified from slides of Lawrie Brown Wireless Security Overview concerns for wireless security are similar to those found in a wired environment security requirements

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

Security in Wireless Local Area Network

Security in Wireless Local Area Network Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June

More information

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

More information

HANDBOOK 8 NETWORK SECURITY Version 1.0

HANDBOOK 8 NETWORK SECURITY Version 1.0 Australian Communications-Electronic Security Instruction 33 (ACSI 33) Point of Contact: Customer Services Team Phone: 02 6265 0197 Email: assist@dsd.gov.au HANDBOOK 8 NETWORK SECURITY Version 1.0 Objectives

More information

WIRELESS NETWORKING SECURITY

WIRELESS NETWORKING SECURITY WIRELESS NETWORKING SECURITY Dec 2010 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas. Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key

More information

Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003

Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003 Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003 Executive Summary The threat to network security from improperly secured WLANs is a real and present danger for today s enterprises.

More information

1.2 The Policy is maintained and regulated by the University s Information Services department.

1.2 The Policy is maintained and regulated by the University s Information Services department. WIRELESS POLICY 1 INTRODUCTION 1.1 Wireless networking is a fast emerging technology and is set to continue to grow for the foreseeable future. It is recognised that wireless networking could offer benefits

More information

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information

Wireless Security for Mobile Computers

Wireless Security for Mobile Computers A Datalogic Mobile and Summit Data Communications White Paper Original Version: June 2008 Update: March 2009 Protecting Confidential and Sensitive Information It is every retailer s nightmare: An attacker

More information

Link Layer and Network Layer Security for Wireless Networks

Link Layer and Network Layer Security for Wireless Networks Link Layer and Network Layer Security for Wireless Networks Interlink Networks, Inc. May 15, 2003 1 LINK LAYER AND NETWORK LAYER SECURITY FOR WIRELESS NETWORKS... 3 Abstract... 3 1. INTRODUCTION... 3 2.

More information

State of Kansas. Interim Wireless Local Area Networks Security and Technical Architecture

State of Kansas. Interim Wireless Local Area Networks Security and Technical Architecture State of Kansas Interim Wireless Local Area Networks Security and Technical Architecture October 6, 2005 Prepared for Wireless Policy Committee Prepared by Revision Log DATE Version Change Description

More information

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003 Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003 2003 Wi-Fi Alliance. Wi-Fi is a registered trademark of the Wi-Fi Alliance

More information

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008 INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG What is wireless technology? ITMC TECH TIP ROB COONCE, MARCH 2008 In our world today, this may mean sitting down at a coffee

More information

WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network

WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Executive Summary Wireless

More information

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved.

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved. White Paper Wireless LAN Security Copyright 2002-2003 Madge Limited. All rights reserved. 1 Introduction As wireless LANs become widely deployed, and the business benefits become clear, concern has grown

More information

Wireless Network Standard and Guidelines

Wireless Network Standard and Guidelines Wireless Network Standard and Guidelines Purpose The standard and guidelines listed in this document will ensure the uniformity of wireless network access points and provide guidance for monitoring, maintaining

More information

ITL BULLETIN FOR AUGUST 2012

ITL BULLETIN FOR AUGUST 2012 ITL BULLETIN FOR AUGUST 2012 SECURITY OF BLUETOOTH SYSTEMS AND DEVICES: UPDATED GUIDE ISSUED BY THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY (NIST) Shirley Radack, Editor Computer Security Division

More information

IEEE G / B WIRELESS SECURITY. AMX Corporation. Wireless LAN Security: T e c h n o l o g y W h i t e P a p e r

IEEE G / B WIRELESS SECURITY. AMX Corporation. Wireless LAN Security: T e c h n o l o g y W h i t e P a p e r IEEE 802.11G / 802.11B WIRELESS SECURITY AMX Corporation Wireless LAN Security: T e c h n o l o g y W h i t e P a p e r 1 Table of Contents Table of Contents 2 Introduction 3 Wireless LAN Market Overview

More information

Recommended 802.11 Wireless Local Area Network Architecture

Recommended 802.11 Wireless Local Area Network Architecture NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless

