Legacy 802.11 Security



Similar documents
Top 10 Security Checklist for SOHO Wireless LANs

Top 10 Security Checklist for SOHO Wireless LANs

Security Awareness. Wireless Network Security

VLANs. Application Note

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

The next generation of knowledge and expertise Wireless Security Basics

Security. TestOut Modules

The Wireless Network Road Trip

Link Layer and Network Layer Security for Wireless Networks

A Closer Look at Wireless Intrusion Detection: How to Benefit from a Hybrid Deployment Model

Enterprise A Closer Look at Wireless Intrusion Detection:

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

Design and Implementation Guide. Apple iphone Compatibility

Configuring Security Solutions

Technical Brief. Wireless Intrusion Protection

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Controller Management

Recommended Wireless Local Area Network Architecture

Wireless Local Area Networks (WLANs)

Certified Wireless Security Professional (CWSP) Course Overview

Best Practices for Outdoor Wireless Security

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection

WLAN Security Why Your Firewall, VPN, and IEEE i Aren t Enough to Protect Your Network

WiNG5 DESIGN GUIDE By Sriram Venkiteswaran. WiNG5 Wireless Association Filters. How To Guide

Security in IEEE WLANs

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

How To Secure A Wireless Network With A Wireless Device (Mb8000)

Cisco Virtual Office Express

University of Hawaii at Manoa Professor: Kazuo Sugihara

Virtual Access Points

MSC-131. Design and Deploy AirDefense Solutions Exam.

Wireless VPN White Paper. WIALAN Technologies, Inc.

Security in Wireless Local Area Network

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ ITMC TECH TIP ROB COONCE, MARCH 2008

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

Intranet Security Solution

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Industrial Communication. Securing Industrial Wireless

Chapter 4 Customizing Your Network Settings

Cisco RV 120W Wireless-N VPN Firewall

Robust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been

Link Layer and Network Layer Security for Wireless Networks

CTS2134 Introduction to Networking. Module Network Security

How To Set Up A Cisco Rv110W Wireless N Vpn Network Device With A Wireless Network (Wired) And A Wireless Nvv (Wireless) Network (Wireline) For A Small Business (Small Business) Or Remote Worker

VPN. Date: 4/15/2004 By: Heena Patel

Wireless Controller DWC-1000

Cisco RV110W Wireless-N VPN Firewall

Cisco RV110W Wireless-N VPN Firewall

Access Point Configuration

Cisco RV215W Wireless-N VPN Router

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

Virtual Private Networks Solutions for Secure Remote Access. White Paper

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

WIRELESS 11N LONG RANGE OUTDOOR CB/AP ENS202 User Guide V1.0

Understanding Wireless Security on Your Polycom SpectraLink 8400 Series Wireless Phones

Lucent VPN Firewall Security in x Wireless Networks

VPN s and Mobile Apps for Security Camera Systems: EyeSpyF-Xpert

Network Access Security. Lesson 10

9 Simple steps to secure your Wi-Fi Network.

Wireless Security: Secure and Public Networks Kory Kirk

WiFi Security Assessments

Creating a VPN Using Windows 2003 Server and XP Professional

Technical papers Virtual private networks

Create Virtual AP for Network Campus with Mikrotik

USER GUIDE. Wireless-G Broadband Router. Model No: WRT54G

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

DESIGNING AND DEPLOYING SECURE WIRELESS LANS. Karl McDermott Cisco Systems Ireland

Wireless LAN Security: Securing Your Access Point

m-trilogix White Paper on Security in Wireless Networks

Your Wireless Network has No Clothes

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING

UIP1868P User Interface Guide

Payment Card Industry (PCI) Data Security Standard

Chapter 1 Configuring Internet Connectivity

IEEE a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320. Management Guide. Software Release v

Particularities of security design for wireless networks in small and medium business (SMB)

Wireless Network Security

Control Panel User Guide

Chapter 2 Configuring Your Wireless Network and Security Settings

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Observer Analyzer Provides In-Depth Management

Authentication in WLAN

Basic processes in IEEE networks

Securing end devices

Introduction to WiFi Security. Frank Sweetser WPI Network Operations and Security

Penn State Wireless 2.0 and Related Services for Network Administrators

How To Protect A Wireless Lan From A Rogue Access Point

Chapter 4 Firewall Protection and Content Filtering

Transcription:

Legacy 802.11 Security

Contents Authentication Open System Authentication Shared Key Authentication Wired Equivalent Privacy (WEP) Encryption Virtual Private Networks (VPNs) Point-to-Point Tunneling Protocol (PPTP) Layer 2 Tunneling Protocol (L2TP) Internet Protocol Security (IPsec) Configuration Complexity Scalability MAC Filters SSID Segmentation SSID Cloaking

MAC Filters Every network card has a physical address known as a media access control (MAC) address. This address is a 12-character hex number. 802.11 client stations, like all network - enabled devices, each have unique MAC addresses, and 802.11 access points use MAC addresses to direct frame traffic. Most vendors provide MAC filtering capabilities on their access points and WLAN controllers. MAC filters can be configured either to allow or deny traffic from specific MAC addresses.

