Practical Approach in Teaching Wireless LAN Security using Open Source Software
|
|
- Marilyn Floyd
- 8 years ago
- Views:
Transcription
1 Practical Approach in Teaching Wireless LAN Security using Open Source Software Mohd Azizi Sanwani & * Kamaruddin Mamat Centre for Diploma Programme, Multimedia University Cyberjaya, MALAYSIA * Faculty of Computer & Mathematical Science, Universiti Teknologi MARA, MALAYSIA azizi.sanwani@mmu.edu.my, kamar@tmsk.uitm.edu.my Abstract Security plays a major role in today s networking especially in wireless field where widespread deployment of wireless local area network (WLAN) has changed the circumstances in maintaining secure network. While both network security and wireless networking has become major subjects in many computer science courses throughout the world, teaching the concept from theoretical standpoint is vastly different from real world scenarios. This paper presents several hands-on scenarios to depict flaws in typical wireless security implementation by using Open Source Software (OSS) as the tool for simulated attacks. Sanwani, M.A. & Mamat, K. (2011). Practical Approach in Teaching Wireless LAN Security using Open Source Software. Malaysian Journal of Educational Technology, 11(2), pp Introduction WLAN has been proven to be highly beneficial by improving the productivity, decreasing the infrastructure cost and resolving business continuity issues. However these advantages also come with several downsides. The most apparent is the concern for its security. The physical nature of wireless propagation has rendered the conventional approach in securing the network to be ineffective. In the conventional wired LAN setting, the attacker must first, either have to bypass the firewall or have physical access to the available LAN port inside the network before he is able to tap into the intended network. In contrast, in WLAN this limitation has become irrelevant as it uses entirely different approach with regards to the physical medium as it works by transmitting and receiving packets via radio-frequency. The downside is that it may radiate the transmission beyond the intended area and users. Anyone within the coverage is able to intercept the communication. Furthermore, the early WLAN architecture was engineered with ease of use as the major criteria and security was added almost as an afterthought. Consequently, it leads to certain flaws in the encryption implementation that could potentially jeopardize the security of the network [1,2,3,4,5,6]. Methodology In conventional method, security subjects were usually taught using lecture/tutorial approach with heavy emphasis on theory. At present, to meet the ever changing security challenges, there is an urgent need for students to shift their mentality to better comprehend the attacker s mindset [7]. Using hands-on approach, this paper intends to highlight several scenarios whereby the potential threats of wireless LAN can be exposed by using OSS. In this manner, students are be able to learn about networking and security concepts such as radio frequency, authentication, encryption, Service Set Identifier (SSID) broadcasting, packet sniffing etc. by actually performing the attack in controlled environment [8, 9]. While it might introduce some controversy as some students might abuse the knowledge, there are several ways to mitigate the risks such as exposing the students with the ethical consideration and legal implication [10, 11]. Wireless Access Point Setup Wireless access point (WAP) should be first setup in isolated, stand-alone network in order to conduct the attacks in controlled environment and to avoid disrupting live network [9, 10]. The configurations can be demonstrated first by the instructor, followed by hands-on implementation by the students in order to ensure them to be accustomed with WAP configuration such as the selecting SSID name, encryption type; Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), or WPA2, password selection, MAC address filtering, SSID broadcasting etc. These configurations could be changed depending on the scenarios involved. ISSN