More information

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security

More information

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure PwC Outline Wireless LAN Security: Attacks and Countermeasures 1. Introduction 2. Problems with 802.11 security 3. Attacks on and risks to Wireless Networks 4. Defending wireless networks ISACA Hong Kong

More information

Security Requirements for Wireless Local Area Networks

Security Requirements for Wireless Local Area Networks Information Technology Security Guidance Security Requirements for Wireless Local Area Networks Overview ITSG-41 March 2013 Foreword The ITSG-41 Security Requirements for Wireless Local Area Networks document

More information

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com White paper Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points http://www.veryxtech.com White Paper Abstract Background The vulnerabilities spotted in the Wired Equivalent Privacy (WEP) algorithm

More information

XX-XXX Wireless Local Area Network Guidelines. Date: August 13, 2003 Date Adopted by NITC: Other:

XX-XXX Wireless Local Area Network Guidelines. Date: August 13, 2003 Date Adopted by NITC: Other: Nebraska Information Technology Commission TECHNICAL STANDARDS AND GUIDELINES Wireless Local Area Network Guidelines Category Title Number Security Architecture Wireless Local Area Network Guidelines Applicability

More information

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge

More information

WHITE PAPER. Wireless LAN Security for Healthcare and HIPAA Compliance

WHITE PAPER. Wireless LAN Security for Healthcare and HIPAA Compliance WHITE PAPER Wireless LAN Security for Healthcare and HIPAA Compliance Wireless LAN Security for Healthcare and HIPAA Compliance Wireless deployments in healthcare institutions have accelerated as mobility

More information

Chapter 2 Wireless Networking Basics

Chapter 2 Wireless Networking Basics Chapter 2 Wireless Networking Basics Wireless Networking Overview Some NETGEAR products conform to the Institute of Electrical and Electronics Engineers (IEEE) 802.11g standard for wireless LANs (WLANs).

More information

Security Awareness. Wireless Network Security

Security Awareness. Wireless Network Security Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition

More information

Ensuring HIPAA Compliance in Healthcare

Ensuring HIPAA Compliance in Healthcare The Intelligent Wireless Networking Choice WHITE PAPER Ensuring HIPAA Compliance in Healthcare Overview Wireless LANs are prevalent in healthcare institutions. The constant need for mobility among doctors,

More information

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com

802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key

More information

Network Security Best Practices

Network Security Best Practices CEDIA WHITE PAPER Network Security Best Practices 2014 CEDIA TABLE OF CONTENTS 01 Document Scope 3 02 Introduction 3 03 Securing the Router from WAN (internet) Attack 3 04 Securing the LAN and Individual

More information

Particularities of security design for wireless networks in small and medium business (SMB)

Particularities of security design for wireless networks in small and medium business (SMB) Revista Informatica Economică, nr. 4 (44)/2007 93 Particularities of security design for wireless networks in small and medium business (SMB) Nicolae TOMAI, Cluj-Napoca, Romania, tomai@econ.ubbcluj.ro

More information

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly

More information

Guide to IEEE 802.11i:

Guide to IEEE 802.11i: Special Publication 800-97 (Draft) Guide to IEEE 802.11i: Establishing Robust Security Networks Recommendations of the National Institute of Standards and Technology Sheila Frankel Bernard Eydt Les Owens

More information

Best Practices for Outdoor Wireless Security

Best Practices for Outdoor Wireless Security Best Practices for Outdoor Wireless Security This paper describes security best practices for deploying an outdoor wireless LAN. This is standard body copy, style used is Body. Customers are encouraged

More information

Wireless Security and Healthcare Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance

Wireless Security and Healthcare Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Wireless LANs are prevalent in healthcare institutions. The

More information

Establishing Wireless Robust Security Networks:

Establishing Wireless Robust Security Networks: Special Publication 800-97 Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i Recommendations of the National Institute of Standards and Technology Sheila Frankel Bernard Eydt Les

More information

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal 1,2 Department of CSE 1,2,3 BRCM Bahal, Bhiwani 1 shenam91@gmail.com, 2 dkamal@brcm.edu.in Abstract This paper

