Enhancing the Security of Corporate Wi-Fi Networks Using DAIR. Example : Rogue AP. Challenges in Building an Enterprise-scale WiFi Monitoring System

Size: px
Start display at page:

Download "Enhancing the Security of Corporate Wi-Fi Networks Using DAIR. Example : Rogue AP. Challenges in Building an Enterprise-scale WiFi Monitoring System"

Transcription

1 Challenges in Building an Enterprise-scale WiFi Monitoring System Enhancing the Security of Corporate Wi-Fi Networks Using DAIR Scale of WLAN Microsoft s WLAN has over 5 APs Paramvir Bahl, Ranveer Chandra, Jitendra Padhye, Lenin Ravindranath, Manpreet Singh, Alec Wolman, Brian Zill Presented By: J. Falquez Need to deploy many monitors Rapid fading of signal in indoor environment Multiple orthogonal channels May need observations from multiple vantage points Pinpoint location of rogue AP Taxonomy of Attacks on Wi-Fi Networks Eavesdropping Passive snooping (perhaps with high-gain antennas) Nearly impossible to detect Cryptographic techniques generally considered sufficient. Intrusion Rogue AP / Rogue Ad-hoc network Denial of Service Fake deauthentication/disassociation, NAV attacks, DIFS attacks, Jamming. Phishing Acquire passwords Example : Rogue AP Careless employee brings AP from home and plugs it into corporate Ethernet Bypasses corporate Wi-Fi security measures For example: WPA, 82.1 Permits unauthorized users to connect to corporate network Malicious user outside the building Widespread Problem Ongoing concern for MS IT department Surveyed two major US universities, found multiple rogue APs Need for WiFi Monitoring Systems Example: Indoor WLAN Monitoring Preventive measures such as 82.1 do not guarantee full security In addition, need WiFi monitoring system to detect problems in operational WiFi networks Detect Rogue AP by overhearing packets containing unknown BSSID % Received % % 2 3 Time (Minutes) 26% 97% 1.7% Rapid loss Rogue of AP signal and Client strength in Monitors indoor environments Complex, Red: time-varying Beacon reception signal rate propagation Blue: Data packet reception rate 1

2 State of the Art AP-based monitoring [Aruba, AirDefense..] Pros: Easy to deploy (APs are under central control) Cons: Single radio APs can not be effective monitors Specialized sensor boxes [Aruba, AirTight, ] Pros: Can provide detailed signal-level analysis Cons: Expensive, so can not deploy densely Monitoring by mobile clients [Adya et. al., MobiCom 4] Pros: Inexpensive, suitable for un-managed environments Cons: Coverage not predictable: mobile, battery-powered clients Only monitor the channel they are connected on Observation Desktop PC s with good wired connectivity are ubiquitous in enterprises + Outfitting a desktop PC with wireless is inexpensive Wireless USB dongles are cheap As low as $6.99 at online retailers PC motherboards are starting to appear with built-in radios Combine to create a dense deployment of wireless sensors DAIR: Dense Array of Inexpensive Radios DAIR Architecture Command Issuer Monitor Architecture Command (Enable/Disable Filter/ Send Packets) Heart Beat Land Monitor (1 per subnet) Remote Object Command Processor WiFi Parser Sender Filter Processor DHCP Parser Wired Network Packet Constructor Filter Filter Filter Other Parser Driver Interface Summarized Packet Information SQL Client Other data: SNMP, Configuration Send Packets/ Get Packets/Info Query Driver from the Device Custom Wireless Driver Wired NIC Driver Dump summarized data into the SQL Tables SQL Server Key Characteristics of DAIR High sensor density at low cost Leverages existing desktop resources Effective monitoring in indoor environments Can tolerate loss of a few sensors Sensors are (mostly) stationary Provides predictable coverage Permits meaningful historical analysis Applications of the DAIR Platform Security applications Detecting attacks on Wi-Fi networks Responding to such attacks Performance management Monitor RF coverage Load balancing Location service to support above applications 2