2 Hardware WLAN adaptor which has Linux driver support is compulsory as some scenarios require the adaptor to perform packet injection and switch into monitor mode. Handy references for suitable chipset can be found at [12]. Operating System As most computers have preinstalled Microsoft Windows XP/Vista/7, there are several approaches to go about in having a Linux system. The easiest method is to use Linux Live CD/DVD. Via this approach, no installation is required and no alteration can be made onto the system as it runs only in read-only mode. Alternatively, virtualization software such as VirtualBox [13] can be utilized. However, the most practical option is to have a fresh installation of Linux on the hard disk drive (dual boot) or on the flash drive. There are numerous Linux distributions available but Backtrack [14] would be an ideal choice as it has comprehensive software for penetration testing and digital forensic. WLAN Security Threats (5 Scenarios) WLAN face similar threats as conventional wired network. However, in addition it also has certain vulnerabilities which are unique to WLAN. The most prominent and frequently exploited are discussed as follow; Wardriving/piggybacking This act of locating WLAN is usually referred as casual eavesdropping. Despite its name it has evolved as an umbrella term for any method used to locate WLAN; walking, biking, etc. However, there is distinct difference between wardriving and piggybacking. While wardriving is strictly locating WLAN, piggybacking refers to the act of using the WLAN service without explicit permission or knowledge. WLAN without proper authentication or encryption mechanism are prone to this exploits using software such as Kismet [15]. Figure 1 Vulnerable WLANs exposed by Kismet scan Packet sniffing Due to the open nature of data transmission in WLAN, the access is available to anyone within range. Therefore, there is possibility that the packets would be captured by unauthorized person. The threat become more serious if there is no encryption mechanism in place, thus sensitive or personal information are prone to public disclosure. Tool such as Wireshark [16] is usually used for eavesdropping and to further analyse the captured packets to discover any useful information or flaws. ISSN
3 Malaysian Journal of Educational Technology Figure 2 Captured packets revealed visited website MAC spoofing Most WAP come with built-in capability of MAC address filtering. Via this approach, only selected client as specified in the safe list will be allowed access as shown in Figure 3. This restriction is due to the assumption that MAC address is unique to any devices. Security mechanism by MAC filtering can easily be bypassed as the attacker can masquerade as authorized user by spoofing the MAC address [17]. Figure 3 Example of MAC address filtering scheme in Linksys WAP WEP attack While WEP encryption has been proved to be insecure and can easily be cracked [1], [2], [3], it is one of the most widely used encryption in WLAN and still being incorporated as an encryption option in new WAP from vendor such as Linksys. For this attack, the motivation is to capture enough Initialisation Vector (IV), which is a set of random bits used as seed for RC4 cipher. To replicate busy traffic in typical WLAN, a technique known as packet injection can be performed to force WAP to retransmit selected packets quickly. Once sufficient amount IV has been collected, the WAP can be considered to be compromised as it can easily be cracked using Aircrack [18]. ISSN
4 WPA/WPA2 Pre-Shared Key (PSK) dictionary attack WPA and its successor, WPA2 were developed to rectify the security flaws in WEP encryption. Although it does solve most of the deficiencies in WEP, unfortunately it also had created another potential attack vector; dictionary attack. Since this discovery, several tools has been developed that capable of mounting successful attack on WPA/WPA2 PSK enabled WLAN [18, 19]. The key components to mount this attack are password files which is a compilation of common password or generated wordlist and the four-way handshake i.e. Extensible-Authentication-Protocol-Over-LAN (EAPOL). Dictionary attack is a realistic approach as it limits the amount of possible passwords to be tested by exploiting the human tendency of choosing weak passwords [20]. Good password files are available for download at [21, 22, 23]. The first phase is to capture the four-way handshake of the target WAP. The detail of the target client (i.e. channel, MAC address) can be obtained from Kismet scan. There are several scenarios whereas the fourway handshakes occur. The typical one is when a legitimate client is associating with the AP. Thus, the attacker needs to wait for any wireless client to associate in order to capture the handshake. However, there is an alternative method to speed up this process by deauthenticating a target client from the WLAN; packets can be sent to disrupt the communication between target and WAP thus forcing it to reauthenticate. This attack is practically a Denial of Service (DoS). The final step in this attack is to crack the WPA/WPA2 PSK by replicating the WPA/WPA2 initialization process to match the password list using Aircrack [18]. However, the attack will ultimately fail if the passphrase used does not exist in the password list. This would be a good lesson in choosing secure password for security purpose [8]. Figure 4 Successful WPA-PSK attack via Aircrack Discussion By implementing this method, students can gain hands-on experience in configuring and setting up a secure wireless network. The exposure from this practical exercise will ensure that the student acquire some insight into the offensive security field, which will expand their awareness for the need of real world security solutions [7, 11]. Furthermore, by using OSS to replicate actual attack on WLAN, students are in a better position to appreciate the theory that they learn in class [9]. Hands-on approach also promotes active learning and improves communication skills among the students. Consequently, majority of students demonstrate high interest in the subject and explore the topic further beyond the classroom [8], ISSN
