Wireless Networking. WLAN Security Basics
|
|
- Julian Ball
- 7 years ago
- Views:
Transcription
1 Wireless Networking WLAN Security Basics Jerry Bernardini Community College of Rhode Island 11/6/2013 Wireless Networking J. Bernardini 1 REFERENCES CWTS Chapter-9 Edition-2 The California Regional Consortium for Engineering Advances in Technological Education (CREATE) project Sybex Publishing powerpoints CCRI Engineering and Technology 2 Jbernardini 2 1
2 Introduction to IEEE Wireless LAN Security The importance of network security is often underestimated WLANs have become part of many enterprise networks in various industries and businesses In the early days of IEEE wireless networking, security was weak Why were they weak? WLANs are not bounded by any physical media such as an Ethernet cable What are you trying to protect What are you trying to prevent 3 Wireless LAN Threats and Intrusion Wireless LANs are subject to many potential security threats Concerns and Threats Eavesdropping RF denial of service (DoS) MAC spoofing Hijacking Man-in-the-middle attacks Peer-to-peer attacks Management interface exploits Encryption cracking Authentication cracking Social engineering 4 2
3 Early WLAN Security Mechanisms Media access control (MAC) filtering Wired Equivalent Privacy (WEP) Service Set Identifier (SSID) Hiding Allows the SSID to be removed from broadcast beacon frames A feature added by manufacturers of WLAN equipment Should NOT be used as a way to secure a wireless network 5 SSID Filtering Disable SSID broadcast. By default, most wireless networking devices are set to broadcast the SSID, so anyone can easily join the wireless network. Change the default SSID. Wireless AP s have a default SSID set by the factory. Linksys wireless products use Linksys. Change the network's SSID to something unique, and make sure it doesn't refer to the networking products, your company, department function, or location. 3
4 MAC Security Mechanisms? Media Access Control (MAC) Address MAC Address filtering restricting which MAC addresses can authenticate MAC Spoofing Tricking the wireless access point into thinking a MAC address is something other than what is encoded in an actual network card MAC addresses are sent in the clear in the frame header! User/attacker can change their MAC address via software (SMAC) changes the registry in Windows Impersonate or masquerade under the address. Evade/Hide Network Presence Bypass Access Control Lists Authenticated User Impersonation 7 IEEE Standard Security Open or Shared-Key IEEE Open System Authentication Null authentication Two way frame exchange The only valid authentication type allowed with i, WPA and WPA2.0 IEEE Shared-key Authentication Four way frame exchange Requires the use of WEP therefore is weak Used for authentication and data encryption Flawed and should never be used 8 4
5 Open System Authentication Vulnerabilities Inherently weak Based only on match of SSIDs SSID beaconed from AP during passive scanning Easy to discover Vulnerabilities: Beaconing SSID is default mode in all APs Not all APs allow beaconing to be turned off Or manufacturer recommends against it SSID initially transmitted in plaintext (unencrypted) Vulnerabilities -If an attacker cannot capture an initial negotiation process, can force one to occur SSID can be retrieved from an authenticated device Many users do not change default SSID Several wireless tools freely available that allow users with no advanced knowledge of wireless networks to capture SSIDs 9 Wired Equivalent Privacy (WEP) Was designed as a way to protect from casual eavesdropping The original standard states that the use of WEP is optional With open system authentication will encrypt the data With shared key authentication authentication and data encryption The original standard specified only 64-bit WEP 10 5
6 WEP Implementation IEEE cryptography objectives: Efficient Exportable Optional Reasonably strong Self-synchronizing WEP relies on secret key shared between a wireless device and the AP Same key installed on device and AP A form of Private key cryptography or symmetric encryption 11 WEP Characteristics WEP shared secret keys must be at least 40 bits Most vendors use 104 bits Options for creating WEP keys: 40-bit WEP shared secret key (5 ASCII characters or 10 hexadecimal characters) 104-bit WEP shared secret key (13 ASCII characters or 16 hexadecimal characters) Passphrase (16 ASCII characters) APs and wireless devices can store up to four shared secret keys Default key one of the four stored keys Default key used for all encryption Default key can be different for AP and client 12 6