3 Rogue Wireless Networks An uninformed or careless employee who doesn t understand (or chooses not to think about) the security implications Brings AP from home, and attaches it to the corporate network Configures desktop PC with wireless interface to create a rogue ad-hoc network Bypasses security measures such as WPA, 82.1 Simple Solution Known: BSSID SSID :8:AC MSFT :9:3B MSRLAB C:3B:5A: BSSID :8:AC :9:3B C:3B:5A: Joe sap Seen: SSID MSFT MSRLAB Joe sap Problem with the Simple Solution False Positives Multi-office buildings False negatives Malicious attacker fakes authorized SSID / BSSID DAIR can help reduce both false positives and false negatives No foolproof way to avoid false positives/negatives completely DAIR raises bar while generating fewer alarms Reducing False Negatives Suspect is using an authorized SSID / BSSID If the real AP is still active Packet sequence numbers not monotonic If real AP is not active Determine location of suspect If different than expected, raise alarm Reducing False Positives Association Test Detect whether rogue AP is connected to corporate wired network Series of tests: Association test Source/destination address test Replay test C:3B:5A: Joe sap Machine inside corporate firewall If can connect to machine inside firewall via AP then AP is connected to corporate wired network 3

4 Association Test Source / Destination Address Test Test will fail if AP uses WEP or MAC address filtering People configure home APs with WEP or MAC filtering Land Monitor Failure means we need additional tests Subnet Router MAC Addrs Of Subnet Routers 8:5B:3F: 8:3C:4F: Source / Destination Address Test Data Frame (with encryption): Unencrypted Header MAC Addresses: Encrypted Payload Receiver Transmitter Destination Access Point Client Known Address Source / Destination Address Test Test will fail if AP is really a NAT/Router Many home APs combine AP and NAT/router functionality Failure means that additional tests are needed If Destination Address belongs to a subnet router, then AP Is connected to corporate wired network Similar test for Source Address Replay Test Replay Test s replay packets with suspect BSSID No need to decrypt packet Land Monitor At the One same of the time s LandMonitors capture replays data are captured alerted packetsto packets watch for Each duplicate packet packets replayed on multiple wired network. times Each packet is replayed multiple times (say 5) LandMonitors detect if duplicate packets are seen on wired network Works for NAT/Routers Even rogue ad-hoc networks Fails if suspect is using WPA2 or other crypto schemes that are robust against replay attacks 4

5 Scalability Load on Server Load on database server Load on individual s CPU Load (%) Additional wired network traffic 5AM 9AM 1PM 5PM 9PM 12 s s submit summarized data every 2 minutes Server: MS-SQL 25, 1.7GHz P4 with 1GB RAM Load (%) Load on Client Machine Machine running 5AM 9AM 1PM 5PM 9PM Machine not running Load (%) AM 9AM 1PM 5PM 9PM Additional Network Traffic: 2-5Kbps per Summary DAIR ongoing work Built a scalable, cost-effective, dense WLAN monitoring platform in a corporate environment Which channels should each listen on What scanning strategy to use [Deshpande et. al. 26] Depends on density of s, environment Explored ways to leverage the platform to monitor threats to Wi-Fi networks Building an effective location system Building performance management tools 5

6 Questions 6

Enhancing the Security of Corporate Wi-Fi Networks Using DAIR

Enhancing the Security of Corporate Wi-Fi Networks Using DAIR Enhancing the Security of Corporate Wi-Fi Networks Using DAIR Paramvir Bahl, Ranveer Chandra, Jitendra Padhye, Lenin Ravindranath Manpreet Singh, Alec Wolman, Brian Zill Microsoft Research, Cornell University

More information

DAIR: A Framework for Managing Enterprise Wireless Networks Using Desktop Infrastructure

DAIR: A Framework for Managing Enterprise Wireless Networks Using Desktop Infrastructure DAIR: A Framework for Managing Enterprise Wireless Networks Using Desktop Infrastructure Paramvir Bahl Ý, Jitendra Padhye Ý, Lenin Ravindranath Ý, Manpreet Singh Þ, Alec Wolman Ý, Brian Zill Ý Ý Microsoft

