Wireless Encryption Protection

Similar documents
9 Simple steps to secure your Wi-Fi Network.

Security Awareness. Wireless Network Security


12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

CONNECTING THE RASPBERRY PI TO A NETWORK

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

How To Connect Xbox 360 Game Consoles to the Router by Ethernet cable (RJ45)?

Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi

Connecting to and Setting Up a Network

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Wireless VPN White Paper. WIALAN Technologies, Inc.

The next generation of knowledge and expertise Wireless Security Basics

VPN s and Mobile Apps for Security Camera Systems: EyeSpyF-Xpert

Introduction on Low level Network tools

MN-700 Base Station Configuration Guide

Cornerstones of Security

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

Pre-lab and In-class Laboratory Exercise 10 (L10)

Chapter 5. Data Communication And Internet Technology

Figure 1. The Motorola SB4200 cable modem

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:

Network Security Best Practices

High Performance VPN Solutions Over Satellite Networks

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ ITMC TECH TIP ROB COONCE, MARCH 2008

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list)

CMPT 471 Networking II

This Lecture. The Internet and Sockets. The Start If everyone just sends a small packet of data, they can all use the line at the same.

UIP1868P User Interface Guide

WI-FI VS. BLUETOOTH TWO OUTSTANDING RADIO TECHNOLOGIES FOR DEDICATED PAYMENT APPLICATION

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

WEP WPA WPS :: INDEX : Introduction :

Question How do I access the router s web-based setup page? Answer

VPN Lesson 2: VPN Implementation. Summary

User Guide. E-Series Routers

How to Set Up a Wireless Router in a Dorm

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Lesson 1 Quiz Certification Partners, LLC. All Rights Reserved. Version 2.0

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

Securing your Linksys Wireless Router BEFW11S4 Abstract

The Wireless Network Road Trip

Security in Wireless Local Area Network

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

Lab Organizing CCENT Objectives by OSI Layer

home networking series Advanced manual - HOME NETWORKING

CHAPTER 1 INTRODUCTION

Tutorial 3. June 8, 2015

Network Access Security. Lesson 10

Transport and Network Layer

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

Intranet Security Solution

Authentication in WLAN

GregSowell.com. Mikrotik Security

USER GUIDE AC2400. DUAL BAND GIGABIT Wi Fi ROUTER. Model# E8350

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.

Methodology: Security plan for wireless networks. By: Stephen Blair Mandeville A. Summary

Chapter 3 Safeguarding Your Network

Understanding the Cisco VPN Client

Linksys E2500 Wireless-N Router Configuration Guide

Broadband Phone Gateway BPG510 Technical Users Guide

Designing AirPort Extreme Networks

CCT vs. CCENT Skill Set Comparison

Advanced Higher Computing. Computer Networks. Homework Sheets

Recommended Wireless Local Area Network Architecture

WiFi-SB-L3 300M WiFi Router WiFi Bridge WiFi Repeater. WiFi Router WiFi Repeater WiFi Bridge WiFi-SB-L3 Quick Setting Guide

Configuring Security Solutions

Top 10 Security Checklist for SOHO Wireless LANs

Computer Networks. Secure Systems

Exam Questions SY0-401

Ethernet. Ethernet. Network Devices

All You Wanted to Know About WiFi Rogue Access Points

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

The OSI and TCP/IP Models. Lesson 2

Networking Test 4 Study Guide

DV230 Web Based Configuration Troubleshooting Guide

Connecting to the Internet. LAN Hardware Requirements. Computer Requirements. LAN Configuration Requirements

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Securing your Linksys WRT54G

DCB Ethernet Tunnel Family Configuration Guide

Configuring Routers and Their Settings

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

Lab Exercise Objective. Requirements. Step 1: Fetch a Trace

Chapter 2 Configuring Your Wireless Network and Security Settings

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Internet Privacy Options

Technical papers Virtual private networks

WLAN Information Security Best Practice Document

Topics in Network Security

The BANDIT Products in Virtual Private Networks

Lab Module 3 Network Protocol Analysis with Wireshark

Hacking. Aims. Naming, Acronyms, etc. Sources

StoneGate Installation Guide

Transcription:

Wireless Encryption Protection We re going to jump around a little here and go to something that I really find interesting, how do you secure yourself when you connect to a router. Now first and foremost we should clarify what a router is and how it differs from a modem and switch, because if there is one term in networking that gets used WAY too much it s the term router for anything that people get Internet from. Router for our purposes we will assume we are talking about home routers, a device that forwards Internet packets of information by looking at the packet, deciding where it needs to go, and delivering that packet either by wired or wireless mode. This device is known as an active network element in that it can hand out DHCP leases to components behind it providing a hardware layer between the Internet and the internal network. Internet 64.113.255.255 Interior Network Exterior Network 192.168.1.2 192.168.1.3 Router 64.113.255.255 Internet

