Security Awareness. Wireless Network Security



Similar documents

Tutorial 3. June 8, 2015

Wireless Encryption Protection

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ ITMC TECH TIP ROB COONCE, MARCH 2008

9 Simple steps to secure your Wi-Fi Network.

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

SonicWALL PCI 1.1 Implementation Guide

Recommended IP Telephony Architecture

THE 123 OF WIRELESS SECURITY AT HOME 家 居 WIFI 保 安 123

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Network Security Topologies. Chapter 11

Security. TestOut Modules

Legacy Security

MN-700 Base Station Configuration Guide

running operation mode painless TECHNICAL SPECIFICATION WAN/LAN: One 10/100 Fast Ethernet RJ-45 WPS (WiFi Protected Setup) WAN (Internet connection)

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

Chapter 3 Safeguarding Your Network

Figure 1. The Motorola SB4200 cable modem

chap18.wireless Network Security

Computer Networks. Secure Systems

Quick Start Guide. WRV210 Wireless-G VPN Router with RangeBooster. Cisco Small Business

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

How To Connect Xbox 360 Game Consoles to the Router by Ethernet cable (RJ45)?

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Network Security Best Practices

Chapter 4 Customizing Your Network Settings

Developing Network Security Strategies

Industrial Communication. Securing Industrial Wireless

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

WIRELESS NETWORKING SECURITY

WLAN Security Why Your Firewall, VPN, and IEEE i Aren t Enough to Protect Your Network

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

Objectives. Security+ Guide to Network Security Fundamentals, Third Edition. Network Vulnerabilities. Media-Based Vulnerabilities

ENHWI-N n Wireless Router

Chapter 2 Configuring Your Wireless Network and Security Settings

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

WiFi Security Assessments

All You Wanted to Know About WiFi Rogue Access Points

Configuring Routers and Their Settings

Particularities of security design for wireless networks in small and medium business (SMB)

Wireless Networks. Welcome to Wireless

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

PwC. Outline. The case for wireless networking. Access points and network cards. Introduction: OSI layers and 802 structure

home networking series Advanced manual - HOME NETWORKING

How To Secure Wireless Networks

Question How do I access the router s web-based setup page? Answer

Link Layer and Network Layer Security for Wireless Networks

Section 12 MUST BE COMPLETED BY: 4/22

APPENDIX 3 LOT 3: WIRELESS NETWORK

CS5008: Internet Computing

Network Attacks and Defenses

INTRUSION DETECTION SYSTEMS and Network Security

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

Link Layer and Network Layer Security for Wireless Networks

- Introduction to Firewalls -

Payment Card Industry Self-Assessment Questionnaire

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.

Recommended Wireless Local Area Network Architecture

Wireless LAN Access Point. IEEE g 54Mbps. User s Manual

CONNECTING THE RASPBERRY PI TO A NETWORK

Using Wireless Technology Securely

Ralink Utility User Guide/PC/MAC

Securing your Linksys WRT54G

Securing Cisco Network Devices (SND)

User s Guide WI-FI ROUTER HIGHPOWERTM RTA1750 AC1750

Top 10 Security Checklist for SOHO Wireless LANs

DV230 Web Based Configuration Troubleshooting Guide

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Security Technology: Firewalls and VPNs

Wireless Network Security

Top 10 Security Checklist for SOHO Wireless LANs

Security in IEEE WLANs

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

Setting up a WiFi Network (WLAN)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

ECB1220R. Wireless SOHO Router/Client Bridge

User s Guide. High Power Wireless-N 600mW Gigabit Dual Band Router R20000G

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

University of Hawaii at Manoa Professor: Kazuo Sugihara

Network Access Security. Lesson 10

Closing Wireless Loopholes for PCI Compliance and Security

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Running Head: WIRELESS NETWORKING FOR SMALL BUSINESSES. Wireless Networking for Small Businesses. Russell Morgan. East Carolina University

Table of Contents. Wireless Security...40 What is WEP?...40 Configure WEP...41 What is WPA?...42 Configure WPA-PSK (Personal)

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

ESR (Go Green Series) Wireless-N Broadband Router / AP / Repeater. 2.4 GHz b/g/n 300 Mbps

NETVIGATOR Wireless Modem Setup Guide. (TG789Pvn)

Wireless VPN White Paper. WIALAN Technologies, Inc.

How To Protect Your Data From Being Stolen

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

LTE Internet (Installed)

Chapter 9 Monitoring System Performance

Transcription:

Security Awareness Wireless Network Security

Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition 2

Discovering Beaconing At regular intervals, a wireless router sends a signal to announce its presence Scanning Wireless device looks for the incoming beacon information Wireless location mapping Also known as war driving Finding a beacon from a wireless network and recording information about it Security Awareness, 3 rd Edition 3

Discovering (cont d.) Tools needed for war driving Mobile computing device Wireless NIC adapter Antenna Omnidirectional antenna Global positioning system (GPS) receiver Software Security Awareness, 3 rd Edition 4

Discovering (cont d.) Figure 5-8 USB wireless NIC Course Technology/Cengage Learning Security Awareness, 3 rd Edition 5

Connecting Service Set Identifier (SSID) Network name and can be any alphanumeric string from 2 to 32 characters Wireless networks are designed to freely distribute 3 their SSID rd Once a wireless device receives a beacon with the SSID, it can then attempt to join the network Virtually nothing that an attacker must do in order to connect Security Awareness, 3 rd Edition 6