More information

All You Wanted to Know About WiFi Rogue Access Points

All You Wanted to Know About WiFi Rogue Access Points All You Wanted to Know About WiFi Rogue Access Points A quick reference to Rogue AP security threat, Rogue AP detection and mitigation Gopinath K. N. Hemant Chaskar AirTight Networks www.airtightnetworks.com

More information

WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network

WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Executive Summary Wireless

More information

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd. Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised

More information

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the

More information

Security Awareness. Wireless Network Security

Security Awareness. Wireless Network Security Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition

More information

Closing Wireless Loopholes for PCI Compliance and Security

Closing Wireless Loopholes for PCI Compliance and Security Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop

More information

Avaya WLAN Orchestration System

Avaya WLAN Orchestration System Avaya WLAN Orchestration System Overview The Avaya WLAN Orchestration System (WOS) is a wireless network management platform that provides full monitoring and management of the Avaya WLAN 9100 Series network

More information

ROGUE ACCESS POINT DETECTION: AUTOMATICALLY DETECT AND MANAGE WIRELESS THREATS TO YOUR NETWORK

ROGUE ACCESS POINT DETECTION: AUTOMATICALLY DETECT AND MANAGE WIRELESS THREATS TO YOUR NETWORK ROGUE ACCESS POINT DETECTION: AUTOMATICALLY DETECT AND MANAGE WIRELESS THREATS TO YOUR NETWORK The Rogue Access Point Problem One of the most challenging security concerns for IT managers today is the

More information

Avaya WLAN Orchestration System

Avaya WLAN Orchestration System Avaya WLAN Orchestration System Overview The Avaya WLAN Orchestration System (WOS) is a wireless network management platform that provides full monitoring and management of the Avaya WLAN 9100 Series network

More information

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA : Understanding Security to Ensure Compliance with HIPAA Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants and other

More information

Technical Brief. Wireless Intrusion Protection

Technical Brief. Wireless Intrusion Protection Technical Brief Wireless Intrusion Protection Introduction One layer of the multi-layer wireless security solution provided by Aruba Wireless Networks is the ability to lock the air using wireless intrusion

More information

Wireless Network Analysis. Complete Network Monitoring and Analysis for 802.11a/b/g/n

Wireless Network Analysis. Complete Network Monitoring and Analysis for 802.11a/b/g/n Wireless Network Analysis Complete Network Monitoring and Analysis for 802.11a/b/g/n Comprehensive Wireless Network Management Made Simple From deploying access points to baselining activity to enforcing

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

Observer Analyzer Provides In-Depth Management

Observer Analyzer Provides In-Depth Management Comprehensive Wireless Network Management Made Simple From deploying access points to baselining activity to enforcing corporate security policies, the Observer Performance Management Platform is a complete,

More information

CISCO WIRELESS CONTROL SYSTEM (WCS)

CISCO WIRELESS CONTROL SYSTEM (WCS) CISCO WIRELESS CONTROL SYSTEM (WCS) Figure 1. Cisco Wireless Control System (WCS) PRODUCT OVERVIEW Cisco Wireless Control System (WCS) Cisco Wireless Control System (WCS) is the industry s leading platform

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,

More information

Cisco Wireless Control System (WCS)

Cisco Wireless Control System (WCS) Data Sheet Cisco Wireless Control System (WCS) PRODUCT OVERVIEW Cisco Wireless Control System (WCS) Cisco Wireless Control System (WCS) is the industry s leading platform for wireless LAN planning, configuration,

More information

Air Marshal. White Paper

Air Marshal. White Paper White Paper Air Marshal SEPTEMBER 2013 This document discusses potential security threats in a WiFi environment, and outlines how enterprises can use a best-in-class Wireless Intrusion Prevention System

More information

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks WHITE PAPER The Need for Wireless Intrusion Prevention in Retail Networks The Need for Wireless Intrusion Prevention in Retail Networks Firewalls and VPNs are well-established perimeter security solutions.