7 WEP Encryption Process Initialization Vector (IV) Secret Key Plain text recommends IV change per-frame same packet is transmitted twice resulting cipher-text will be different C1 Seed Pseudorandom Number Generator PRNG C2 Integrity Algorithm Integrity Check Value (ICV) Key Stream Exclusive-OR IV Cipher text What is Transmitted WEP Initialization Vector The IV is a 24-bits that augments a 40-bit WEP key to 64 bits and a 104-bit WEP key to 128 bits. The IV is sent in the clear in the frame header so the receiving station knows the IV value and is able to decrypt the frame Although 40-bit and 104-bit WEP keys are often referred to as 64-bit and 128-bit WEP keys, the effective key strength is only 40 bits and 104 bits, respectively, because the IV is sent unencrypted. CCRI J. Bernardini 14 7
8 WEP Encryption Process Data Key Stream Cipher Stream (Transmitted and Received) Key Stream Data WEP Weaknesses Key management and key size. 40-bit The IV is too small. 24-bit = 16,777,216 different cipher streams. The ICV algorithm is not appropriate Uses CRC-32 when MD5 or SHA-1 would be better. Authentication messages can be easily forged IV 24 - bits PRNG Seed Secret Key 40 - bits 63 8
9 Temporal Key Integrity Protocol - TKIP Part of the IEEE i encryption standard for wireless LANs (Pronounced tee-kip ) TKIP is the next generation of WEP (initially call WEP2). Provides per-packet key mixing, a message integrity check and a re-keying mechanism, thus fixing the flaws of WEP TKIP Process begins with a 128-bit "temporal key" shared among clients and access points Combines the temporal key with the client's MAC address then adds a relatively large 16-octet initialization vector to produce the key that will encrypt the data This procedure ensures that each station uses different key streams to encrypt the data. Older WEP based devices can be upgraded to TKIP and not processor intensive SOHO and Enterprise Security Solutions i amendment to the standard improvement included: Robust Secure Network Association (RSNA) Counter mode with Cipher-block chaining Message authentication code Protocol (CCMP) Temporal Key Integrity Protocol (TKIP) are supported The Wi-Fi Alliance has released the following: Wi-Fi Protected Access (WPA) Pre i certification Wi-Fi Protected Access 2 (WPA 2.0) Post i certification Wi-Fi Protected Setup (WPS) Intended for home users 18 9
10 Wi-Fi Protected Setup certification (WPS) PIN-Based Security PIN-based security requires a unique PIN to be entered on all devices that will be part of the same secure wireless network Push-Button Configuration (PBC) Security Push-button security or push button configuration (PBC) allows users to configure wireless LAN security with the push of a button In December 2011 a security flaw was reported with WPS 19 Designed with the SOHO user or home-based user in mind Passphrase characteristics 8 to 63 ASCII or 64 hexadecimal characters Creates a 256-bit preshared key The longer and more unique the passphrase, the more secure Weak passphrases can be compromised Passphrase-Based Security 20 10
11 IEEE 802.1X Framework WPA and WPA2 Enterprise Security 802.1X IEEE 802.1X is a port-based access control method Was designed to work with wired IEEE networks Adapted into the wireless world as an alternate, more powerful solution to legacy IEEE security 802.1X technology terminology Supplicant Authenticator Authentication Server 11/6/2013 Wireless Networking J. Bernardini 21 Extensible Authentication Protocol (EAP) EAP (details of operation beyond scope of course CCNP subject) The authentication process used with 802.1X is Extensible Authentication Protocol (EAP) There are many types of EAP available in the industry that can be used with wireless networking IEEE 802.1X and EAP together create IEEE 802.1X/EAP This authentication process is typically used for enterprise-level network security The EAP type chosen will depend on the environment in which the wireless LAN is deployed Many Proprietary Solutions of EAP EAP-TLS TTLS PEAP EAP-FAST 22 11
12 Remote Authentication Dial in User Service (RADIUS) RADIUS was originally as a way to authenticate and authorize dial-up network users Now used with access points to authenticate and authorize wireless networks users 23 Authentication, Authorization, and Accounting (AAA) A framework to allow secure access and authorization keep track of the user s activities on a computer network including wireless networks part of a RADIUS functionality Three components protocol that work together Authentication Validating credentials Authorization Access control Accounting Keeping track of use 24 12
13 Cryptography and Encryption Cryptography: Science of transforming information so that it is secure while being transmitted or stored scrambles data Guard the Confidentiality of CIA Ensure only authorized parties can view it Used in IEEE to encrypt wireless transmissions Scrambling Encryption: Transforming plaintext to ciphertext Decryption: Transforming ciphertext to plaintext Cipher: An encryption algorithm Given a key that is used to encrypt and decrypt messages Weak keys: Keys that are easily discovered 25 Encryption Evolution: WEP/TKIP/CCMP Wired Equivalent Privacy (WEP) Legacy Temporal Key Integrity Protocol (TKIP) Good Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) The best and most secure 26 13