MAC Filters Most MAC filters apply restrictions that only allow traffic from specific client stations to pass through based on their unique MAC addresses. Any other client stations whose MAC addresses are not on the allowed list will not be able to pass traffic through the virtual port of the access point and onto the distribution system medium. It should be noted, however, that MAC addresses can be spoofed, or impersonated, and any amateur hacker can easily bypass any MAC filter by spoofing an allowed client station s address. Many network adapters have the ability to change the MAC address as an option built into the advanced configuration window for the adapter, as shown in Figure 2.8. Entering the new address and re-enabling the network card is all that is needed to change the MAC identity of the computer. Because of spoofing and because of all the administrative work that is involved with setting up MAC filters, MAC filtering is not considered a reliable means of security for wireless enterprise networks. The 802.11 standard does not define MAC filtering, and any

MAC Filters

MAC Filters MAC filters are often used as a security measure to protect legacy radios that do not support stronger security. For example, older handheld barcode scanners may use 802.11 radios that support only static WEP. Best practices dictate an extra layer of security by segmenting the handheld devices in a separate VLAN with a MAC filter based on the manufacturer s organizationally unique identifier (OUI) address (the first three octets of the MAC address that are manufacturer specific).

SSID (Service Set Identifier) Segmentation Another technique to provide security in a WLAN environment using older autonomous access points was through SSID and VLAN segmentation. It was common for companies to create different SSIDs for different types of users. (staff/student/visitor) Companies would set up different SSIDs for many different departments or groups of users. In a WLAN environment using enterprise class autonomous APs, SSIDs can typically be mapped to individual VLANs, and users can be segmented by the SSID/VLAN pair, all while communicating through a single access point. Each SSID can also be configured with separate security settings.

SSID Segmentation A common strategy, even with newer WLAN controller technology, is to create a guest, voice, and data VLAN. The SSID mapped to the guest VLAN limited or no security, and all users are restricted away from network resources and routed off to an Internet gateway. The SSID mapped to the voice VLAN might be using a security solution such a WPA2-Personal, and the VoWiFi client phones are routed to a VoIP server that provides proprietary QoS services through the VLAN. The SSID mapped to the data VLAN uses a stronger security solution such as WPA2-Enterprise, and the data users are allowed full access to network resources once authenticated.

SSID Cloaking Remember in Star Trek when the Romulans cloaked their spaceship but somehow Captain Kirk always found the ship anyway? Well, there is a way to cloak your service set identifier (SSID). Access points typically have a setting called Closed Network or Broadcast SSID. By either enabling a closed network or disabling the broadcast SSID feature, you can hide, or cloak, your wireless network name. The service set identifier (SSID), which is also often called the extended service set identifier (ESSID), is the logical identifier, or logical name, of a WLAN. The SSID WLAN name is comparable to a Windows workgroup name. The SSID is a configurable setting on all radio cards, including access points and client stations. The SSID can be made up of as many as 32 characters and the SSID is case sensitive.

SSID Cloaking When you implement a closed network, the SSID field in the beacon frame is null (empty), and therefore passive scanning will not reveal the SSID to client stations that are listening to beacons. The idea behind cloaking the SSID is that any client station that does not know the SSID of the WLAN will not be able to associate. Many wireless client software utilities transmit probe requests with null SSID fields when actively scanning for access points. Additionally, there is a popular and freely available software program called NetStumbler that is used by individuals to discover wireless networks.

SSID Cloaking NetStumbler also sends out null probe requests actively scanning for access points. When you implement a closed network, the access point responds to null probe requests with probe responses; however, as in the beacon frame, the SSID field is null, and therefore the SSID is hidden to client stations that are using active scanning. Effectively, your wireless network is temporarily invisible, or cloaked. It should be noted that an access point in a closed network will respond to any configured client station that transmits directed probe requests with the properly configured SSID. This ensures that legitimate end users will be able to authenticate and associate to the AP. However, any stations that are not configured with the correct SSID will not be able to authenticate or associate. Although implementing a closed network will indeed hide your SSID from NetStumbler and other WLAN discovery tools, anyone with a WLAN protocol analyzer can capture the frames transmitted by any legitimate end user and discover the SSID, which is transmitted in cleartext.

SSID Cloaking In other words, a hidden SSID can be usually found in seconds with a WLAN protocol analyzer. Many wireless professionals will argue that hiding the SSID is a waste of time, while others view a closed network as just another layer of security. Cloaking the SSID usually keeps the SSID hidden from most WLAN discovery tools that use null probe requests. However, even some of the WLAN discovery tools use alternate methods of discovering a SSID. As shown in Figure 2.10, NetStumbler was able to identify the hidden network with an SSID of CWSP-Hidden2 and was also able to identify that another hidden network exists, but was not able to determine its SSID.

SSID Cloaking

SSID Cloaking Although you can hide your SSID to cloak the identity of your WLAN from novice hackers (often referred to as script kiddies ) and nonhackers, it should be clearly understood that SSID cloaking is by no means an end - all wireless security solution. The 802.11-2007 standard does not define SSID cloaking, and therefore all implementations of a closed network are vendor specific. As a result, incompatibility can potentially cause connectivity problems. Some wireless clients will not connect to a hidden SSID, even when the SSID is manually entered in the client software. Therefore, be sure to know the capabilities of your devices before implementing a closed network. Cloaking the SSID can also become an administrative and support issue. Requiring end users to configure the SSID in the radio software interface often results in more calls to the help desk because of misconfigured SSIDs.

Summary In this chapter, the different de jure and de facto standards to secure legacy 802.11 networks Open System and Shared Key authentication encryption and decryption processes of WEP + its shortcomings > deprecated. VPN solutions can and will still provide secure access for a WLAN MAC filters SSID cloaking SSID segmentation

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information