More information

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge

More information

300Mbps Wireless N Ceiling Mount Access Point

300Mbps Wireless N Ceiling Mount Access Point Datasheet Ceiling Mount Access Point 110 Highlights Wireless N speed up to 300Mbps Controller Software enables administrators to easily manage hundreds of s Supports passive PoE for convenient installation

More information

WUA-0605 300Mbps Wireless USB Network Adapter

WUA-0605 300Mbps Wireless USB Network Adapter WUA-0605 300Mbps Wireless USB Network Adapter User Manual V1.0 Certification FCC CE FCC Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant

More information

Wireless Security and Healthcare Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance

Wireless Security and Healthcare Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Wireless LANs are prevalent in healthcare institutions. The

More information

A Location-Based Management System for Enterprise Wireless LANs

A Location-Based Management System for Enterprise Wireless LANs A Location-Based Management System for Enterprise Wireless LANs Ranveer Chandra, Jitendra Padhye, Alec Wolman, Brian Zill Microsoft Research Abstract: The physical locations of clients and access points

More information

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection WHITE PAPER WEP Cloaking for Legacy TM Encryption Protection Introduction Wired Equivalent Privacy (WEP) is the encryption protocol defined in the original IEEE 802.11 standard for Wireless Local Area

More information

Security in Wireless Local Area Network

Security in Wireless Local Area Network Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June

More information

WLAN Outdoor CPE For 2.4G. Quick Installation Guide

WLAN Outdoor CPE For 2.4G. Quick Installation Guide WLAN Outdoor CPE For 2.4G Quick Installation Guide Part I: External Installation Direction A. Check the parts in your box CPE SET 1 DC 12V/1.5A Power Adapter 1 PoE DC Injector 1 Hose Clamps 2 Manual &

More information

WI-FI Security by using Proxy server

WI-FI Security by using Proxy server WI-FI Security by using Proxy server Promila 1, Dr.R.S.Chhillar 2 1, 2 Department of Computer Science and Application, M. D. U. Rohtak, India Abstract: With the whole world going mobile, data security

More information

Pronto Cloud Controller The Next Generation Control

Pronto Cloud Controller The Next Generation Control Pronto Cloud Controller The Next Generation Control www.prontonetworks.com Cloud Managed Wi-Fi Cloud at its Best The Pronto Cloud Controller (PCC) is a next generation cloud Wi-Fi network configuration,

More information

Beyond the Firewall No. 72 March, 2012 Wireless LAN Edition

Beyond the Firewall No. 72 March, 2012 Wireless LAN Edition Wireless LAN infrastructure is now an increasingly common part of corporate enterprises. With wireless LAN infrastructure, new productivity gains can be realized. With this infrastructure though comes

More information

Wireless Networks. Welcome to Wireless

Wireless Networks. Welcome to Wireless Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Bhavik Doshi Privacy and Security Winter 2008-09 Instructor: Prof. Warren R. Carithers Due on: February 5, 2009 Table of Contents Sr. No. Topic Page No. 1. Introduction 3 2. An

More information

WIRELESS NETWORKING SECURITY

WIRELESS NETWORKING SECURITY WIRELESS NETWORKING SECURITY Dec 2010 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

APPENDIX 3 LOT 3: WIRELESS NETWORK

APPENDIX 3 LOT 3: WIRELESS NETWORK APPENDIX 3 LOT 3: WIRELESS NETWORK A. TECHNICAL SPECIFICATIONS MAIN PURPOSE The Wi-Fi system should be capable of providing Internet access directly to a user using a smart phone, tablet PC, ipad or Laptop

More information

State of Kansas. Interim Wireless Local Area Networks Security and Technical Architecture

State of Kansas. Interim Wireless Local Area Networks Security and Technical Architecture State of Kansas Interim Wireless Local Area Networks Security and Technical Architecture October 6, 2005 Prepared for Wireless Policy Committee Prepared by Revision Log DATE Version Change Description