14 Encryption: WEP Wired Equivalent Privacy (WEP) An optional encryption method specified in the original IEEE standard Intended to protect wireless network users against casual eavesdropping Cracking WEP a very simple process WEP is vulnerable to intrusion because of the 24 bit initialization vector (IV) The 24-bit IV is broadcast in the clear or unencrypted 27 Encryption: TKIP Temporal Key Integrity Protocol (TKIP) Designed as a firmware upgrade to fix WEP TKIP added several enhancements Per-packet key mixing of the IV to separate IVs from weak keys A dynamic rekeying mechanism to change encryption and integrity keys 48-bit IV and IV sequence counter to prevent replay attacks Message Integrity Check (MIC) to prevent forgery attacks Use of the RC4 stream cipher, thereby allowing backward compatibility with WEP 28 14
15 Encryption: CCMP Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) CCMP is a mandatory part of the IEEE i amendment (now part of IEEE standard) CCMP uses the Advanced Encryption Standard (AES) algorithm, a block cipher Older hardware may not support it and it is the strongest encryption method 29 Improved Security with CCMP and AES Counter Mode with Cipher Block Chaining-Message Authentication Code (CCMP) CCMP uses Advanced Encryption Standard (AES) instead of RC4 algorithm CCMP/AES uses 128-bit encryption, encrypts 128-bit blocks, uses 8-bytes integrity check AES is very processor intensive Not upgradable for older devices 11/6/2013 Wireless Networking J. Bernardini 30 15
16 Advanced Encryption Standard - AES Relatively new U.S. National Institute of Standards and technology (NIST) for single-key encryption; approved in byte Block Cipher based on Rijndael (pronounced Rain Doll ) Key Lengths of 128, 192, and 256-bit Time to brute-force break an AES 256-bit key several years. AES Encryption is a four step process AES Four Steps /6/2013 Wireless Networking J. Bernardini 32 16
17 WPA Modes There are 2 modes of WPA and WPA2 certification Enterprise and Personal Enterprise Mode (Business & Government) Personal Mode (Personal & SOHO) WPA Authentication: IEEE 802.1X/EAP Encryption: TKIP/MIC Authentication: PSK Encryption: TKIP/MIC WPA2 Authentication: IEEE 802.1X/EAP Encryption: AES-CCMP Authentication: PSK Encryption: AES-CCMP Role-Based Access Control (RBAC) Way of restricting access to only authorized users Designed to ease the task of security administration on large networks A method of regulating access to computer or network resources based on the roles of individual users Access based according to job competency, authority, and responsibility within the enterprise Enables users to carry out a wide range of authorized tasks Roles can be easily created, changed, or discontinued as the needs of the enterprise evolve, without having to individually update the privileges for every user 34 17
18 Virtual Private Networking The capability to create private communications over a public network infrastructure such as the internet Point-to-Point Tunneling Protocol (PPTP) Layer 2 Tunneling Protocol (L2TP) Components of a VPN Solution Client side Endpoint Network infrastructure Public or private Server side Endpoint 35 Wireless Intrusion Prevention Systems (WIPS) Capture information by 24/7/365 monitoring Detect threats to the wireless infrastructure such as DoS attacks and rogue access points Notify about threats through a variety of mechanisms Support for integrated RF spectrum analysis Capture information by 24/7/365 monitoring Detect threats to the wireless infrastructure such as DoS attacks and rogue access points Notify about threats through a variety of mechanisms Support for integrated RF spectrum analysis 36 18
19 Wireless Intrusion Prevention Systems (WIPS) Two types of WIPS Overlay and Integrated WIPS Technology 37 Overlay WIPS sensors Overlay WIPS Overlay WIPS sensors are dedicated wireless devices Have physical characteristics similar to those of wireless access points Are passive and only used for scanning the air and sending data to a WIPS server 38 19
20 Integrated WIPS Overlay and Integrated WIPS Technology Integrated WIPS sensors Part of a wireless access point s functionality May have a dedicated radio for full-time WIPS monitoring, or it may share a radio with the access point for part-time WIPS monitoring 39 The Captive Portal Captive Portal A process that redirects a user to an authentication source of some type before they will be allowed wireless network access Authentication source in the form of a web page will require a user to authenticate in some way Enter user credentials (username and password) Input payment information Agree to terms and conditions 40 20
