VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong



Similar documents
9 Simple steps to secure your Wi-Fi Network.

Security Awareness. Wireless Network Security

TECHNICAL NOTE REFERENCE DOCUMENT. Improving Security for Axis Products. Created: 4 October Last updated: 11 October Rev: 1.

Chapter 3 Safeguarding Your Network

Chapter 2 Configuring Your Wireless Network and Security Settings

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

Industrial Communication. Securing Industrial Wireless

Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi


Wireless Network Best Practices for General User

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

VIDEO Intypedia013en LESSON 13: DNS SECURITY. AUTHOR: Javier Osuna García-Malo de Molina. GMV Head of Security and Process Consulting Division

Securing your Linksys WRT54G

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ ITMC TECH TIP ROB COONCE, MARCH 2008

Chapter 2 Wireless Settings and Security

Security. TestOut Modules

Computer Networks. Secure Systems

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

wireless broadband information

Wireless Encryption Protection

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter with RangeBooster. User Guide WIRELESS WUSB54GR. Model No.

Wireless Networks. Welcome to Wireless

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Connecting your Aiki phone to a network

Security and privacy in public WLAN networks

Wireless Security. CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger.

Recommended Wireless Local Area Network Architecture

Topics in Network Security

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Basic Computer Security Part 2

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

WLAN Information Security Best Practice Document

Linksys WAP300N. User Guide

Wireless Security for Hotspots & Home PCCW Feb, 2009

A Division of Cisco Systems, Inc. GHz g. Wireless-G. Access Point with SRX. User Guide WIRELESS WAP54GX. Model No.

WIRELESS NETWORKING SECURITY

Wireless Network Security When On the Road

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Analysis of Security Issues and Their Solutions in Wireless LAN 1 Shenam Chugh, 2 Dr.Kamal

Setting up a WiFi Network (WLAN)

Best Practices for Outdoor Wireless Security

Wireless Security: Secure and Public Networks Kory Kirk

Wireless Security. New Standards for Encryption and Authentication. Ann Geyer

CONNECTING THE RASPBERRY PI TO A NETWORK

chap18.wireless Network Security

White paper. Wireless Security: It s Like Securing Your Home

WI-FI VS. BLUETOOTH TWO OUTSTANDING RADIO TECHNOLOGIES FOR DEDICATED PAYMENT APPLICATION

How To Set up and Configure the WNA-100 Wireless Network Adapter

AC750 WiFi Range Extender

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Wi-Fi and security Wireless Networking and Security by Alain RASSEL

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:

User Guide. E-Series Routers

Guide for wireless environments

VIDEO intypedia007en LESSON 7: WEB APPLICATION SECURITY - INTRODUCTION TO SQL INJECTION TECHNIQUES. AUTHOR: Chema Alonso

The next generation of knowledge and expertise Wireless Security Basics

Configure WorkGroup Bridge on the WAP131 Access Point

Wireless Robust Security Networks: Keeping the Bad Guys Out with i (WPA2)

Network Access Security. Lesson 10

WIRELESS SECURITY IN (WI-FI ) NETWORKS

The Hidden Dangers of Public WiFi

Cyber Security: Beginners Guide to Firewalls

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

Computer Networks: DNS a2acks CS 1951e - Computer Systems Security: Principles and Prac>ce. Domain Name System

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household

Closing Wireless Loopholes for PCI Compliance and Security

Question How do I access the router s web-based setup page? Answer

United States Trustee Program s Wireless LAN Security Checklist

PCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com

The Importance of Wireless Security

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide

Wireless Network Standard and Guidelines

Configuring Security Solutions

How To Secure Wireless Networks

Using Wireless Technology Securely

Table of Contents SECURING THE WIRELESS NETWORK GUIDE 2

First of all Let's look at how you would connect your laptop via Ethernet, as it is the easier of the two methods.