More information

Avaya WLAN Orchestration System

Avaya WLAN Orchestration System Avaya WLAN Orchestration System Overview The Avaya WLAN Orchestration System (WOS) is a wireless network management platform that provides full monitoring and management of the Avaya WLAN 9100 Series network

More information

Network Security Best Practices

Network Security Best Practices CEDIA WHITE PAPER Network Security Best Practices 2014 CEDIA TABLE OF CONTENTS 01 Document Scope 3 02 Introduction 3 03 Securing the Router from WAN (internet) Attack 3 04 Securing the LAN and Individual

More information

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3 ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3 TO THE Overview EXHIBIT T to Amendment No. 60 Secure Wireless Network Services are based on the IEEE 802.11 set of standards and meet the Commonwealth of Virginia

More information

Ensuring HIPAA Compliance in Healthcare

Ensuring HIPAA Compliance in Healthcare The Intelligent Wireless Networking Choice WHITE PAPER Ensuring HIPAA Compliance in Healthcare Overview Wireless LANs are prevalent in healthcare institutions. The constant need for mobility among doctors,

More information

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions

More information

MWR InfoSecurity Security Advisory. BT Home Hub SSID Script Injection Vulnerability. 10 th May 2010. Contents

MWR InfoSecurity Security Advisory. BT Home Hub SSID Script Injection Vulnerability. 10 th May 2010. Contents Contents MWR InfoSecurity Security Advisory BT Home Hub SSID Script Injection Vulnerability 10 th May 2010 2010-05-10 Page 1 of 8 Contents Contents 1 Detailed Vulnerability Description... 5 1.1 Technical

More information

Movie Cube. User s Guide to Wireless Function

Movie Cube. User s Guide to Wireless Function Movie Cube User s Guide to Wireless Function Table of Contents 1. WLAN USB Adapter Connection...3 2. Wireless Setup...4 2.1 Infrastructure (AP)...5 2.2 Peer to Peer (Ad Hoc)...7 2.3 Settings for PC...8

More information

white paper october 2011 TIRED OF ROGUES? Networks

white paper october 2011 TIRED OF ROGUES? Networks white paper october 2011 TIRED OF ROGUES? Solutions for Detecting and Eliminating Rogue Wireless Networks Tired of Rogues? This paper provides an overview of the different types of rogue wireless devices,

More information

Chapter 3 Safeguarding Your Network

Chapter 3 Safeguarding Your Network Chapter 3 Safeguarding Your Network The RangeMax NEXT Wireless Router WNR834B provides highly effective security features which are covered in detail in this chapter. This chapter includes: Choosing Appropriate

More information

Fortigate Features & Demo

Fortigate Features & Demo & Demo Prepared and Presented by: Georges Nassif Technical Manager Triple C Firewall Antivirus IPS Web Filtering AntiSpam Application Control DLP Client Reputation (cont d) Traffic Shaping IPSEC VPN SSL

More information

300Mbps Wireless N Gigabit Ceilling Mount Access Point

300Mbps Wireless N Gigabit Ceilling Mount Access Point Datasheet 300Mbps Wireless N Gigabit Ceilling Mount Access Point 120 Highlights Wireless N speed up to 300Mbps Clustering function greatly simplified business wireless network management, to easy manage

More information

300Mbps Wireless N Gigabit Ceilling Mount Access Point

300Mbps Wireless N Gigabit Ceilling Mount Access Point Datasheet 300Mbps Wireless N Gigabit Ceilling Mount Access Point 120 Highlights Wireless N speed up to 300Mbps The Controller Software enables administrators to manage hundreds of s easily from any PC

More information

Study on VLAN in Wireless Networks

Study on VLAN in Wireless Networks Study on VLAN in Wireless Networks Rajul Chokshi and Dr. Chansu Yu Department of Electrical and Computer Engineering Cleveland State University Cleveland, Ohio 44115 April 30, 2007 Abstract This technical

