Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security+ All-In-One Edition Chapter 10 – Wireless Security

Similar presentations

Presentation on theme: "Security+ All-In-One Edition Chapter 10 – Wireless Security"— Presentation transcript:

1 Security+ All-In-One Edition Chapter 10 – Wireless Security
Brian E. Brzezicki

2 Wireless Look No Wires!

3 Wireless Attempt at communication using non-physical links. Examples
Radio Waves Light Pulses Often used for networking, but can be used simply to eliminate wires for device to device communication.

4 Wireless LAN protocols

5 802.11 standard Wireless LAN networking Data Link layer specifications
Components Access point (a type of bridge) Wireless Card SSID

6 family 802.11b 11Mbs 2.4Ghz (same as common home devices) 802.11a 54Mbps 5Ghz (not as commonly used, however absorbed by walls, yielding less range possibly) 802.11g 54Mbs 2.4Ghz Cards are generally backwards compatible and can serve as b or a 802.11n Uses Multiple Input Multiple Output (MIMO) 100Mbs 2.4G or 5Ghz

7 Wireless Problems Easy to get access to airwaves, hard to restrict!
Talk about the attacks next.

8 Wireless Attacks

9 Wireless Attacks War driving Warchalking (2 slides) (more)
Wireless scanners Netstumber (see next slide) Warchalking (2 slides) (more)

10 NetStumbler

11 War chalking symbols

12 Man in the Middle Airsnarfing, put up a fake access point get people to connect with you.

13 Evesdropping and attaining non-authorized acess
Kismit Air Snort – breaks WEP retrieves encryption keys (security+ exam reference airsnort, even thought it’s no longer developed) aircrack-ng – breaks WEP and WPA-psk

14 Wireless Countermeasures
Turn off SSID broadcasts (problems?) Enable MAC filtering (problems?) Use Encryption (we’ll talk about this next) Use Enterprise Mode for authentication

15 Transmission encryption
There are many different types of wireless encryption protocols WEP Shared passwords (why is this bad?) 64/40 or 128/104 bit key Uses RC4 Easily crack able (due to key reuse) Only option for b (more)

16 Transmission Encryption
WPA PSK Shared password Uses TKIP normally RC4 with changing keys Can use AES (not certified) 128 bit key WPA2 PSK Uses AES (normally) Can use TKIP (more)

17 Transmission Encryption
WPA or WPA2 in Enterprise Mode Uses 802.1X authentication to have individual passwords for individual users RADIUS – what was radius again? 802.11i – the official IEEE wireless security spec, officially supports WPA2

18 Wireless Device to Device Communication

19 Bluetooth

20 Bluetooth What is Bluetooth
What is the purpose of Bluetooth, is it networking? Bluetooth Modes Discovery Mode Automatic Pairing

21 Bluetooth Attacks Bluejacking Bluesnarfing Bluebugging
Sending forged message to nearby bluetooth devices Need to be close Victim phone must be in “discoverable” mode Bluesnarfing Copies information off of remote devices Bluebugging More serious Allows full use of phone Allows one to make calls Can eavesdrop on calls

22 Bluetooth Countermeasures
Disable it if your not using it Disable auto-discovery Disable auto-pairing

23 WAP

24 WAP Wireless Application Protocol – a protocol developed mainly to allow wireless devices (cell phones) access to the Internet. Requires a Gateway to translate WAP <-> HTML (see visual) Uses WTLS to encrypt data (modified version of TLS) Uses HMAC for message authentication WAP GAP problem (see visual and explain) A lot of wireless devices don’t need WAP anymore… why?

25 WAP

26 WAP GAP As the gateway decrypts from WTLS and encrypts as SSL/TLS, the data is plaintext. If someone could access the gateway, they could capture the communications

27 Chapter 10 – Review Questions
Q. What encryption protocol does WEP use Q. What 2 key lengths does WEP support Q. What encryption protocol does WPA2 use? Q. Why is MAC filtering or turning off SSID broadcasting not sufficient security? Q. What does WAP use for security?

28 Chapter 10 – Review Questions
Q. What is the WAP GAP Q. Define how to accomplish a MiM attack on a wireless network Q. What type of authentication concept would help against the attack above? Q. What is one way office users could use wireless to violate network security? Q. What is Bluetooth used for? Q. What is Bluesnarfing?

29 Wireless security Access control Encryption Authentication Isolation
Turn off SSID broadcasts (problems) MAC filtering (problems) Encryption Discussed later Authentication Use Radius and 802.1X Isolation VLANs over wireless

Download ppt "Security+ All-In-One Edition Chapter 10 – Wireless Security"

Similar presentations

Ads by Google