5 [9]. Nevertheless, there are two aspects that must be imparted wisely by the instructor; the ethical consideration and legal ramification due to abuse of this know-how [10, 11]. Conclusion We had described five real-world attacks that can be simulated in a controlled environment to encourage awareness and enhance the understanding of WLAN security among students. This hands-on approach can be considered indispensable component of network security subject in this modern era as it balances the conventional method that put emphasis on theoretical knowledge with practical activities that promote active learning so that students would be more involved and motivated. Students who are exposed with this approach can be expected to be competent and self-assured in dealing with the complexity of network security once they enter the industry in the future. References [1] Fluhrer, Mantin & Shamir - Weaknesses in the Key Scheduling Algorithm of RC4, - Retrieved April 1, 2011 [2] Bittau, A., Handley, M. & Lackey, J. - The Final Nail in WEP's Coffin, - Retrieved April 1, 2011 [3] Tews, E., Pychkine, A. & Weinmann, R.P. - Breaking 104 bit WEP in less than 60 seconds, - Retrieved April 1, 2011 [4] Beck, M. & Tews,E. - Practical Attacks Against WEP and WPA, - Retrieved April 1, 2011 [5] Ohigashi, T. & Morii, M. - A Practical Message Falsification Attack on WPA, 20Attack%20on%20WPA.pdf - Retrieved April 1, [6] WPA2 Hole196 Vulnerability Airtight Networks, Hole196 - Retrieved April 1, 2011, [7] Bratus, S., Shubina, A. & Locasto, M.E. (2010). Teaching the Principles of the Hacker Curriculum to Undergraduates, Proceedings of the 41st ACM Technical Symposium on Computer Science Education, March 10-13, 2010, Wisconsin, USA [8] José Carlos Brustoloni. Laboratory Experiments for Network Security Instruction, Journal on Educational Resources in Computing (JERIC), v.6 n.4, p.5-es, December 2006 [9] Wulf, T. (2003). Implementing a Minimal Lab for an Undergraduate Network Security Course, Journal of Computing Sciences in Colleges, Vol. 19, No. 1, pp , October 2003 [10] P. Y. Logan & A. Clarkson, "Teaching students to hack: Curriculum issues in information security," in Proceedings of the 36th SIGCSE Technical Symposium on Computer Science Education St. Louis, Missouri, USA: ACM, [11] B. Pashel, A.B. - "Teaching students to hack: Ethical implications in teaching students to hack at the university level," in Proceedings of the 3rd annual Conference on Information Security Curriculum Development Kennesaw, Georgia: ACM, [12] Backtrack 4 Wiki, Wireless driver, - Retrieved April 1, [13] VirtualBox, - Retrieved April 1, [14] Backtrack 4, - Retrieved April 1, [15] Kismet, - Retrieved April 1, [16] Wireshark, - Retrieved April 1, [17] GNU MAC Changer, - Retrieved April 1, [18] Aircrack-ng suite, - Retrieved April 1, [19] CoWPAtty, - Retrieved April 1, [20] Jianxin Yan, Alan Blackwell, Ross Anderson, Alasdair Grant. The Memorability and Security of Passwords - Some Empirical Results, - Retrieved April 1, [21] Openwall wordlist, Retrieved April 1, [22] RenderLab wordlist, - Retrieved April 1, [23] Xploitz Master Password Collection, _Master_Password_Collection. Retrieved April 1, ISSN
WiFi Security Assessments
WiFi Security Assessments Robert Dooling Dooling Information Security Defenders (DISD) December, 2009 This work is licensed under a Creative Commons Attribution 3.0 Unported License. Table of Contents
More informationCOMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2)
COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2) Disha Baba Banda Singh Bahadur Engineering College Fatehgarh Sahib, Punjab Sukhwinder Sharma Baba Banda Singh Bahadur Engineering College Fatehgarh
More informationWireless Network Security. Pat Wilbur Wireless Networks March 30, 2007
Wireless Network Security Pat Wilbur Wireless Networks March 30, 2007 Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection Types of Attacks
More informationWireless LAN Security: Securing Your Access Point
IJCSNS International Journal of Computer Science and Network Security, VOL.6 No.5B, May 2006 173 Wireless LAN Security: Securing Your Access Point Sia Sie Tung, Nurul Nadia Ahmad, Tan Kim Geok Faculty