So the previous diagram shows the difference that adding a router can make to a network. In the first diagram the computer connected directly to the Internet getting a DHCP lease from his ISP. In the second diagram the router acts as an intermediary between the Internet and the devices. It hands out DHCP leases to the devices behind it and any device looking from the Internet cannot get the final IP address of the device it can only see the IP of the router, which is getting it s IP from your ISP. This is a big distinction to make when doing your internal networking, making sure that services that are web based get your outward facing IP and internal services get your internal facing IP. What the router is doing is effectively hiding your actual IP by putting a layer of networking in between, which is sometimes called network address translation or NAT. This hiding of IP addresses allows a device from inside the network to access the web but does not allow the web to access this device effectively making a barrier (there are circumstances that this can be overridden but for the purposes of this class we will assume this is not the case). While NAT protection provides a layer of security from the Internet, it also can cause problems with protocols that transport data over TCP connections like FTP, since no tunneling abilities are described in the NAT protocol (again there are ways to make this work, but the easiest solution is to have a public IP). Most users could have a form of NAT turned on and never know about it, but the power user will probably run into some situation that requires either port forwarding (will explain this more later) or a public IP. Encryption When data is passed over a physical line (like with Ethernet) if a person wanted to intercept the transmission, they would need a way to listen to that line. Now if that same person is connected via a wireless network the signal is broadcasted to the surrounding area, which makes it much easier for someone to listen in on the signal. The way to stop this is to encrypt traffic between the router and the end device. There are two prevalent forms of encryption in use today for wireless networks: Wired Equivalent Privacy or WEP and Wi-Fi Protected Access or WPA. WEP 1) Access point and device share a secret key to encrypt packets a. Key used to encrypt traffic is the password used for authentication as well i. Keys can be up to 128 bits b. Authentication is only done by the router and requires knowledge of the shared key

How connection is made to router: 1) Client sends an authentication request 2) Receives a challenge message from router in clear text 3) Client encrypts the challenge message with the shared key, and sends it back to the router 4) Router decrypts return message and compares it to the challenge message sent, if they match it send back a reply to the client that they are connected. Since the number of keys used was very limited it was very easy for an attacker to eavesdrop on a network and watch packets being sent. After enough packets were sent, the key could be captured with relative ease. For those interested there is a WEP cracking tool implemented into Backtrack called aircrack-ng. Do not use WEP encryption on any network, it provides a false sense of security to the people who use it with little protection. WPA & WPA2 - WPA encryption follows the same outline of WEP but has some key differences that make it a much better alternative. 1) Authentication is completely separate from encryption, meaning that the device will authenticate the user and then use a session key for the encryption process. a. Session keys are 128 bits 2) Each device is given its own session key, meaning that it is much harder to crack a. Session keys are only valid for the duration that the device is connected to the router Weakness from WPA is the same as WEP, in that if someone has enough traffic they can still crack the session key used to encrypt data (albeit much more data must be passed). How the connection is made to the router: 1) Client makes a request to the router 2) Router sends back password prompt 3) Client puts in password and send it back to the router 4) Router checks the authentication and if it does send ACK to client 5) Client then starts the key negotiation sequence 6) Router agrees on key and sends it back to the client 7) Connection is now established WPA2 encryption uses a tougher encryption schema to deliver a more robust and harder to crack algorithm for protection but the method it uses is almost identical to WPA.

WPA2, the newest of the encryption schemes, came out in 2004 so it would be a safe bet to assume that a newer encryption method will probably take over the market sometime soon. There have been many different methods to crack wireless encryption from going after the packet encryption to going after the underlying data encryption scheme DES. All rely on packets being transferred to intercept. As of right the best encryption to be using for your wireless router is WPA2, if your router has it available please select this. There are a few things to keep in mind though: 1) If you have a larger area you would like your router to cover, adding encryption will limit the range you can transmit to. I always suggest that people use wireless encryption when using home networks, just be prepared for a slight range loss when turning encryption on. You might also see some performance decrease as with encryption you are adding more overhead to the packets of data you really want. 2) Wireless encryption is a good start for home security, but it is far from the only protection you should be taking. In future lessons we will go over other things you can use to keep yourself safe. Future lessons: - Passwords - Router settings - Suggestions for you all

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information