More information

Chapter 2 Configuring Your Wireless Network and Security Settings

Chapter 2 Configuring Your Wireless Network and Security Settings Chapter 2 Configuring Your Wireless Network and Security Settings This chapter describes how to configure the wireless features of your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router. For a wireless

More information

Wireless LAN Security: Securing Your Access Point

Wireless LAN Security: Securing Your Access Point IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.5B, May 2006 173 Wireless LAN Security: Securing Your Access Point Sia Sie Tung, Nurul Nadia Ahmad, Tan Kim Geok Faculty

More information

Industrial Communication. Securing Industrial Wireless

Industrial Communication. Securing Industrial Wireless Industrial Communication Whitepaper Securing Industrial Wireless Contents Introduction... 3 Wireless Applications... 4 Potential Threats... 5 Denial of Service... 5 Eavesdropping... 5 Rogue Access Point...

More information

Module 6, Assignment 5

Module 6, Assignment 5 SusanFerdon,EDTECH552SP11 Module 6, Assignment 5 5.1 Multiple Choice Questions 1. Which of the following is unlicensed band, which can be used by WLAN s? A. 2.4 GHz band B. 2.4 MHz band C. 5 GHz band D.

More information

ICP DAS WF-2571 FAQ. FAQ Version 1.0. ICP DAS Co., Ltd. 2014-12-23

ICP DAS WF-2571 FAQ. FAQ Version 1.0. ICP DAS Co., Ltd. 2014-12-23 ICP DAS WF-2571 FAQ FAQ Version 1.0 ICP DAS Co., Ltd. 2014-12-23 Table of Contents Q1: WF-2571 doesn t work at Ad-Hoc mode. What should I do?... 3 Q2: WF-2571 doesn t work at AP mode. What should I do?...

More information

Wireless Controller DWC-1000

Wireless Controller DWC-1000 Network Architecture Manage up to 6 wireless APs, upgradable to 24 APs 1 per controller Control up to 24 wireless APs, maximum 96 APs 1 per cluster Robust Network Security Wireless Instruction Detection

More information

PCI Wireless Compliance with AirTight WIPS

PCI Wireless Compliance with AirTight WIPS A White Paper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com 2013 AirTight Networks, Inc. All rights reserved. Introduction Although [use

More information

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006 WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able

More information

Exam Questions SY0-401

Exam Questions SY0-401 Exam Questions SY0-401 CompTIA Security+ Certification http://www.2passeasy.com/dumps/sy0-401/ 1. A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened

More information

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science Security Measures taken in Securing Data Transmission on Wireless LAN 1 AGWU C. O., 2 ACHI I. I., AND 3 OKECHUKWU O. 1 Department of Computer Science Ebonyi State University Abakaliki 2 Department of Computer

More information

Lecture 24 Wireless Network Security. modified from slides of Lawrie Brown

Lecture 24 Wireless Network Security. modified from slides of Lawrie Brown Lecture 24 Wireless Network Security modified from slides of Lawrie Brown Wireless Security Overview concerns for wireless security are similar to those found in a wired environment security requirements

More information

The Wireless Network Road Trip

The Wireless Network Road Trip The Wireless Network Road Trip The Association Process To begin, you need a network. This lecture uses the common logical topology seen in Figure 9-1. As you can see, multiple wireless clients are in

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter

Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter Introduction Who are we? Matt Moore, Senior Consultant @ PenTest Ltd. Mark Rowe, Technical Director @ PenTest Ltd. What

More information

Wireless security. Any station within range of the RF receives data Two security mechanism

Wireless security. Any station within range of the RF receives data Two security mechanism 802.11 Security Wireless security Any station within range of the RF receives data Two security mechanism A means to decide who or what can use a WLAN authentication A means to provide privacy for the

More information

Wireless N 150 USB Adapter with 10dBi High Gain Antenna. Model # AWLL5055 User s Manual. Rev. 1.0