More informationMethodology: Security plan for wireless networks. By: Stephen Blair Mandeville A. Summary
Methodology: Security plan for wireless networks By: Stephen Blair Mandeville A. Summary The evolution to wireless networks allows connections with the same quality of data transfer at a lower cost but
More informationWEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication
WLAN Security WEP Overview 1/2 WEP, Wired Equivalent Privacy Introduced in 1999 to provide confidentiality, authentication and integrity Includes weak authentication Shared key Open key (the client will
More informationWIRELESS SECURITY TOOLS
WIRELESS SECURITY TOOLS Johanna Janse van Rensburg, Barry Irwin Rhodes University G01j202j7@campus.ru.ac.za, b.irwin@ru.ac.za (083) 944 3924 Computer Science Department, Hamilton Building, Rhodes University
More informationIntroduction to WiFi Security. Frank Sweetser WPI Network Operations and Security fs@wpi.edu
Introduction to WiFi Security Frank Sweetser WPI Network Operations and Security fs@wpi.edu Why should I care? Or, more formally what are the risks? Unauthorized connections Stealing bandwidth Attacks
More informationBuilding secure wireless access point based on certificate authentication and firewall captive portal
EPJ Web of Conferences 68, 00029 (2014) DOI: 10.1051/ epjconf/ 20146800029 C Owned by the authors, published by EDP Sciences, 2014 Building secure wireless access point based on certificate authentication
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More information9 Simple steps to secure your Wi-Fi Network.
9 Simple steps to secure your Wi-Fi Network. Step 1: Change the Default Password of Modem / Router After opening modem page click on management - access control password. Select username, confirm old password
More informationTop 10 Security Checklist for SOHO Wireless LANs
Expert Reference Series of White Papers Top 10 Security Checklist for SOHO Wireless LANs 1-800-COURSES www.globalknowledge.com Top 10 Security Checklist for SOHO Wireless LANs David Coleman, AirSpy Networks
More informationSecuring your Linksys Wireless Router BEFW11S4 Abstract
Securing your Linksys Wireless Router BEFW11S4 Abstract Current implementations of the 802.11b wireless LAN standards have several potential pitfalls for security. However, built in security mechanisms
More informationWLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network
WLAN Security Why Your Firewall, VPN, and IEEE 802.11i Aren t Enough to Protect Your Network 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Executive Summary Wireless
More informationSecurity in Wireless Local Area Network
Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June
More informationNetwork Security Best Practices
CEDIA WHITE PAPER Network Security Best Practices 2014 CEDIA TABLE OF CONTENTS 01 Document Scope 3 02 Introduction 3 03 Securing the Router from WAN (internet) Attack 3 04 Securing the LAN and Individual
More informationVulnerabilities of Wireless Security protocols (WEP and WPA2)
Vulnerabilities of Wireless Security protocols (WEP and WPA2) Vishal Kumkar, Akhil Tiwari, Pawan Tiwari, Ashish Gupta, Seema Shrawne Abstract - Wirelesses Local Area Networks (WLANs) have become more prevalent
More informationTop 10 Security Checklist for SOHO Wireless LANs
Introduction Corporations, government agencies, the military, and enterprises in fact all medium to large scale wireless LANs have a different set of security requirements compared to the wireless LAN
More informationWireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com
Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge
More informationCS 356 Lecture 29 Wireless Security. Spring 2013
CS 356 Lecture 29 Wireless Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter
More informationWEP WPA WPS :: INDEX : Introduction :
WEP WPA WPS With clients Without clients :: INDEX : Introduction > Overview > Terms & Definitions [ Step 1 ] : Configuring the network interface [ Step 2 ] : Collecting the network info [ Step 3 ] : Capturing
More informationWireless Encryption Protection
Wireless Encryption Protection We re going to jump around a little here and go to something that I really find interesting, how do you secure yourself when you connect to a router. Now first and foremost
More informationchap18.wireless Network Security
SeoulTech UCS Lab 2015-1 st chap18.wireless Network Security JeongKyu Lee Email: jungkyu21@seoultech.ac.kr Table of Contents 18.1 Wireless Security 18.2 Mobile Device Security 18.3 IEEE 802.11 Wireless
More informationIndustrial Communication. Securing Industrial Wireless
Industrial Communication Whitepaper Securing Industrial Wireless Contents Introduction... 3 Wireless Applications... 4 Potential Threats... 5 Denial of Service... 5 Eavesdropping... 5 Rogue Access Point...
More informationWIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able
More informationChapter 3 Safeguarding Your Network
Chapter 3 Safeguarding Your Network The RangeMax NEXT Wireless Router WNR834B provides highly effective security features which are covered in detail in this chapter. This chapter includes: Choosing Appropriate
More informationThe next generation of knowledge and expertise Wireless Security Basics
The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com
More informationOffensive Security. Wireless Attacks - WiFu
Offensive Security Wireless Attacks - WiFu v. 3.0 Mati Aharoni Devon Kearns Thomas d Otreppe de Bouvette Course Overview The wireless industry continues to grow in leaps and bounds with more and more gadgets
More informationTechnical Brief. Wireless Intrusion Protection
Technical Brief Wireless Intrusion Protection Introduction One layer of the multi-layer wireless security solution provided by Aruba Wireless Networks is the ability to lock the air using wireless intrusion
More informationA SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS
A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS Jose Perez Texas A&M University Corpus Christi Email: jluisperez16@gmail.com Fax Number: (361) 825-2795 Faculty Advisor: Dr. Ahmed Mahdy, Texas A&M University
More informationOverview. Summary of Key Findings. Tech Note PCI Wireless Guideline
Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the
More informationWireless Networks. Welcome to Wireless
Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)
More informationWireless Security with Cyberoam
White paper Cyberoam UTM Wireless Security with Cyberoam Robust, Fault-tolerant security is a must for companies sporting wireless networks. Cyberoam UTM strengthens the existing Wireless Security Architecture
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationConfiguring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list)
Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list) Hackers can easily trap information transmitted over wireless network, it has to be encrypted to avoid unauthorized users
More informationChapter 2 Configuring Your Wireless Network and Security Settings
Chapter 2 Configuring Your Wireless Network and Security Settings This chapter describes how to configure the wireless features of your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router. For a wireless
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More information802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com
802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key
More informationImplementing Security for Wireless Networks
Implementing Security for Wireless Networks Action Items for this session Learn something! Take notes! Fill out that evaluation. I love to see your comments and we want to make these better! Most important:
More informationWi-Fi and security Wireless Networking and Security by Alain RASSEL
Wi-Fi and security Wireless Networking and Security by Alain RASSEL 1 23.11.04 Overview: Simple configuration example Obvious simple protection means Change Administrator Password Restrict administrator
More informationDOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK
DOS ATTACKS IN INTRUSION DETECTION AND INHIBITION TECHNOLOGY FOR WIRELESS COMPUTER NETWORK ABSTRACT Dr. Sanjeev Dhull Associate Professor, RPIIT Karnal, Dept of Computer Science The DoS attack is the most
More informationIntroduction. Course Description
Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group ruiper@wavefrontcg.com 1 (604) 961-0701 Introduction Insecure wireless networks at
More informationNXC5500/2500. Application Note. 802.11w Management Frame Protection. ZyXEL NXC Application Notes. Version 4.20 Edition 2, 02/2015
NXC5500/2500 Version 4.20 Edition 2, 02/2015 Application Note 802.11w Management Frame Protection Copyright 2015 ZyXEL Communications Corporation 802.11w Management Frame Protection Introduction IEEE 802.11w
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationAn Experimental Study Analysis of Security Attacks at IEEE 802.11 Wireless Local Area Network
, pp. 9-18 http://dx.doi.org/10.14257/ijfgcn.2015.8.1.02 An Experimental Study Analysis of Security Attacks at IEEE 802.11 Wireless Local Area Network 1 Md Waliullah, 2 A B M Moniruzzaman and 3 Md. Sadekur
More informationNetwork Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.