Connecting (cont d.) Figure 5-9 Connecting to a wireless network Course Technology/Cengage Learning Security Awareness, 3 rd Edition 7

Connecting (cont d.) Some wireless security sources encourage users to configure APs to prevent the beacon from including the SSID Does not provide protection Security Awareness, 3 rd Edition 8

Launching Assaults Eavesdropping Attackers can easily view the contents of transmissions from hundreds of feet away Even if they have not connected to the wireless network Security Awareness, 3 rd Edition 9

Launching Assaults (cont d.) Wired Equivalent Privacy (WEP) Ensure that only authorized parties can view transmitted wireless information Encrypts information into ciphertext Contains a serious flaw Attacker can discover a WEP key in less than one minute Security Awareness, 3 rd Edition 10

Launching Assaults (cont d.) Stealing data Once connected attacker treated as trusted user Has access to any shared data Injecting malware Trusted user enters from behind the network s firewall Can easily inject malware Storing illegal content Can set up storage on user s computer and store content Security Awareness, 3 rd Edition 11

Launching Assaults (cont d.) Launching denial of service (DoS) attacks Denial of service (DoS) attack Designed to prevent a device from performing its intended function Wireless DoS attacks Designed to deny wireless devices access to the wireless router itself Packet generator Create fake packets; flood wireless network with traffic Disassociation frames Communication from a wireless device that indicates the device wishes to end the wireless connection Security Awareness, 3 rd Edition 12

Launching Assaults (cont d.) Figure 5-13 DoS attack using disassociation frames Course Technology/Cengage Learning Security Awareness, 3 rd Edition 13

Launching Assaults (cont d.) Impersonating a legitimate network Attackers will often impersonate legitimate networks in restaurants, coffee shops, airports, etc. Does not require wireless router Ad hoc or peer-to-peer network Once the connection is made Attacker might be able to directly inject malware into the user s computer or steal data Security Awareness, 3 rd Edition 14

Wireless Network Defenses Secure the home wireless network Use an unprotected public wireless network in the most secure manner possible Security Awareness, 3 rd Edition 15

Securing a Home Wireless Network Locking down the wireless router Create username and password Do not use default password Typical settings on the wireless router login security screen Router Password Access Server Wireless Access Web Remote Management Security Awareness, 3 rd Edition 16

Securing a Home Wireless Network (cont d.) Figure 5-15 Wireless router login security screen Course Technology/Cengage Learning Security Awareness, 3 rd Edition 17

Securing a Home Wireless Network Limiting users (cont d.) Restrict who can access network by MAC address MAC address filter Dynamic Host Configuration Protocol (DHCP) Wireless routers distribute IP addresses to network devices Properly configuring settings DHCP lease 3 rd Security Awareness, 3 rd Edition 18

Securing a Home Wireless Network (cont d.) Figure 5-16 MAC address filter Course Technology/Cengage Learning Security Awareness, 3 rd Edition 19

Securing a Home Wireless Network (cont d.) Turning on Wi-Fi protected access 2 (WPA2) Personal security model Designed for single users or small office settings Parts Wi-Fi Protected Access (WPA) Wi-Fi Protected Access 2 (WPA2) To turn on WPA2 Choose security mode Select WPA Algorithm Enter shared key Security Awareness, 3 rd Edition 20

Securing a Home Wireless Network (cont d.) Figure 5-18 Security Mode options Course Technology/Cengage Learning Security Awareness, 3 rd Edition 21

Securing a Home Wireless Network (cont d.) Figure 5-19 WPA Algorithms setting Course Technology/Cengage Learning Security Awareness, 3 rd Edition 22

Securing a Home Wireless Network (cont d.) Configuring network settings Network Address Translation (NAT) Hides the IP addresses of network devices from attackers Private addresses NAT removes the private IP address from the sender s packet and replaces it with an alias IP address Port address translation (PAT) Each packet is sent to a different port number Security Awareness, 3 rd Edition 23

Securing a Home Wireless Network (cont d.) Virtual local area networks (VLANs) Segment users or network equipment in logical groupings Creates a separate virtual network for each user of the wireless network Demilitarized Zone (DMZ) Separate network that sits outside the secure network perimeter Limits outside access to the DMZ network only Security Awareness, 3 rd Edition 24

Securing a Home Wireless Network (cont d.) Figure 5-21 Demilitarized zone (DMZ) Course Technology/Cengage Learning Security Awareness, 3 rd Edition 25

Securing a Home Wireless Network (cont d.) Port forwarding More secure than DMZ Opens only the ports that need to be available Security Awareness, 3 rd Edition 26

Using a Public Wireless Network Securely Turning on a personal firewall Runs as a program on the user s local computer Operates according to a rule base Rule options Allow Block Prompt Stateless packet filtering Stateful packet filtering Provides more protection Security Awareness, 3 rd Edition 27

Using a Public Wireless Network Securely (cont d.) Virtual Private Networks (VPNs) Uses an unsecured public network as if it were a secure private network Encrypts all data that is transmitted between the remote device and the network Advantages Full protection Transparency Authentication Industry standards Security Awareness, 3 rd Edition 28

Figure 5-22 Virtual private network (VPN) Course Technology/Cengage Learning Security Awareness, 3 rd Edition 29