21 Wireless Network Management and Monitoring Systems (WNMS) Allows a wireless network engineer to both control and administer wireless infrastructure devices Collect information that may be used to troubleshoot and resolve wireless LAN issues Cloud-based Wireless Network Monitoring Physical Layer Monitoring See what is happening in the air as it relates to radio frequency Data Link Layer Monitoring View the wireless LAN frames that traverse the air and provides the opportunity to view both potential performance and security issues 41 Regulatory Compliance PCI Compliance Build and maintain a secure network Protect cardholder data Maintain a vulnerability management program Implement strong access control measures Regularly monitor and test networks Maintain an information security policy HIPAA Compliance Other Regulatory Compliances 42 21
22 Review Network intrusion and the impact it can have on a wireless LAN IEEE security methods IEEE authentication types IEEE Open system IEEE Shared key Early WLAN security techniques IEEE SOHO and enterprise security technologies Passphrase-based authentication User-based authentication 802.1X/EAP Radius Authentication, Authorization, and Accounting (AAA) IEEE encryption methods 43 22
Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More informationTable of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example
Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2
More information802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com
802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationCertified Wireless Security Professional (CWSP) Course Overview
Certified Wireless Security Professional (CWSP) Course Overview This course will teach students about Legacy Security, encryption ciphers and methods, 802.11 authentication methods, dynamic encryption
More informationCS 356 Lecture 29 Wireless Security. Spring 2013
CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationWireless security. Any station within range of the RF receives data Two security mechanism
802.11 Security Wireless security Any station within range of the RF receives data Two security mechanism A means to decide who or what can use a WLAN authentication A means to provide privacy for the
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationWireless Networks. Welcome to Wireless
Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)
More informationWi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003
Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003 2003 Wi-Fi Alliance. Wi-Fi is a registered trademark of the Wi-Fi Alliance
More informationWireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.
Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key
More informationSecurity in IEEE 802.11 WLANs
Security in IEEE 802.11 WLANs 1 IEEE 802.11 Architecture Extended Service Set (ESS) Distribution System LAN Segment AP 3 AP 1 AP 2 MS MS Basic Service Set (BSS) Courtesy: Prashant Krishnamurthy, Univ Pittsburgh
More informationThe next generation of knowledge and expertise Wireless Security Basics
The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com
More informationWEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication
WLAN Security WEP Overview 1/2 WEP, Wired Equivalent Privacy Introduced in 1999 to provide confidentiality, authentication and integrity Includes weak authentication Shared key Open key (the client will
More informationWhite paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com
White paper Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points http://www.veryxtech.com White Paper Abstract Background The vulnerabilities spotted in the Wired Equivalent Privacy (WEP) algorithm
More informationSymm ym e m t e r t ic i c cr c yptogr ypt aphy a Ex: RC4, AES 2
Wi-Fi Security FEUP>MIEIC>Mobile Communications Jaime Dias Symmetric cryptography Ex: RC4, AES 2 Digest (hash) Cryptography Input: variable length message Output: a fixed-length bit
More informationChapter 2 Wireless Networking Basics
Chapter 2 Wireless Networking Basics Wireless Networking Overview Some NETGEAR products conform to the Institute of Electrical and Electronics Engineers (IEEE) 802.11g standard for wireless LANs (WLANs).
More informationChapter 6 CDMA/802.11i
Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationAnalysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal
Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal 1,2 Department of CSE 1,2,3 BRCM Bahal, Bhiwani 1 shenam91@gmail.com, 2 dkamal@brcm.edu.in Abstract This paper
More informationCS549: Cryptography and Network Security
CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared
More informationWireless LAN Security Mechanisms
Wireless LAN Security Mechanisms Jingan Xu, Andreas Mitschele-Thiel Technical University of Ilmenau, Integrated Hard- and Software Systems Group jingan.xu@tu-ilmenau.de, mitsch@tu-ilmenau.de Abstract.
