Presentation on theme: "Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department."— Presentation transcript:
Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department
Content Home and corporal networks comparison Data protection Protection methods WLAN standards comparison Conclusion
Home versus organizations networks WiFi – phenomenon of Czech republic (Internet providers policy) Urgency of protection also small office and home networks It has got advantages for hackers Big organizations usually uses better access methods
Reasons for wireless security Computer criminality Activities masking Industrial espionage Unauthorization access Connectivity to internet
Organizations data protection 38% scans company network for unauthorized access points 22% instruct employees about wireless network problems 57% set up network policy 33% without protection !!!!!
Company data protection Unauthorized (black) access point
Company data protection Ad-Hoc networks
Basic methods MAC filter activation SSID change Change of defaults parameters IP Admin password Default cryptography keys Argue out of 20% of attackers
Advanced methods WEP activation – Not so strong but better than nothing WPA, WPA2 activation Radius server activation Alternative for SOHO networks (WPA-PSK)
Corporal networks WLAN protection on commercial and organizations level User authentization: No authentization of devices but users – guard against stolen devices or device simulations
Corporal networks WLAN protection on commercial and organizations level System interdependence: protect against unauthorized access points. Not only the client to network but also the network to client authorization.
Corporal networks WLAN protection on commercial and organizations level Centralized management: All information about users, devices, access points are saved centrally. Easy for admins to change information but hard to attackers
Corporal networks WLAN protection on commercial and organizations level Dynamical encryption keys: Different keys for every session and for every device and user.
Security standards comparison Security level Open network WEP WPA-PSK WPA2-PSK WPA x IPSec - VPN
Security standards for WLAN Authentization/EncryptionCorporal networksSOHO networks Open network---- / ----unsuitable WEPPractically none/WEPunsuitableVery bad WPA-PSKPSK/WEP-TKIPVery bad Very good (quality-price ratio) WPA2-PSKPSK/AES-CCMPBadIdeal solution WPA-802.1x802.1x/WEP-TKIPGood solution Unsuitable because of the price and hard implementation WPA x802.1x/AES-CCMP Ideal solution for big networks Unsuitable because of the price and hard implementation
Idea and conclusion WLAN protection: Nowadays is possible to solve WLAN security can be personalized for every kind of running Solve encryption only in radio parts (IPSec, VPN)
Conclusion Security isn’t something what we can buy in box in our shop. It is unremitting fight between security experts and hackeres, which try to increase security level of our world. It requires persistent comparisons, tests and implementations. Unfortunately it can not be said: “Now - we protected our network and we can not solve this problem in future.”
Thank you for your attention Lt. Robert Drmola, University of defence, Communication and information systems department