Wireless N 150 USB Adapter with 10dBi High Gain Antenna. Model # AWLL5055 User s Manual. Rev. 1.0 Wireless N 150 USB Adapter with 10dBi High Gain Antenna Model # AWLL5055 User s Manual Rev. 1.0 Table of Contents 1. Introduction...2 1.1 Package Contents...2 1.2 Features...2 2. Install Wireless USB Adapter...3

More information

Promiscuous Monitoring in Ethernet and Wi-Fi Networks

Promiscuous Monitoring in Ethernet and Wi-Fi Networks Promiscuous Monitoring in Ethernet and Wi-Fi Networks Executive Summary This white paper examines the problems related to the deployment and usage of software-based network monitoring solutions in wired

More information

Hole196 Vulnerability in WPA2

Hole196 Vulnerability in WPA2 Hole196 Vulnerability in WPA2 1 Hole196 Vulnerability in WPA2 Presenters: Anthony Paladino, Managing Director, Systems Engineering Dr. Kaustubh Phanse, Principal Wireless Architect Md. Sohail Ahmad, Senior

More information

Wireless Encryption Protection

Wireless Encryption Protection Wireless Encryption Protection We re going to jump around a little here and go to something that I really find interesting, how do you secure yourself when you connect to a router. Now first and foremost

More information

Hacking. Aims. Naming, Acronyms, etc. Sources

Hacking. Aims. Naming, Acronyms, etc. Sources Free Technology Workshop Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by Steven Gordon Bangkadi 3 rd floor IT Lab 10:30-13:30 Friday 18 July 2014 http://ict.siit.tu.ac.th/moodle/.-----.-----.-----..----.

More information

WIRELESS SECURITY TOOLS

WIRELESS SECURITY TOOLS WIRELESS SECURITY TOOLS Johanna Janse van Rensburg, Barry Irwin Rhodes University G01j202j7@campus.ru.ac.za, b.irwin@ru.ac.za (083) 944 3924 Computer Science Department, Hamilton Building, Rhodes University

More information

MSC-131. Design and Deploy AirDefense Solutions Exam. http://www.examskey.com/msc-131.html

MSC-131. Design and Deploy AirDefense Solutions Exam. http://www.examskey.com/msc-131.html Motorola MSC-131 Design and Deploy AirDefense Solutions Exam TYPE: DEMO http://www.examskey.com/msc-131.html Examskey Motorola MSC-131 exam demo product is here for you to test the quality of the product.

More information

Wireless Security: Secure and Public Networks Kory Kirk

Wireless Security: Secure and Public Networks Kory Kirk Wireless Security: Secure and Public Networks Kory Kirk Villanova University Computer Science kory.kirk@villanova.edu www.korykirk.com/ Abstract Due to the increasing amount of wireless access points that

More information

Chapter 2 Wireless Networking Basics

Chapter 2 Wireless Networking Basics Chapter 2 Wireless Networking Basics Wireless Networking Overview Some NETGEAR products conform to the Institute of Electrical and Electronics Engineers (IEEE) 802.11g standard for wireless LANs (WLANs).

More information

WASP User Manual. Revision: 1.6. (c) 2012 North Pole Engineering, Inc.

WASP User Manual. Revision: 1.6. (c) 2012 North Pole Engineering, Inc. Revision: 1.6 2 1 Introduction WASP is a standalone unit providing a bridge for ANT+ devices to communicate wirelessly through Wi-Fi networks, to other devices on the local network or over the Internet.

More information

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,

More information

Meraki Wireless Solution Comparison

Meraki Wireless Solution Comparison Meraki Wireless Solution Comparison Why Meraki? Simplified cloud management Intuitive interface allows devices to be configured in minutes without training or dedicated staff Centrally manage thousands

More information

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com Attacking Automatic Wireless Network Selection Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com We made Slashdot! Hackers, Meet Microsoft "The random chatter of several hundred

More information

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008 INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG What is wireless technology? ITMC TECH TIP ROB COONCE, MARCH 2008 In our world today, this may mean sitting down at a coffee

More information

Wireless (In)Security Trends in the Enterprise

Wireless (In)Security Trends in the Enterprise A Whitepaper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com 2012 AirTight Networks, Inc. All rights reserved. WiFi is proliferating fast.