More informationConfigure WorkGroup Bridge on the WAP131 Access Point
Article ID: 5036 Configure WorkGroup Bridge on the WAP131 Access Point Objective The Workgroup Bridge feature enables the Wireless Access Point (WAP) to bridge traffic between a remote client and the wireless
More informationCSC574: Computer and Network Security
CSC574: Computer and Network Security Lecture 21 Prof. William Enck Spring 2016 (Derived from slides by Micah Sherr) Wireless Security Wireless makes network security much more difficult Wired: If Alice
More informationEnterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003
Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003 Executive Summary The threat to network security from improperly secured WLANs is a real and present danger for today s enterprises.
More informationAuthentication in WLAN
Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing
More informationUnderstanding Wireless Security on Your Polycom SpectraLink 8400 Series Wireless Phones
Understanding Wireless Security on Your Polycom SpectraLink 8400 Series Wireless Phones Polycom s SpectraLink 8400 Series wireless phones meet the highest security requirements. By the time you deploy
More informationHow To Secure Wireless Networks
Lecture 24 Wireless Network Security modified from slides of Lawrie Brown Wireless Security Overview concerns for wireless security are similar to those found in a wired environment security requirements
More informationEVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2)
EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2) Moffat Mathews, Ray Hunt Department of Computer Science and Software Engineering, University of Canterbury, New Zealand {ray.hunt@canterbury.ac.nz}
More informationKey Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards
White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the
More informationWIRELESS NETWORKING SECURITY
WIRELESS NETWORKING SECURITY Dec 2010 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationState of Kansas. Interim Wireless Local Area Networks Security and Technical Architecture
State of Kansas Interim Wireless Local Area Networks Security and Technical Architecture October 6, 2005 Prepared for Wireless Policy Committee Prepared by Revision Log DATE Version Change Description
More informationThe Importance of Wireless Security
The Importance of Wireless Security Because of the increasing popularity of wireless networks, there is an increasing need for security. This is because unlike wired networks, wireless networks can be
More informationCS 336/536 Computer Network Security. Summer Term 2010. Wi-Fi Protected Access (WPA) compiled by Anthony Barnard
CS 336/536 Computer Network Security Summer Term 2010 Wi-Fi Protected Access (WPA) compiled by Anthony Barnard 2 Wi-Fi Protected Access (WPA) These notes, intended to follow the previous handout IEEE802.11
More informationYour 802.11 Wireless Network has No Clothes
Your 802.11 Wireless Network has No Clothes William A. Arbaugh Narendar Shankar Y.C. Justin Wan Department of Computer Science University of Maryland College Park, Maryland 20742 March 30, 2001 Abstract
More informationSecurity in Wireless Local Area Network
Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June
More informationVIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong
VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security
More informationChapter 10: Designing and Implementing Security for Wireless LANs Overview
Chapter 10: Designing and Implementing Security for Wireless LANs Overview Identify and describe the strengths, weaknesses, appropriate uses, and appropriate implementation of IEEE 802.11 security related
More information1.1 Demonstrate how to recognize, perform, and prevent the following types of attacks, and discuss their impact on the organization:
Introduction The PW0-204 exam, covering the 2010 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those weaknesses,
More informationCipher Suites and WEP
Cipher Suites and WEP This module describes how to configure the cipher suites required for using Wireless Protected Access (WPA) and Cisco Centralized Key Management (CCKM); Wired Equivalent Privacy (WEP);
More informationUNIK4250 Security in Distributed Systems University of Oslo Spring 2012. Part 7 Wireless Network Security
UNIK4250 Security in Distributed Systems University of Oslo Spring 2012 Part 7 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s charter to develop
More informationA SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS
A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS Jose Perez Texas A&M University Corpus Christi Email: jluisperez16@gmail.com Fax Number: (361) 825-2795 Faculty Advisor: Dr. Ahmed Mahdy, Texas A&M University
More informationWireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com
Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge
More informationWI-FI SECURITY: A LITERATURE REVIEW OF SECURITY IN WIRELESS NETWORK
IMPACT: International Journal of Research in Engineering & Technology (IMPACT: IJRET) ISSN(E): 2321-8843; ISSN(P): 2347-4599 Vol. 3, Issue 5, May 2015, 23-30 Impact Journals WI-FI SECURITY: A LITERATURE
More informationAgenda. Wireless LAN Security. TCP/IP Protocol Suite (Internet Model) Security for TCP/IP. Agenda. Car Security Story
Wireless s June September 00 Agenda Wireless Security ผศ. ดร. อน นต ผลเพ ม Asst. Prof. Anan Phonphoem, Ph.D. anan@cpe.ku.ac.th http://www.cpe.ku.ac.th/~anan Computer Engineering Department Kasetsart University,
More informationWIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS
January 2003 January WHITE 2003 PAPER WIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS With the increasing deployment of 802.11 (or Wi-Fi) wireless networks in business environments, IT organizations are
More informationA Division of Cisco Systems, Inc. GHz 2.4 802.11g. Wireless-G. PCI Adapter with RangeBooster. User Guide WIRELESS WMP54GR. Model No.