Network Security Chapter 15 Security of Wireless Local Area Networks Network Security WS 2002: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control MAC and physical characteristics
More informationRobust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been
Robust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been difficult and time-consuming. This paper describes the security
More informationETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001
001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110
More informationAdvanced Security Issues in Wireless Networks
Advanced Security Issues in Wireless Networks Seminar aus Netzwerke und Sicherheit Security Considerations in Interconnected Networks Alexander Krenhuber Andreas Niederschick 9. Januar 2009 Advanced Security
More informationTHE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING
International Journal of Electronics and Communication Engineering & Technology (IJECET) Volume 6, Issue 9, Sep 2015, pp. 65-74, Article ID: IJECET_06_09_008 Available online at http://www.iaeme.com/ijecetissues.asp?jtype=ijecet&vtype=6&itype=9
More informationThe Trivial Cisco IP Phones Compromise
Security analysis of the implications of deploying Cisco Systems SIP-based IP Phones model 7960 Ofir Arkin Founder The Sys-Security Group ofir@sys-security.com http://www.sys-security.com September 2002
More informationWEP WPA WPS :: INDEX : Introduction :
WEP WPA WPS With clients Without clients :: INDEX : Introduction > Overview > Terms & Definitions [ Step 1 ] : Configuring the network interface [ Step 2 ] : Collecting the network info [ Step 3 ] : Capturing
More informationWPA Migration Mode: WEP is back to haunt you...
WPA Migration Mode: WEP is back to haunt you... Leandro Meiners (lmeiners@coresecurity / lmeiners@gmail.com) Diego Sor (dsor@coresecurity.com / diegos@gmail.com) July 2010 Abstract Cisco access points
More informationEVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2)
EVOLUTION OF WIRELESS LAN SECURITY ARCHITECTURE TO IEEE 802.11i (WPA2) Moffat Mathews, Ray Hunt Department of Computer Science and Software Engineering, University of Canterbury, New Zealand {ray.hunt@canterbury.ac.nz}
More informationHow To Secure Wireless Networks
Lecture 24 Wireless Network Security modified from slides of Lawrie Brown Wireless Security Overview concerns for wireless security are similar to those found in a wired environment security requirements
More informationWireless Security and Healthcare Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance
Going Beyond IEEE 802.11i to Truly Ensure HIPAA Compliance 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Wireless LANs are prevalent in healthcare institutions. The
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationNetwork Security: Introduction
Network Security: Introduction 1. Network security models 2. Vulnerabilities, threats and attacks 3. Basic types of attacks 4. Managing network security 1. Network security models Security Security has
More informationEnterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003
Enterprise Solutions for Wireless LAN Security Wi-Fi Alliance February 6, 2003 Executive Summary The threat to network security from improperly secured WLANs is a real and present danger for today s enterprises.
More informationUnited States Trustee Program s Wireless LAN Security Checklist
United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following
More informationSecurity Awareness. Wireless Network Security
Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition
More informationWireless Security for Mobile Computers
A Datalogic Mobile and Summit Data Communications White Paper Original Version: June 2008 Update: March 2009 Protecting Confidential and Sensitive Information It is every retailer s nightmare: An attacker
More informationYour 802.11 Wireless Network has No Clothes
Your 802.11 Wireless Network has No Clothes William A. Arbaugh Narendar Shankar Y.C. Justin Wan Department of Computer Science University of Maryland College Park, Maryland 20742 March 30, 2001 Abstract
More information0) What is the wpa handhake?