More information

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006 WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able

More information

WIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS

WIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS January 2003 January WHITE 2003 PAPER WIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS With the increasing deployment of 802.11 (or Wi-Fi) wireless networks in business environments, IT organizations are

More information

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015 NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Bhavik Doshi Privacy and Security Winter 2008-09 Instructor: Prof. Warren R. Carithers Due on: February 5, 2009 Table of Contents Sr. No. Topic Page No. 1. Introduction 3 2. An

More information

Technical Brief. Wireless Intrusion Protection

Technical Brief. Wireless Intrusion Protection Technical Brief Wireless Intrusion Protection Introduction One layer of the multi-layer wireless security solution provided by Aruba Wireless Networks is the ability to lock the air using wireless intrusion

More information

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA : Understanding Security to Ensure Compliance with HIPAA Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants and other

More information

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection WHITE PAPER WEP Cloaking for Legacy TM Encryption Protection Introduction Wired Equivalent Privacy (WEP) is the encryption protocol defined in the original IEEE 802.11 standard for Wireless Local Area

More information

Closing Wireless Loopholes for PCI Compliance and Security

Closing Wireless Loopholes for PCI Compliance and Security Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop

More information

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks WHITE PAPER The Need for Wireless Intrusion Prevention in Retail Networks The Need for Wireless Intrusion Prevention in Retail Networks Firewalls and VPNs are well-established perimeter security solutions.

More information

Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter

Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter Introduction Who are we? Matt Moore, Senior Consultant @ PenTest Ltd. Mark Rowe, Technical Director @ PenTest Ltd. What

More information

Beyond the Firewall No. 72 March, 2012 Wireless LAN Edition

Beyond the Firewall No. 72 March, 2012 Wireless LAN Edition Wireless LAN infrastructure is now an increasingly common part of corporate enterprises. With wireless LAN infrastructure, new productivity gains can be realized. With this infrastructure though comes

More information

Security Requirements for Wireless Networks and their Satisfaction in IEEE 802.11b and Bluetooth

Security Requirements for Wireless Networks and their Satisfaction in IEEE 802.11b and Bluetooth Security Requirements for Wireless Networks and their Satisfaction in IEEE 802.11b and Bluetooth Henrich C. Poehls Master s Thesis M.Sc. in Information Security Information Security Group Royal Holloway,

More information

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3 ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE Overview EXHIBIT T to Amendment No. 60 Secure Wireless Network Services are based on the IEEE 802.11 set of standards and meet the Commonwealth of Virginia

More information

Industrial Communication. Securing Industrial Wireless

Industrial Communication. Securing Industrial Wireless Industrial Communication Whitepaper Securing Industrial Wireless Contents Introduction... 3 Wireless Applications... 4 Potential Threats... 5 Denial of Service... 5 Eavesdropping... 5 Rogue Access Point...

More information

NXC5500/2500. Application Note. 802.11w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015

NXC5500/2500. Application Note. 802.11w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015 NXC5500/2500 Version 4.20 Edition 2, 02/2015 Application Note 802.11w Management Frame Protection Copyright 2015 ZyXEL Communications Corporation 802.11w Management Frame Protection Introduction IEEE 802.11w

More information

WHITEPAPER. Wireless LAN Security for Healthcare and HIPAA Compliance

WHITEPAPER. Wireless LAN Security for Healthcare and HIPAA Compliance WHITEPAPER Wireless LAN Security for Healthcare and HIPAA Compliance Wireless LAN Security for Healthcare and HIPAA Compliance Wireless deployments in healthcare institutions have accelerated as mobility

More information

Wireless security. Any station within range of the RF receives data Two security mechanism

Wireless security. Any station within range of the RF receives data Two security mechanism 802.11 Security Wireless security Any station within range of the RF receives data Two security mechanism A means to decide who or what can use a WLAN authentication A means to provide privacy for the

More information

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2

More information

Link Layer and Network Layer Security for Wireless Networks

Link Layer and Network Layer Security for Wireless Networks White Paper Link Layer and Network Layer Security for Wireless Networks Abstract Wireless networking presents a significant security challenge. There is an ongoing debate about where to address this challenge:

More information

Wireless Ethernet LAN (WLAN) General 802.11a/802.11b/802.11g FAQ

Wireless Ethernet LAN (WLAN) General 802.11a/802.11b/802.11g FAQ Wireless Ethernet LAN (WLAN) General 802.11a/802.11b/802.11g FAQ Q: What is a Wireless LAN (WLAN)? Q: What are the benefits of using a WLAN instead of a wired network connection? Q: Are Intel WLAN products

More information

Security in IEEE 802.11 WLANs

Security in IEEE 802.11 WLANs Security in IEEE 802.11 WLANs 1 IEEE 802.11 Architecture Extended Service Set (ESS) Distribution System LAN Segment AP 3 AP 1 AP 2 MS MS Basic Service Set (BSS) Courtesy: Prashant Krishnamurthy, Univ Pittsburgh

More information

Legacy 802.11 Security

Legacy 802.11 Security Legacy 802.11 Security Contents Authentication Open System Authentication Shared Key Authentication Wired Equivalent Privacy (WEP) Encryption Virtual Private Networks (VPNs) Point-to-Point Tunneling Protocol

More information

MUNICIPAL WIRELESS NETWORK

MUNICIPAL WIRELESS NETWORK MUNICIPAL WIRELESS NETWORK May 2009 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

Chapter 2 Configuring Your Wireless Network and Security Settings

Chapter 2 Configuring Your Wireless Network and Security Settings Chapter 2 Configuring Your Wireless Network and Security Settings This chapter describes how to configure the wireless features of your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router. For a wireless

More information

IEEE 802.11 Wireless LAN Security Overview

IEEE 802.11 Wireless LAN Security Overview 138 IEEE 802.11 Wireless LAN Security Overview Ahmed M. Al Naamany, Ali Al Shidhani, Hadj Bourdoucen Department of Electrical and Computer Engineering Sultan Qaboos University, Oman. Summary Wireless Local

More information

Wireless in the production plant

Wireless in the production plant ATS MES Excellence Centres Wireless in the production plant For various industries How to avoid trouble when setting up a wireless network ETSI: European Telecommunications Standards Institute (www.etsi.org,

More information

Wireless Technology Seminar

Wireless Technology Seminar Wireless Technology Seminar Introduction Adam Worthington Network Consultant Adam.Worthington@euroele.com Wireless LAN Why? Flexible network access for your users? Guest internet access? VoWIP? RFID? Available

More information

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction Policy: Title: Status: 1. Introduction ISP-S12 Network Management Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1.1. This information security policy document covers management,

More information

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science Security Measures taken in Securing Data Transmission on Wireless LAN 1 AGWU C. O., 2 ACHI I. I., AND 3 OKECHUKWU O. 1 Department of Computer Science Ebonyi State University Abakaliki 2 Department of Computer

More information

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu Introduction to WiFi Security Frank Sweetser WPI Network Operations and Security fs@wpi.edu Why should I care? Or, more formally what are the risks? Unauthorized connections Stealing bandwidth Attacks

More information

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING International Journal of Electronics and Communication Engineering & Technology (IJECET) Volume 6, Issue 9, Sep 2015, pp. 65-74, Article ID: IJECET_06_09_008 Available online at http://www.iaeme.com/ijecetissues.asp?jtype=ijecet&vtype=6&itype=9

More information

Certified Wireless Security Professional (CWSP) Course Overview

Certified Wireless Security Professional (CWSP) Course Overview Certified Wireless Security Professional (CWSP) Course Overview This course will teach students about Legacy Security, encryption ciphers and methods, 802.11 authentication methods, dynamic encryption

More information

Wireless Network Standard

Wireless Network Standard Last Modified: 10/20/15 Wireless Network Standard Purpose The standard and guidelines described in this document will ensure the uniformity of wireless network access points at the University of Georgia.