A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G PCI Adapter with RangeBooster User Guide Model No. WMP54GR Copyright and Trademarks Specifications are subject to change without notice.
More informationTHE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING
International Journal of Electronics and Communication Engineering & Technology (IJECET) Volume 6, Issue 9, Sep 2015, pp. 65-74, Article ID: IJECET_06_09_008 Available online at http://www.iaeme.com/ijecetissues.asp?jtype=ijecet&vtype=6&itype=9
More informationWireless Security with Cyberoam
White paper Cyberoam UTM Wireless Security with Cyberoam Robust, Fault-tolerant security is a must for companies sporting wireless networks. Cyberoam UTM strengthens the existing Wireless Security Architecture
More informationNXC5500/2500. Application Note. 802.11w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015
NXC5500/2500 Version 4.20 Edition 2, 02/2015 Application Note 802.11w Management Frame Protection Copyright 2015 ZyXEL Communications Corporation 802.11w Management Frame Protection Introduction IEEE 802.11w
More informationA Division of Cisco Systems, Inc. GHz 2.4 802.11g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.
A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G USB Network Adapter with RangeBooster User Guide Model No. WUSB54GR Copyright and Trademarks Specifications are subject to change without
More informationAdvanced Security Issues in Wireless Networks
Advanced Security Issues in Wireless Networks Seminar aus Netzwerke und Sicherheit Security Considerations in Interconnected Networks Alexander Krenhuber Andreas Niederschick 9. Januar 2009 Advanced Security
More informationWi-Fi Client Device Security and Compliance with PCI DSS
Wi-Fi Client Device Security and Compliance with PCI DSS A Summit Data Communications White Paper Original Version: June 2008 Update: January 2009 Protecting Payment Card Information It is every retailer
More informationChapter 3 Safeguarding Your Network
Chapter 3 Safeguarding Your Network The RangeMax NEXT Wireless Router WNR834B provides highly effective security features which are covered in detail in this chapter. This chapter includes: Choosing Appropriate
More informationUSER GUIDE Cisco Small Business
USER GUIDE Cisco Small Business WBPN Wireless-N Bridge for Phone Adapters December 2011 Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries.
More informationWireless Security for Mobile Computers
A Datalogic Mobile and Summit Data Communications White Paper Original Version: June 2008 Update: March 2009 Protecting Confidential and Sensitive Information It is every retailer s nightmare: An attacker
More informationQuestion How do I access the router s web-based setup page? Answer
http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=3676 Question How do I access the router s web-based setup page? Answer All Linksys routers have a built-in web-based setup
More informationWiFi Security Assessments
WiFi Security Assessments Robert Dooling Dooling Information Security Defenders (DISD) December, 2009 This work is licensed under a Creative Commons Attribution 3.0 Unported License. Table of Contents
More informationWLAN Authentication and Data Privacy
WLAN Authentication and Data Privacy Digi Wi-Point 3G supports various Wi-Fi security options, including WEP-40/WEP-104 and WPA- PSK and WPA2-PSK. To configure WLAN security on DIGI WI-POINT 3G, you may
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationAll vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices
Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly
More informationLegacy 802.11 Security
Legacy 802.11 Security Contents Authentication Open System Authentication Shared Key Authentication Wired Equivalent Privacy (WEP) Encryption Virtual Private Networks (VPNs) Point-to-Point Tunneling Protocol
More informationConfiguring Security Solutions
CHAPTER 3 This chapter describes security solutions for wireless LANs. It contains these sections: Cisco Wireless LAN Solution Security, page 3-2 Using WCS to Convert a Cisco Wireless LAN Solution from
More informationSSI. Commons Wireless Protocols WEP and WPA2. Bertil Maria Pires Marques. E-mail: pro09020@fe.up.pt Dez 2009. Dez 2009 1
SSI Commons Wireless Protocols WEP and WPA2 Bertil Maria Pires Marques E-mail: pro09020@fe.up.pt Dez 2009 Dez 2009 1 WEP -Wired Equivalent Privacy WEPisasecurityprotocol,specifiedintheIEEEWireless Fidelity
More informationWLAN Access Security Technical White Paper. Issue 02. Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD.