State of Kansas. Interim Wireless Local Area Networks Security and Technical Architecture

Certified Wireless Security Professional (CWSP) Course Overview

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3

WiFi Security Assessments

CS549: Cryptography and Network Security

Particularities of security design for wireless networks in small and medium business (SMB)

AXIS 207W Network Camera Technical Information

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay

Networking. General networking. Networking overview. Common home network configurations. Wired network example. Wireless network examples

802.1x Networking. tommee pickles Moloch Industries. Moloch.org tommee.net

CS 356 Lecture 29 Wireless Security. Spring 2013

m-trilogix White Paper on Security in Wireless Networks

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security

USER GUIDE AC2400. DUAL BAND GIGABIT Wi Fi ROUTER. Model# E8350

Securing your Linksys Wireless Router BEFW11S4 Abstract

N300 WiFi Range Extender

Wireless-N. User Guide. PCI Adapter WMP300N (EU) WIRELESS. Model No.

Setting Up Your Wireless Network

Transcription:

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security in wireless networks or Wi Fi networks. Join us! SCENE 1. INTRODUCTION TO SECURING WI FI NETWORKS Bob, I'm very interested in learning more about securing wireless networks or Wi Fi networksbased on 802.11 technologies, since they are used every day by millions of people around the world because of their easy connectivity, flexibility and mobility. I've heard that the wireless networks we use to connect to our home network, our company network or to the Internet from our laptops and mobile devices, such as phones or tablets, are insecure. Is that true? The main difference between wireless networks and wired networks like Ethernet is the physical access to the network. In traditional wired networks, you connect through an outlet or a point of physical connection in order to gain access to the network or to the data that travels through it. However, wireless networks send their information through radio frequency signals that travel through air like TV or radio signals so it's much easier for anyone to access these communications. We could consider that a Wi Fi network is the equivalent of throwing an Ethernet cable out the window or through the main door out to the street, allowing anyone who passes by to connect to it. Script Intypedia012en 1

But this way, only those who are near the Wi Fi network could connect to it without authorization. I recall that the longest distance for a usual Wi Fi network is around 100 meters, is that right? The truth is that although most Wi Fi standards and specifications normally mention theoretical distances of 100 meters, the real distance that a wireless signal can reach depends on the equipment used by the network and the attacker. Many factors influence on the distance: obstacles and their density, the transmission power, receiver sensitivity and the use of high gain antennas. Several projects and demonstrations have performed connections from hundreds of meters away, using standard equipment. So we must assume that, in a real environment, an attacker to a wireless network can be located hundreds of meters or even several kilometres away from the network. And I thought only my neighbours could attack me! So, if someone decides to access my home wireless network or the one in the café I usually go to or my company's network, what type of attacks could they perform? Many attacks can be performed to Wi Fi networks, but we can classify them into four general categories. The denial of service attacks (DoS) are the most difficult to avoid due to the way wireless technologies perform. Someone can make enough "noise" in the frequency used by the Wi Fi network to make it impossible for there to be any wireless communications, thus affecting the network's availability. This attack is of great importance in critical environments like monitoring networks in hospitals or critical infrastructures. Then there are attacks where the communication that travels through air in a wireless network is intercepted. In this case, the attacker can see the unencrypted exchanged data. These attacks can't be detected and they affect communication confidentiality. The other two types of attack are traffic injection and network access. An attacker without access to the network could inject traffic and modify its behaviour. He could also establish an unauthorized connection with the Wi Fi network and gain full access to it affecting, in both cases, the integrity of communications. How interesting! So what can we do to protect our wireless network from those attacks? Alice, before we delve into the protection mechanisms we can use, it is important to highlight that not only the networks need protection, but also the access points, the controllers, the Script Intypedia012en 2

