Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.

Published byEdith Roberts Modified over 8 years ago

Similar presentations

Presentation on theme: "1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security."— Presentation transcript:

1 1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security

2 222 © 2004, Cisco Systems, Inc. All rights reserved. Wireless security - Is the process of preventing unauthorized access or damage to computers (damage data or damage application) using wireless network. - WLAN vulnerabilities:- WLAN vulnerabilities: 1- Weak device – only authentication 2- Weak data encryption 3- No message integrity WLAN threatsWLAN threats 1- Unstructured threats : - It happened by hackers who aren’t technical, they use simple tools to steal the passwords.

3 333 © 2004, Cisco Systems, Inc. All rights reserved. WLAN threats 2- Unstructured threats: -It happened by hackers who are more technical -- They can know the network vulnerabilities then they can provide a script or a code or a program to use it in accessing to the network. -3- External threats: -- It may be happened by a person or organized group from the outside of the network, they aren’t authorized to access to the network. 4- Internal threats :4- Internal threats : - It happened by a person who is has the permission and authorized to access to the network from the internal employees, he can damage the network.

4 444 © 2004, Cisco Systems, Inc. All rights reserved. WLAN threats (ways) Spy -To gather information isn’t allowed to be known -Access - Unauthorized person access to the network ( doesn’t have any account ), he can access by guessing the password or he know that the password is weak. -DOS (Denial Of Service) -- Disable or corrupts wireless network. -- The more danger and is difficult to prevent.

5 555 © 2004, Cisco Systems, Inc. All rights reserved. The development of a good security -1-Provide a process to audit existing wireless security. -2- Provide a general frame work for implementing security. -3- Define behavior that is allowed and that isn’t allowed. -4- Help determine which tools are needed for the organization. -5- Help communication among a group of key decision makers and define responsibilities of users and administrators. -6- Define a process for handling wireless breaches. -7- Create a basic for legal action.

6 666 © 2004, Cisco Systems, Inc. All rights reserved. First generation wireless security 1- SSID – (Service Set Identifier) : -Basic form of security. 1- to – 32 character (ASCII code) - The option : “SSID broadcast “: (enable / disabled) - SSID (service set identifier) is a function performed by an Access Point that transmits its name so that wireless stations searching for a network connection can 'discover' it. It's what allows your wireless adapter's client manager program or Windows XP's built-in wireless software to give you a list of the Access Points in range. - Having SSID broadcast disabled essentially makes your Access Point invisible unless a wireless client already knows the SSID, or is using tools that monitor or 'sniff' traffic from an AP's associated clients. - Some vendors refer to the SSID as the "network name."

7 777 © 2004, Cisco Systems, Inc. All rights reserved. First generation wireless security 2 – MAC – based authentication Each Access Point (AP) have a list of valid MAC – address,or it being saved on a centralized server, this can know which devices allowed to access the network and prevent unauthorized devices by the MAC – address.

8 888 © 2004, Cisco Systems, Inc. All rights reserved. Authentication Process On a wired network, authentication is implicitly provided by the physical cable from the PC to the switch. Authentication is the process to ensure that stations attempting to associate with the network (AP) are allowed to do so. 802.11 specifies two types of authentication: 1- Open-system 2- Shared-key (makes use of WEP)

9 999 © 2004, Cisco Systems, Inc. All rights reserved. Authentication Type: Open System Authentication The following steps occur when two devices use Open System Authentication: The station sends an authentication request to the access point. The access point authenticates the station. The station associates with the access point and joins the network. The process is illustrated below.

10 10 © 2004, Cisco Systems, Inc. All rights reserved. Two methods 802.11 standard defines for clients to connect to an access point 2- Shared key authentication: - Require the client and the access point to have the same WEP key. (Wired Equivalent Privacy) - Access Point (AP) using shared key authenticated send a challenge text packet to the client. - If client has the wrong key or no key, it will fail (client fail)

11 11 © 2004, Cisco Systems, Inc. All rights reserved. Wi- Fi Protected Access (WPA) -Wi- Fi Protected Access (WPA) More stronger than (WEP) - WPA has two modes : - 1- Personal : - For small installation ( single password). -2- Enterprise : - For large installation ( username, password). End- to – End Encryption -Mean that all conversation is encrypted from your PC to the service or the station you talking to.

Download ppt "1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
Securing A Wireless Home Network. Wireless Facts Range about 50 - 200 feet from access point Security anyone can eavesdrop on an unsecured wireless network.

Securing A Wireless Home Network. Wireless Facts Range about feet from access point Security anyone can eavesdrop on an unsecured wireless network.
Security in Wireless Networks Juan Camilo Quintero D. 1041718.

Security in Wireless Networks Juan Camilo Quintero D
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wireless Networking. Wi-Fi or 802.11 Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University

Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University
Securing a Wireless Network

Securing a Wireless Network
Ch. 5 – Access Points. Overview Access Point Connection.

Ch. 5 – Access Points. Overview Access Point Connection.
ECE 578: COMPUTER NETWORK AND SECURITY

ECE 578: COMPUTER NETWORK AND SECURITY

Similar presentations

Ads by Google