Security and Wireless LANs

Slides:



Advertisements
Similar presentations
Security in Wireless Networks Juan Camilo Quintero D
Advertisements

WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”
1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Security flaws of the WEP-Protocol by Bastian Sopora, Seminar Computer Security 2006.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
How To Not Make a Secure Protocol WEP Dan Petro.
Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.
Wireless Insecurity.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Security and Wireless LANs Or Fun and Profit With Your Neighbor’s Bandwidth Chris Murphy MIT Information Systems.
IE 419/519 Wireless Networks Lecture Notes #4 IEEE Wireless LAN Standard Part #2.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
1 Chapter Overview Wireless Technologies Wireless Security.
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Wireless Networking.
Lock up your Wireless LANs There are Hackers in Town Tuesday 26th February :30 to 2:15 PM Ross Chiswell CEO Integrity.
A History of WEP The Ups and Downs of Wireless Security.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
Wireless Insecurity By: No’eau Kamakani Robert Whitmire.
Wireless Networking Concepts By: Forrest Finkler Computer Science 484 Networking Concepts.
Environment => Office, Campus, Home  Impact How, not Whether A Checklist for Wireless Access Points.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.
David Abarca, Instructor Del Mar College Computer Corner Wireless Network Access Control.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.
CSE 5/7349 – April 5 th 2006 Wireless Networking.
Dependability in Wireless Networks By Mohammed Al-Ghamdi.
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.
IEEE Security Specifically WEP, WPA, and WPA2 Brett Boge, Presenter CS 450/650 University of Nevada, Reno.
COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Wireless LAN Security Daniel Reichle Seminar Security Protocols and Applications SS2003.
Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?
Chapter3 Wireless how safe it is NOT! By: Brett Hoff.
Understand Wireless Security LESSON Security Fundamentals.
Discovery Internetworking Module 7 JEOPARDY K. Martin.
1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.
Module 48 (Wireless Hacking)
Instructor Materials Chapter 6 Building a Home Network
Wireless Technologies
Wireless Protocols WEP, WPA & WPA2.
Wireless Local Area Network (WLAN)
Wireless Security Ian Bodley.
Wireless Networking Chapter 23.
Anatomy of a Wireless LAN – Part I
Chapter 12 Communications Security & Countermeasures
Wireless LAN Security 4.3 Wireless LAN Security.
802.11b Wireless Network Security
Wireless Network Security
WLAN Security Antti Miettinen.
Antti Miettinen (modified by JJ)
Presentation transcript:

Security and Wireless LANs Or Fun and Profit With Your Neighbor’s Bandwidth Chris Murphy MIT Information Systems

The Problem Wireless LANs broadcast your network connections Radio doesn’t care about firewalls Data can be captured without physical access Network resources can be hijacked

802.11 Protocol Family 802.11 – 2.4Ghz, 2Mbit specification 802.11a – 5Ghz, 54Mbit specification 802.11b – 2.4Ghz, 11Mbit specification Currently the predominant, available technology 802.11d – regulatory issues 802.11e – addresses QoS 802.11f – inter-access-point protocols 802.11g – 2.4Ghz, ~20Mbit specification 802.11h – frequency allocation 802.11i - security

The Solution? Access Control Data Encryption By MAC addresses By network names (SSID) Data Encryption WEP (Wired Equivalent Privacy) Can also be used for access control All these schemes have limits and flaws

MAC Address Access Control Access Points have a list of allowed MAC addresses Often stored in each Access Point Limited to about 500 addresses Some products use a server-based list, using systems like RADIUS Easily defeated by sniffing for an allowed address

SSID Access Control Normally, the SSID is broadcast in beacon packets A “closed” network does not include the SSID in beacons NOT part of the 802.11 standard Has a fatal flaw…..

Normal open network

“Closed” network (SSID “PEAKABOO”)

Now a client wants to join the network…..

…and an access point responds.

Data Encryption WEP – Wired Equivalent Privacy 40 bit RC4, 128 bit optional Most APs support up to 4 keys How do you manage keys in a large organization? This assumes all users are “good guys”

Data Encryption A group at Berkeley has published some flaws in WEP http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html Outlines a number of design flaws in WEP A number of (currently theoretical) attacks are outlined in the referenced document A response from the IEEE 802.11 group chair is available at http://www.wi-fi.com/pdf/Wi-FiWEPSecurity.pdf

LANs – Standards – 802.11 Security Scott Fluhrer, Itsik Mantin, and Adi Shamir have identified weaknesses in the RC4 algorithm used by WEP Attack only requires cyphertext On the order of 100Mb – 1Gb needed Compute time scales linearly with key size The paper is available at http://www.eyetap.org/~rguerra/toronto2001/rc4_ksaproc.pdf An implementation of this attack is available at http://airsnort.sourceforge.net/

Spread Spectrum as Security? Spread Spectrum technology, while touted as difficult to intercept, offers little here as NICs are preprogrammed with the spreading sequences and can talk to each other out of the box.

So What Are Our Options? While flawed, the described methods can provide some protection from casual abuse Treat wireless clients as remote clients Place APs outside firewalls Use VPNs to access internal network And as always, use secure protocols

Future Wireless Security 802.11i should provide a standards-based path for actual user authentication, and negotiation of user and session specific encryption keys This group is working in conjunction with the 802.1x group, relating to per-port network access control

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.