More information

Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce. Domain Name System

Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce. Domain Name System Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce 18/02/15 Networks: DNS attacks 1 Domain Name System The domain name system (DNS) is an applica>on- layer protocol

More information

Recommended 802.11 Wireless Local Area Network Architecture

Recommended 802.11 Wireless Local Area Network Architecture NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless

More information

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure PwC Outline Wireless LAN Security: Attacks and Countermeasures 1. Introduction 2. Problems with 802.11 security 3. Attacks on and risks to Wireless Networks 4. Defending wireless networks ISACA Hong Kong

More information

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security

More information

CONNECTING THE RASPBERRY PI TO A NETWORK

CONNECTING THE RASPBERRY PI TO A NETWORK CLASSROOM CHALLENGE CONNECTING THE RASPBERRY PI TO A NETWORK In this lesson you will learn how to connect the Raspberry Pi computer to a network with both a wired and a wireless connection. To complete

More information

A Division of Cisco Systems, Inc. GHz 2.4 802.11g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.

A Division of Cisco Systems, Inc. GHz 2.4 802.11g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G USB Network Adapter with RangeBooster User Guide Model No. WUSB54GR Copyright and Trademarks Specifications are subject to change without

More information

Ralink Utility User Guide/PC/MAC

Ralink Utility User Guide/PC/MAC /PC/MAC Connecting through Ralink Utility Before you can access the Ralink Utility, please connect the Powerlink USB adapter to your computer, and disable your previous WiFi adapter which is built-in on

More information

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas. Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key

More information

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Table of Contents Introduction 3 Deployment approaches 3 Overlay monitoring 3 Integrated monitoring 4 Hybrid

More information

If security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders. Dan Farmer, System Administrators Guide to Cracking

More information

Network Projector Operation Guide

Network Projector Operation Guide Network Projector Operation Guide Table of contents Preparation...3 Connecting the projector with your computer...3 Wired connection... 3 Wireless connection (for selective models)... 4 QPresenter...7

More information

Packet Capturing Options with Aruba Wireless Networks

Packet Capturing Options with Aruba Wireless Networks Packet Capturing Options with Aruba Wireless Networks Jcox@arubanetworks.com 18/09/2006 A number of different options for packet capture are available with Aruba s Wireless Infrastructure. Typically Packet

More information

Enterprise A Closer Look at Wireless Intrusion Detection:

Enterprise A Closer Look at Wireless Intrusion Detection: White Paper Enterprise A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Josh Wright Senior Security Researcher Introduction As wireless enterprise networks become

More information

Universal Form-factor. Wi Fi Troubleshooting Made Easy

Universal Form-factor. Wi Fi Troubleshooting Made Easy AirMedic USB AirMedic USB is a powerful, easy-touse and affordable spectrum analysis tool that brings Wi-Fi troubleshooting to entry-level users. Built upon AirMagnet expertise in Wi-Fi troubleshooting,

More information

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved.

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved. White Paper Wireless LAN Security Copyright 2002-2003 Madge Limited. All rights reserved. 1 Introduction As wireless LANs become widely deployed, and the business benefits become clear, concern has grown

More information

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074 Issues in WiFi Networks Nicolae TOMAI Faculty of Economic Informatics Department of IT&C Technologies Babes Bolyai Cluj-Napoca University, Romania tomai@econ.ubbcluj.ro Abstract: The paper has four sections.

More information

CS 356 Lecture 29 Wireless Security. Spring 2013

CS 356 Lecture 29 Wireless Security. Spring 2013 CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter

More information

1.1 Demonstrate how to recognize, perform, and prevent the following types of attacks, and discuss their impact on the organization:

1.1 Demonstrate how to recognize, perform, and prevent the following types of attacks, and discuss their impact on the organization: Introduction The PW0-204 exam, covering the 2010 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those weaknesses,

More information