clients who connect to the wireless networks, as well as desktop computers, laptops, mobile phones, smartphones, tablets and any other mobile device. SCENE 2. WI FI NETWORK SECURITY Thanks, Bob, now I know the different types of attacks to Wi Fi networks. However, when configuring a Wi Fi network, I have noticed that there are many different options and technologies available, like WEP, WPA, WPA2, 802.1x and so on. I'm not sure which one is the most secure... When configuring a wireless network, there are two security elements we must bear in mind: the encryption of the communication and the authentication or access control to the network. Firstly, to avoid anyone from intercepting the communication and gaining access to its content, we must encrypt it. The technologies you just mentioned are used to encrypt the communication, but some are insecure. Secondly, to avoid anyone gaining unauthorised access to the network, we must have strong authentication mechanisms that provide identification for those connecting to the network. The problem is that when you buy a Wi Fi access point, it is usually set as open by default, i.e., without any encryption or authentication, so you need to configure its security options. What settings would you recommend? Indeed, it's very usual that Wi Fi access points are set as open by default, allowing anyone to intercept network traffic or to connect to the network. It's also common to receive the Wi Fi access point or router from the internet service provider already configured with WEP (Wired Equivalent Privacy), an encrypting method which is old and insecure, even though it requires a password. This password requirement creates a false sense of security. Although WEP uses the RC4 cipher algorithm, like other protocols that we trust like HTTPS, it was used incorrectly and in a non secure way in its design. So, nowadays, an attacker can obtain a WEP password to a wireless network in less than a minute. Personal Wi Fi networks should be configured with WPA2 (Wireless Protected Access 2), using Personal or PSK (Pre Shared Key); a secure option that uses long (more than 20 characters) and hard to guess passwords, configured in both the client and in the wireless network. WPA2 offers encrypting and authentication mechanisms. Yes, but I recall that when selecting WPA2 Personal, you are prompted with two options: TKIP (Temporal Key Integrity Protocol) and AES (Advanced Encryption Standard). Which one is most secure? Script Intypedia012en 3

The recommended option is AES, since it's based on today's referenced set of cryptographic algorithms. TKIP is the evolution of the WEP encryption mechanisms, also based on RC4, but upgraded, that was designed to be used with WPA and those Wi Fi devices that supported WEP years ago. WPA is less secure than WPA2 and is an alternative that was designed for a temporal use. So it's decided! WPA2 and AES with a strong password! When it comes to companies and other organizations, what option would you recommend to secure their wireless network? WPA2 Personal? They could use WPA2 Personal too, but it's highly recommended that corporate wireless networks use WPA2 Enterprise, because this option gives more security thanks to a RADIUS (Remote Authentication Dial In User Service) server that generates and distributes random and robust passwords, using 802.1X and EAP (Extensible Authentication Protocol) protocols for authentication. There are many types of EAP protocols, each one uses different credentials, such as user name and password, digital certificates, smart cards and so on. Therefore, a detailed study of the Wi Fi infrastructure should be undertaken to choose the appropriate EAP. The encrypting mechanisms used by WPA2 Personal and Enterprise are similar. Furthermore, it is highly advisable for corporations to have a Wireless Intrusion Detection System (WIDS) to know what is happening within the wireless network and be able to react to possible attacks. Lastly, Wi Fi access points have several additional security options, like reducing the intensity and range of the signal, filtering by MAC addresses or hiding the access point's name by disabling the SSID broadcast. Is it worth setting these up too? All the additional security mechanisms that you've mentioned allow you to increase the security of your wireless network, but they have weak points that a capable attacker can overcome easily. In some cases, their implementation is complex, like when filtering the MAC addresses of all the Wi Fi clients in a company that has thousands of client devices. In other cases, their use can even reduce the security level of the wireless environment, like hiding the access point's name, because this affects the clients. Well, it really isn't that complicated once someone explains it to you. Script Intypedia012en 4

SCENE 3. WI FI CLIENTS SECURITY Bob, you mentioned earlier that it was also important to consider security options of the Wi Fi clients. Do you mean that someone could attack my mobile devices with Wi Fi, when I'm taking a walk? Indeed! Since wireless networks nowadays can be more secure than in the past, attackers have focused their activities on Wi Fi clients, the weakest link in the chain. Just by having the Wi Fi activated on a mobile device, someone could try to communicate with it and attack it. The target of a device that isn't connected to a wireless network is its Wi Fi card driver and the Operating System. For this reason, it is highly recommended to have the Operating System and the Wi Fi drivers of all your devices permanently updated. Yes, I always try to have both of them updated. Even with them updated, could someone attack my mobile devices through Wi Fi? All of the Wi Fi clients store a list of networks they've connected to previously the Preferred Network List (PNL) and they try to connect to them when the Wi Fi interface is active. One of the most common attacks to Wi Fi clients is the "evil twin" or bogus access point. Here, an attacker impersonates one of those preferred networks in your device's list, so the client connects to the network automatically thinking it's one of the preferred networks, even if you are miles away from the real network. Once the client is connected to the bogus network, the attacker will try to access your device and your communications. But for that attack to work, my device has to announce at least one of the networks included in its preferred list. Nowadays, if I'm not mistaken, most Wi Fi devices don't disclose their preferred network list, right? That's right, the attack is only possible if the Wi Fi device discloses at least one preferred network. Today, many Wi Fi devices avoid disclosing the networks, although there are still other devices, like mobile phones, that do so and are vulnerable. However, there is a common scenario that affects all sorts of Wi Fi devices. Alice, do you remember before when we mentioned hiding the access point's name by disabling the SSID broadcast? When a Wi Fi client tries to connect to a network, it searches for available networks in the current location, then looks through its Preferred Network List, and if there s a match, it tries to connect to that network. Script Intypedia012en 5