WLAN Access Security Technical White Paper Issue 02 Date 2012-09-24 HUAWEI TECHNOLOGIES CO., LTD. . 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by
More informationCisco Aironet Wireless Bridges FAQ
Cisco Aironet Wireless Bridges FAQ Document ID: 16041 Contents Introduction What is the Cisco Aironet Wireless Bridge? What are the different platforms of wireless bridges that Cisco offers? Where can
More informationA DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES
A DISCUSSION OF WIRELESS SECURITY TECHNOLOGIES Johanna Janse van Rensburg, Barry Irwin Rhodes University G01j202j7@campus.ru.ac.za, b.irwin@ru.ac.za (083) 944 3924 Computer Science Department, Hamilton
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationJournal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN 2067 4074
Issues in WiFi Networks Nicolae TOMAI Faculty of Economic Informatics Department of IT&C Technologies Babes Bolyai Cluj-Napoca University, Romania tomai@econ.ubbcluj.ro Abstract: The paper has four sections.
More informationBurglarproof WEP Protocol on Wireless Infrastructure
Association for Information Systems AIS Electronic Library (AISeL) PACIS 2006 Proceedings Pacific Asia Conference on Information Systems (PACIS) 1-1-2006 Burglarproof WEP Protocol on Wireless Infrastructure
More informationSecuring your Linksys Wireless Router BEFW11S4 Abstract
Securing your Linksys Wireless Router BEFW11S4 Abstract Current implementations of the 802.11b wireless LAN standards have several potential pitfalls for security. However, built in security mechanisms
More informationSelf Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:
IMPORTANT! This Guide refers to the following Products: Securing Your Wireless Network Please read the following carefully; Synopsis: This Guide is designed to help you if you have a Wireless Network that
More informationChapter 2 Configuring Your Wireless Network and Security Settings
Chapter 2 Configuring Your Wireless Network and Security Settings This chapter describes how to configure the wireless features of your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router. For a wireless
More informationProCurve Wireless LAN Security
ProCurve Wireless LAN Security Fundamentals Guide Technical Training Version 8.21 Contents ProCurve Wireless LAN Security Fundamentals Introduction... 1 Objectives... 1 Discussion Topics... 2 Authentication
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationRecommended 802.11 Wireless Local Area Network Architecture
NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless
More informationWireless Network Standard and Guidelines
Wireless Network Standard and Guidelines Purpose The standard and guidelines listed in this document will ensure the uniformity of wireless network access points and provide guidance for monitoring, maintaining
More informationTop 10 Security Checklist for SOHO Wireless LANs
Introduction Corporations, government agencies, the military, and enterprises in fact all medium to large scale wireless LANs have a different set of security requirements compared to the wireless LAN
More informationA COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)
A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2) Vipin Poddar Suresh Gyan Vihar School of Engginering And Technology, Jaipur, Rajasthan. Hitesh Choudhary, Poornima University, Jaipur,
More informationWireless-G Business PCI Adapter with RangeBooster
Wireless-G Business PCI Adapter with RangeBooster USER GUIDE BUSINESS SERIES Model No. WMP200 Wireless Model Model No. No. Copyright and Trademarks Specifications are subject to change without notice.