More information

United States Trustee Program s Wireless LAN Security Checklist

United States Trustee Program s Wireless LAN Security Checklist United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following

More information

Wireless Networking Policy September 2009 Newman University College IT Services. Wireless Networking Policy

Wireless Networking Policy September 2009 Newman University College IT Services. Wireless Networking Policy This policy document relates specifically to wireless networking at Newman University and should be read in conjunction with the General Conditions of Use of Computing and Network Facilities. The Wireless

More information

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Table of Contents Introduction 3 Deployment approaches 3 Overlay monitoring 3 Integrated monitoring 4 Hybrid

More information

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd. Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised

More information

Configuring Security Solutions

Configuring Security Solutions CHAPTER 3 This chapter describes security solutions for wireless LANs. It contains these sections: Cisco Wireless LAN Solution Security, page 3-2 Using WCS to Convert a Cisco Wireless LAN Solution from

More information

Design and Implementation Guide. Apple iphone Compatibility

Design and Implementation Guide. Apple iphone Compatibility Design and Implementation Guide Apple iphone Compatibility Introduction Security in wireless LANs has long been a concern for network administrators. While securing laptop devices is well understood, new

More information

The Impact of Wireless LAN Technology on Compliance to the PCI Data Security Standard

The Impact of Wireless LAN Technology on Compliance to the PCI Data Security Standard The Impact of Wireless LAN Technology on to the PCI Data Security Standard 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Wireless LANs and PCI Retailers today use computers

More information

1 Purpose... 2. 2 Scope... 2. 3 Roles and Responsibilities... 2. 4 Physical & Environmental Security... 3. 5 Access Control to the Network...

1 Purpose... 2. 2 Scope... 2. 3 Roles and Responsibilities... 2. 4 Physical & Environmental Security... 3. 5 Access Control to the Network... Contents 1 Purpose... 2 2 Scope... 2 3 Roles and Responsibilities... 2 4 Physical & Environmental Security... 3 5 Access Control to the Network... 3 6 Firewall Standards... 4 7 Wired network... 5 8 Wireless

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

Integrated Health Systems. Enterprise Wireless LAN Security for Long Term Care. Integrated Systems, Inc. (866) 602-6100

Integrated Health Systems. Enterprise Wireless LAN Security for Long Term Care. Integrated Systems, Inc. (866) 602-6100 Integrated Health Systems Enterprise Wireless LAN Security for Long Term Care Integrated Systems, Inc. (866) 602-6100 Enterprise Wireless LAN Security This paper describes the challenges today s healthcare

More information

WLAN Information Security Best Practice Document

WLAN Information Security Best Practice Document WLAN Information Security Best Practice Document Produced by FUNET led working group on wireless systems and mobility (MobileFunet) (WLAN security) Author: Wenche Backman Contributors: Ville Mattila/CSC

More information

Chapter 2 Wireless Settings and Security

Chapter 2 Wireless Settings and Security Chapter 2 Wireless Settings and Security This chapter describes how to set up the wireless features of your WGT624 v4 wireless router. In planning your wireless network, select a location for the wireless

More information

m-trilogix White Paper on Security in Wireless Networks

m-trilogix White Paper on Security in Wireless Networks m-trilogix White Paper on Security in Wireless Networks Executive Summary Wireless local area networks (WLANs) based on IEEE 802.11b (Wi-Fi) will ship, according to a Cahners- Instat study, 23.6 million

More information

Security Issues with Integrated Smart Buildings

Security Issues with Integrated Smart Buildings Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern

More information

Wireless Networks. Welcome to Wireless

Wireless Networks. Welcome to Wireless Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)

More information

Enterprise A Closer Look at Wireless Intrusion Detection:

Enterprise A Closer Look at Wireless Intrusion Detection: White Paper Enterprise A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Josh Wright Senior Security Researcher Introduction As wireless enterprise networks become

More information

Wireless LAN Security: Securing Your Access Point

Wireless LAN Security: Securing Your Access Point IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.5B, May 2006 173 Wireless LAN Security: Securing Your Access Point Sia Sie Tung, Nurul Nadia Ahmad, Tan Kim Geok Faculty

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 CS5490/6490: Network Security- Lecture Notes - November 9 th 2015 Wireless LAN security (Reference - Security & Cooperation in Wireless Networks by Buttyan & Hubaux, Cambridge Univ. Press, 2007, Chapter

More information