We have already seen how easy it is with time and the right tools to get the WEP key of any wireless network. We have already explained that these operations are not lawful but for pure interest and personal
More informationWireless Network Security
Wireless Network Security Bhavik Doshi Privacy and Security Winter 2008-09 Instructor: Prof. Warren R. Carithers Due on: February 5, 2009 Table of Contents Sr. No. Topic Page No. 1. Introduction 3 2. An
More informationIf security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders. Dan Farmer, System Administrators Guide to Cracking
More informationAttacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com
Attacking Automatic Wireless Network Selection Dino A. Dai Zovi and Shane A. Macaulay {ddaizovi,smacaulay1}@bloomberg.com We made Slashdot! Hackers, Meet Microsoft "The random chatter of several hundred
More informationKey Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards
White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the
More informationPCI Wireless Compliance with AirTight WIPS
A White Paper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com 2013 AirTight Networks, Inc. All rights reserved. Introduction Although [use
More informationHacking. Aims. Naming, Acronyms, etc. Sources
Free Technology Workshop Hacking Hands on with wireless LAN routers, packet capture and wireless security Organised by Steven Gordon Bangkadi 3 rd floor IT Lab 10:30-13:30 Friday 18 July 2014 http://ict.siit.tu.ac.th/moodle/.-----.-----.-----..----.
More informationVIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong
VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security
More informationClosing Wireless Loopholes for PCI Compliance and Security
Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop
More informationWireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.
Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key
More informationIntegrated Health Systems. Enterprise Wireless LAN Security for Long Term Care. Integrated Systems, Inc. (866) 602-6100
Integrated Health Systems Enterprise Wireless LAN Security for Long Term Care Integrated Systems, Inc. (866) 602-6100 Enterprise Wireless LAN Security This paper describes the challenges today s healthcare
More informationUnderstanding WiFi Security Vulnerabilities and Solutions. Dr. Hemant Chaskar Director of Technology AirTight Networks
Understanding WiFi Security Vulnerabilities and Solutions Dr. Hemant Chaskar Director of Technology AirTight Networks WiFi Proliferation Global WiFi Radio Chipset Sales 387 307 Millions 120 200 2005 2006
More informationTable of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example
Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2
More informationWarDriving and Wireless Penetration Testing with OS X
410_WD2e_06.qxd 10/16/06 10:08 AM Page 153 Chapter 6 WarDriving and Wireless Penetration Testing with OS X Solutions in this chapter: WarDriving with Kismac Penetration Testing with OS X Other OS X Tools
More informationWireless Network Security
Wireless Network Security By Wireless Network Security Page 2 of 18 1. Executive Summary The concept of wireless communication is not new. One inventor, Nikola Tesla, envisioned over 100 years ago a system
More informationWireless Tools. Training materials for wireless trainers
Wireless Tools Training materials for wireless trainers This talk covers tools that will show you a great deal of information about wireless networks, including network discovery, data logging, security
More informationSelf Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:
IMPORTANT! This Guide refers to the following Products: Securing Your Wireless Network Please read the following carefully; Synopsis: This Guide is designed to help you if you have a Wireless Network that
More informationSecuring your Linksys WRT54G
Securing your Linksys WRT54G Abstract Current implementations of the 802.11b and 802.11g wireless LAN standards have several potential pitfalls for security. However, built in security mechanisms in these
More informationWhite paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points. http://www.veryxtech.com
White paper Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points http://www.veryxtech.com White Paper Abstract Background The vulnerabilities spotted in the Wired Equivalent Privacy (WEP) algorithm
More informationSecurity in IEEE 802.11 WLANs
Security in IEEE 802.11 WLANs 1 IEEE 802.11 Architecture Extended Service Set (ESS) Distribution System LAN Segment AP 3 AP 1 AP 2 MS MS Basic Service Set (BSS) Courtesy: Prashant Krishnamurthy, Univ Pittsburgh
More informationWI-FI SECURITY: A LITERATURE REVIEW OF SECURITY IN WIRELESS NETWORK
IMPACT: International Journal of Research in Engineering & Technology (IMPACT: IJRET) ISSN(E): 2321-8843; ISSN(P): 2347-4599 Vol. 3, Issue 5, May 2015, 23-30 Impact Journals WI-FI SECURITY: A LITERATURE
More informationEnsuring HIPAA Compliance in Healthcare
The Intelligent Wireless Networking Choice WHITE PAPER Ensuring HIPAA Compliance in Healthcare Overview Wireless LANs are prevalent in healthcare institutions. The constant need for mobility among doctors,
More informationThe Importance of Wireless Security
The Importance of Wireless Security Because of the increasing popularity of wireless networks, there is an increasing need for security. This is because unlike wired networks, wireless networks can be
More informationWireless LAN Security Mechanisms
Wireless LAN Security Mechanisms Jingan Xu, Andreas Mitschele-Thiel Technical University of Ilmenau, Integrated Hard- and Software Systems Group jingan.xu@tu-ilmenau.de, mitsch@tu-ilmenau.de Abstract.
