Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

Similar documents

WiFi Security Assessments

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security

Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi

Security Awareness. Wireless Network Security

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list)

WEP Overview 1/2. and encryption mechanisms Now deprecated. Shared key Open key (the client will authenticate always) Shared key authentication

9 Simple steps to secure your Wi-Fi Network.

WEP WPA WPS :: INDEX : Introduction :

WIRELESS SECURITY TOOLS

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:

Building secure wireless access point based on certificate authentication and firewall captive portal

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING

Recommended Wireless Local Area Network Architecture

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Vulnerabilities of Wireless Security protocols (WEP and WPA2)

Wireless Encryption Protection

Configuring Security Solutions

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

Certified Wireless Security Professional (CWSP) Course Overview

Link Layer and Network Layer Security for Wireless Networks

The next generation of knowledge and expertise Wireless Security Basics

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

Wireless Pre-Shared Key Cracking (WPA, WPA2)

CS 336/536 Computer Network Security. Summer Term Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

The Importance of Wireless Security

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

Offensive Security. Wireless Attacks - WiFu

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Chapter 2 Wireless Networking Basics

MITM Man in the Middle

Authentication in WLAN

Link Layer and Network Layer Security for Wireless Networks

How To Secure Wireless Networks

DESIGNING AND DEPLOYING SECURE WIRELESS LANS. Karl McDermott Cisco Systems Ireland

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

Agenda. Wireless LAN Security. TCP/IP Protocol Suite (Internet Model) Security for TCP/IP. Agenda. Car Security Story

Wireless Security for Mobile Computers

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

A SURVEY OF WIRELESS NETWORK SECURITY PROTOCOLS

Network Attacks. Common Network Attacks and Exploits

Network Security. Network Security. Protective and Dependable. > UTM Content Security Gateway. > VPN Security Gateway. > Multi-Homing Security Gateway

Wireless Security: Secure and Public Networks Kory Kirk

WLAN Authentication and Data Privacy

Practical Approach in Teaching Wireless LAN Security using Open Source Software

COMPARISON OF WIRELESS SECURITY PROTOCOLS (WEP AND WPA2)

Running Head: WIRELESS NETWORKING FOR SMALL BUSINESSES. Wireless Networking for Small Businesses. Russell Morgan. East Carolina University

Wireless Networks. Welcome to Wireless

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points.

WiFi Security: Deploying WPA/WPA2/802.1X and EAP in the Enterprise

CS5490/6490: Network Security- Lecture Notes - November 9 th 2015

How To Secure A Wireless Network With A Wireless Device (Mb8000)

Network Security Best Practices

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection

hacking protocol insecurities

WLAN Information Security Best Practice Document

802.1x Networking. tommee pickles Moloch Industries. Moloch.org tommee.net

Wireless LAN Security: Securing Your Access Point

Wi-Fi Client Device Security and Compliance with PCI DSS

CS 356 Lecture 29 Wireless Security. Spring 2013

All You Wanted to Know About WiFi Rogue Access Points

Implementing Security for Wireless Networks

Wi-Fi in Healthcare:

chap18.wireless Network Security

Introduction on Low level Network tools

Wireless VPN White Paper. WIALAN Technologies, Inc.

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

A COMPARITIVE ANALYSIS OF WIRELESS SECURITY PROTOCOLS (WEP and WPA2)

Security in Wireless Local Area Network

Wireless Security with Cyberoam

United States Trustee Program s Wireless LAN Security Checklist

CS549: Cryptography and Network Security

Chapter 6 CDMA/802.11i

Security. TestOut Modules

BSc (Hons.) Computer Science with Network Security. Examinations for 2011/ Semester 2

0) What is the wpa handhake?