More informationWireless Security. CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger. www.cse.psu.edu/~tjaeger/cse497b-s07/
Wireless Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ At the mall... Page 2 Wireless Networks Page 3 Network supported
More informationWireless Networking Basics. NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA
Wireless Networking Basics NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA n/a October 2005 2005 by NETGEAR, Inc. All rights reserved. Trademarks NETGEAR and Auto Uplink are trademarks
More informationALL1682511. 500Mbits Powerline WLAN N Access Point. User s Manual
ALL1682511 500Mbits Powerline WLAN N Access Point User s Manual Contents 1. Introduction...1 2. System Requirements...1 3. Configuration...1 4. WPS...9 5. Wireless AP Settings...9 6. FAQ... 15 7. Glossary...
More informationWLAN Information Security Best Practice Document
WLAN Information Security Best Practice Document Produced by FUNET led working group on wireless systems and mobility (MobileFunet) (WLAN security) Author: Wenche Backman Contributors: Ville Mattila/CSC
More informationNetwork Security Best Practices
CEDIA WHITE PAPER Network Security Best Practices 2014 CEDIA TABLE OF CONTENTS 01 Document Scope 3 02 Introduction 3 03 Securing the Router from WAN (internet) Attack 3 04 Securing the LAN and Individual
More informationOverview. Summary of Key Findings. Tech Note PCI Wireless Guideline
Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the
More informationWireless-N. User Guide. PCI Adapter WMP300N (EU) WIRELESS. Model No.
2,4 GHz WIRELESS Wireless-N PCI Adapter User Guide Model No. WMP300N (EU) Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered trademark or trademark of
More informationA Division of Cisco Systems, Inc. GHz 2.4 802.11g. Wireless-G. PCI Adapter. User Guide WIRELESS WMP54G. Model No.
A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G PCI Adapter User Guide Model No. WMP54G Copyright and Trademarks Specifications are subject to change without notice. Linksys is a
More informationHuawei WLAN Authentication and Encryption
Huawei WLAN Authentication and Encryption The Huawei integrated Wireless Local Area Network (WLAN) solution can provide all-round services for municipalities at various levels and enterprises and institutions
More informationIEEE 802.11a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320. Management Guide. www.edge-core.com. Software Release v2.0.0.1
IEEE 802.11a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320 Management Guide Software Release v2.0.0.1 www.edge-core.com Management Guide ECW5320 Indoor Enterprise Access Point IEEE 802.11a/ac/n/b/g
More informationWireless Network Security. Pat Wilbur Wireless Networks March 30, 2007
Wireless Network Security Pat Wilbur Wireless Networks March 30, 2007 Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection Types of Attacks
More informationSecurity Awareness. Wireless Network Security
Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition
More informationWireless security (WEP) 802.11b Overview
Wireless security (WEP) 9/01/10 EJ Jung 802.11b Overview! Standard for wireless networks Approved by IEEE in 1999! Two modes: infrastructure and ad hoc IBSS (ad hoc) mode Independent Basic Service Set
More informationA Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model
A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model Table of Contents Introduction 3 Deployment approaches 3 Overlay monitoring 3 Integrated monitoring 4 Hybrid
More informationIf security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders. Dan Farmer, System Administrators Guide to Cracking
More informationchap18.wireless Network Security
SeoulTech UCS Lab 2015-1 st chap18.wireless Network Security JeongKyu Lee Email: jungkyu21@seoultech.ac.kr Table of Contents 18.1 Wireless Security 18.2 Mobile Device Security 18.3 IEEE 802.11 Wireless
More informationImplementing Security for Wireless Networks
Implementing Security for Wireless Networks Action Items for this session Learn something! Take notes! Fill out that evaluation. I love to see your comments and we want to make these better! Most important:
More informationNetwork Access Security. Lesson 10
Network Access Security Lesson 10 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Firewalls Given a scenario, install and configure routers and switches.
More informationCOMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2)
COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2) Disha Baba Banda Singh Bahadur Engineering College Fatehgarh Sahib, Punjab Sukhwinder Sharma Baba Banda Singh Bahadur Engineering College Fatehgarh
More informationLink Layer and Network Layer Security for Wireless Networks
Link Layer and Network Layer Security for Wireless Networks Interlink Networks, Inc. May 15, 2003 1 LINK LAYER AND NETWORK LAYER SECURITY FOR WIRELESS NETWORKS... 3 Abstract... 3 1. INTRODUCTION... 3 2.
More information