More informationWireless LAN Security I: WEP Overview and Tools
Wireless LAN Security I: WEP Overview and Tools Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-09/
More informationA COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)
A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2) Vipin Poddar Suresh Gyan Vihar School of Engginering And Technology, Jaipur, Rajasthan. Hitesh Choudhary, Poornima University, Jaipur,
More informationSecurity Issues with Integrated Smart Buildings
Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern
More informationConfiguring Security Solutions
CHAPTER 3 This chapter describes security solutions for wireless LANs. It contains these sections: Cisco Wireless LAN Solution Security, page 3-2 Using WCS to Convert a Cisco Wireless LAN Solution from
More informationSonicWALL Makes Wireless Networking Secure
SonicWALL Makes Wireless Networking Secure Defines the Challenges Facing Organizations Interested in Deploying Wireless Network Security CONTENTS Abstract 1 The Demand for Wireless 1 IT Concerns No Small
More informationWHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks
WHITE PAPER The Need for Wireless Intrusion Prevention in Retail Networks The Need for Wireless Intrusion Prevention in Retail Networks Firewalls and VPNs are well-established perimeter security solutions.
More informationWireless LAN Pen-Testing. Part I
Wireless LAN Pen-Testing Part I To know your Enemy, you must become your Enemy (Sun Tzu, 600 BC) Georg Penn 23.03.2012 Motivation Read manuals, documentation, standards Check sources for their reliability,
More informationBeyond the Firewall No. 72 March, 2012 Wireless LAN Edition
Wireless LAN infrastructure is now an increasingly common part of corporate enterprises. With wireless LAN infrastructure, new productivity gains can be realized. With this infrastructure though comes
More informationNew Avatars of Honeypot Attacks on WiFi Networks
New Avatars of Honeypot Attacks on WiFi Networks Prabhash Dhyani Wireless Security Researcher,Airtight Networks,Pune Email: prabhash.dhyani@airtightnetworks.com Abstract WiFi has become mainstream technology
More informationWireless security. Any station within range of the RF receives data Two security mechanism
802.11 Security Wireless security Any station within range of the RF receives data Two security mechanism A means to decide who or what can use a WLAN authentication A means to provide privacy for the
More informationWHITE PAPER. Enterprise Wireless LAN Security
WHITE PAPER Enterprise Wireless LAN Security Preface This paper describes the challenges today s administrators face when planning data protection for their wireless networks. Paramount in this discussion
More informationWLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.
Wireless LAN Attacks and Protection Tools (Section 3 contd.) WLAN Attacks Passive Attack unauthorised party gains access to a network and does not modify any resources on the network Active Attack unauthorised
More informationSetting up a WiFi Network (WLAN)
Setting up a WiFi Network (WLAN) How to set up Wi-Fi on your Huawei E960 InZone Step 1: In the address field on your internet browser, type http://192.168.1.1/ Step 2: Type admin into the Password box
More information