Chapter 2 Configuring Your Wireless Network and Security Settings

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

UNIK4250 Security in Distributed Systems University of Oslo Spring Part 7 Wireless Network Security

STEP III: Enable the Wireless Network Card. STEP IV: Print out the Printer Settings pages to determine the IP Address

Course Title: Penetration Testing: Communication Media Testing, 1st Edition

Wi-Fi Client Device Security & HIPAA Compliance

New Avatars of Honeypot Attacks on WiFi Networks

Transcription:

Wireless Network Security Pat Wilbur Wireless Networks March 30, 2007

Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection

Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection Capturing spy on packets being sent over wireless network in order to obtain sensitive information about a system, network, or user

Common Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection Capturing spy on packets being sent over wireless network in order to obtain sensitive information about a system, network, or user Denial of Service debilitate the wireless network to disrupt user activity

Why Secure A Wireless Network? Protect sensitive data

Why Secure A Wireless Network? Protect sensitive data Reduce unnecessary bandwidth consumption

Why Secure A Wireless Network? Protect sensitive data Reduce unnecessary bandwidth consumption Liability (and accountability)

Open Access Points The only way to keep communication truly secure is to use end to end encryption.

Open Access Points The only way to keep communication truly secure is to use end to end encryption. If having services like file shares and printers, it is advisable to have other security in place.

Open Access Points The only way to keep communication truly secure is to use end to end encryption. If having services like file shares and printers, it is advisable to have other security in place. One should never assume that the private network is inaccessible from the outside.

Open Access Points The only way to keep communication truly secure is to use end to end encryption. If having services like file shares and printers, it is advisable to have other security in place. One should never assume that the private network is inaccessible from the outside. It is common to pay a fixed rate for the Internet connection, and the extra traffic will not hurt.

Securing Wireless Networks MAC Address Filtering

Securing Wireless Networks MAC Address Filtering Encryption

Securing Wireless Networks MAC Address Filtering Encryption Access Point Encryption

Securing Wireless Networks MAC Address Filtering Encryption Access Point Encryption End to end Encryption

Securing Wireless Networks MAC Address Filtering Encryption Access Point Encryption End to end Encryption VPN Tunneling

Securing Wireless Networks MAC Address Filtering Encryption Access Point Encryption End to end Encryption VPN Tunneling Handshake Authentication

Access Point Encryption WEP Wired Equivalence Privacy 64 bit (40 bit key) or 128 bit (104 bit key) Uses a key concatenated with an Initialization Vector Due to limit in IV length, not long before IVs are repeated, thus relatively easy to crack Shared key system: no protection from legitimate clients Readily available toolkits for cracking (aircrack ng) WEP2 boasted larger IVs and enforced 128 bit encryption, but same vulnerabilities existed only slowed attackers

Access Point Encryption WPA Wi Fi Protected Access WPA was rushed to replace WEP Based on passphrase used to generate a key WPA2 implements the full 802.11i standard Dynamically changed keys instead of static like WEP Much more robust error checking which is less likely to be faked, so harder to inject packets like in WEP PSK mode is vulnerable to passphrase cracking when weak passphrases are used

Access Point Encryption WPA Enterprise An authentication server is required RADIUS server often used Each new session gets its own unique key for increased security

Weaknesses in AP Encryption WEP 64 bit keys may be cracked in a matter of minutes through sniffing and injection (aircrack and aireplay) For more information on how frames are injected: http://www.aircrack ng.org/doku.php?id=aireplay ng&dokuw

Weaknesses in AP Encryption WEP 64 bit keys may be cracked in a matter of minutes through sniffing and injection (aircrack and aireplay) For more information on how frames are injected: http://www.aircrack ng.org/doku.php?id=aireplay ng&dokuw WPA PSK Vulnerable to dictionary attacks

Weaknesses in AP Encryption WEP 64 bit keys may be cracked in a matter of minutes through sniffing and injection (aircrack and aireplay) For more information on how frames are injected: http://www.aircrack ng.org/doku.php?id=aireplay ng&dokuw WPA PSK Vulnerable to dictionary attacks WPA Enterprise Less vulnerable due to unique keys per session

References http://en.wikipedia.org/wiki/wired_equivalent_privacy http://en.wikipedia.org/wiki/wi Fi_Protected_Access http://en.wikipedia.org/wiki/wireless_security http://en.wikipedia.org/wiki/wireless_lan_security