If the network is hidden, it won't appear under the available networks, so the client won't be able to connect to it. For this connection to be possible, the device has to ask specifically for the existence of the hidden network, thus revealing the name of the network. Therefore, the evil twin attack is possible when a device has hidden networks listed in its Preferred Network List. This is why it's not advisable to hide the name of a Wi Fi network, since this alleged protective measure really lowers the security for Wi Fi clients. As soon as we finish this lesson I will remove all the hidden networks from my Preferred Network List and any other Wi Fi network I've connected to in the past that I'm probably not going to connect to again. It just occurred to me, that even though I have my Wi Fi switched off most of the time because it consumes a lot of battery, what happens when I connect to other Wi Fi networks, like the public hotspot at the café or the library, a restaurant, a hotel or an airport? Public wireless networks that offer free or paying Internet access are the perfect environment for attackers. They are usually open networks that don't use encrypting mechanisms and in all of them you are sharing the wireless network with other users, including possible attackers. Even if they do use encryption, your traffic can be intercepted since the password is known by all of the users, unless they use WPA/WPA2 Enterprise, which is unusual in these environments. The attacker can perform a wide variety of attacks against your device, like intercepting your encrypted traffic sent through the wireless network and accessing your contents, or trying to exploit security vulnerabilities in your operating system or other software, like, for example, your web browser or its plug ins. To avoid these types of attacks, we should use Virtual Private Networks (VPN) based on SSL or IPSec to protect traffic sent through an insecure network, like a wireless hotspot. Doing this, I shouldn't have to worry, right? The use of VPN's over insecure wireless networks is very common, but even though it's a recommended security measure, you must bear in mind that it presents some vulnerabilities. First of all, VPN technologies protect traffic in higher communication layers (level 3 for IPSec and level 5 for SSL), so an attacker could attack lower layers (level 2), like in cache ARP poisoning attacks. Second, the user has to connect to the insecure wireless network and then establish a secure communication channel through the VPN, but, what happens if that secure channel can't be established or is delayed? In the meantime, attacks to the device and the user's traffic are possible. A common example can be seen in wireless networks that require user authentication through a website or a captive portal, where many connections through the Script Intypedia012en 6

insecure network are made before access to the Internet is gained enabling the establishment of the VPN. In sum, it is preferable to use secure wireless networks along with VPN technologies and encrypted connections from end to end, like the ones based on SSL/TLS. SCENE 4. SECURITY RECOMMENDATIONS Alice, how about we summarize the security recommendations for wireless networks? What are the main tips you would give to protect a Wi Fi network? To protect a wireless network it is advisable to reduce the range of the signal, to not hide the network's name and to use security technologies like WPA2 AES in it's Personal (PSK) version with long and hard to guess passwords, or in its Enterprise version with the appropriate EAP method, depending on the corporate network features. Additionally, it is helpful to use detection mechanisms to identify attacks on the wireless network. Well done! So, what would be the main tips for protecting Wi Fi clients? To protect Wi Fi clients it is advisable to have both the Operating System and the Wi Fi drivers of the device updated, to turn off the Wi Fi when not in use, to avoid connection to insecure wireless networks, like open public networks, or with weak security mechanisms like WEP, and to keep the Preferred Network List up to date, removing hidden networks or those that are not going to be used. Alice, it's time to put all these tips to work and increase the security of all the Wi Fi networks and clients we have access to. On the Intypedia website you will find additional documentation for this lesson. Goodbye! See you at our next lesson! Script Intypedia012en 7

Script adapted to the Intypedia format from the document sent by Raúl Siles Madrid, Spain. January 2012 http://www.intypedia.com http://twitter.com/intypedia Script Intypedia012en 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information