MIS 5212.001 Week 10 Site:

Slides:



Advertisements
Similar presentations
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
Advertisements

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Chapter - 11 CWNA Certified Wireless Network Administrator Introduction to Wireless LANs.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
Wireless Networks: Signaling and Security William Tucker CEN 4516: Computer Networks FGCU: Fort Myers, FL: 09/05.
Security+ Guide to Network Security Fundamentals, Third Edition
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Wi-Fi the Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
By Alvin Tse.  FCC – Federal Communications Commission   IETF – Internet Engineering Task Force   IEEE –
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.
MIS Week 11 Site:
WLAN What is WLAN? Physical vs. Wireless LAN
WIRELESS NETWORKING Presenter: Nhan Nguyên Phương.
Wireless Local Area Technology.  Garikayi Brasington Madzudzo  Edmund Nartey  Ismeil Ahamed  Jakub Gieryn  Arnaud Fogno.
195Eg Ethernet Wired LAN 195Eg. Wireless Ethernet Setting IP Address Using Utility Programs Begin Programming Definition Selection Programming Modes of.
Security+ Guide to Network Security Fundamentals, Fourth Edition
And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.
Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,
Michal Rapco 05, 2005 Security issues in Wireless LANs.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.
ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.
Wireless Networking.
A History of WEP The Ups and Downs of Wireless Security.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Wireless Security Beyond WEP. Wireless Security Privacy Authorization (access control) Data Integrity (checksum, anti-tampering)
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.
The University of Bolton School of Business & Creative Technologies Wireless Networks Introduction 1.
Guided by: Jenela Prajapati Presented by: (08bec039) Nikhlesh khatra.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
Copyright Security-Assessment.com 2005 Wireless Security by Nick von Dadelszen.
IEEE i WPA2. IEEE i (WPA2) IEEE i, is an amendment to the standard specifying security mechanisms for wireless networks. The.
Wireless LAN Security. Security Basics Three basic tools – Hash function. SHA-1, SHA-2, MD5… – Block Cipher. AES, RC4,… – Public key / Private key. RSA.
Wi-Fi Technology. Agenda Introduction Introduction History History Wi-Fi Technologies Wi-Fi Technologies Wi-Fi Network Elements Wi-Fi Network Elements.
5 SECTION A 1 Network Building Blocks  Network Classifications  LAN Standards  Network Devices  Clients, Servers, and Peers  Physical Topology  Network.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Wireless Security: The need for WPA and i By Abuzar Amini CS 265 Section 1.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 24 “Wireless Network Security”.
 Houses  In businesses  Local institutions  WEP – Wired Equivalent Privacy -Use of Initialization Vectors (IVs) -RC4 Traffic Key (creates keystreams)
WLAN Security Condensed Version. First generation wireless security Many WLANs used the Service Set Identifier (SSID) as a basic form of security. Some.
802.11b Security CSEP 590 TU Osama Mazahir. Introduction Packets are sent out into the air for anyone to receive Eavesdropping is a much larger concern.
IEEE Security Specifically WEP, WPA, and WPA2 Brett Boge, Presenter CS 450/650 University of Nevada, Reno.
.  Hubs send data from one computer to all other computers on the network. They are low-cost and low-function and typically operate at Layer 1 of the.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Understand Wireless Security LESSON Security Fundamentals.
Wireless Ethernet Programming
Advanced Penetration testing
TERMINOLOGY Define: WPAN
Wireless Protocols WEP, WPA & WPA2.
Wireless Security.
Wireless Fidelity 1 1.
Advanced Penetration testing
CSE 4905 Network Security Overview
Wireless Networking Chapter 23.
Advanced Penetration testing
Wireless LAN Security 4.3 Wireless LAN Security.
Advanced Penetration testing
Advanced Penetration testing
Presentation transcript:

MIS Week 10 Site:

 Test 2  In the news  Introduction to Wireless Security  Next Week 2MIS

 Submitted  breaches/the-bot-threat-for-the-rest-of-us- application-layer-attacks-/a/d-id/ ? breaches/the-bot-threat-for-the-rest-of-us- application-layer-attacks-/a/d-id/  ws-10-may-lock-out-other-oses/ ws-10-may-lock-out-other-oses/  preempt-blackpos/d/d-id/ preempt-blackpos/d/d-id/   ddos-isnt-all-about-massive-disruption/d/d- id/ ddos-isnt-all-about-massive-disruption/d/d- id/ MIS

 What I noted  _third_party_patch/ _third_party_patch/  ssl_cnnic/ ssl_cnnic/  ckhat_talk_nixed_medical_app_vulns/ ckhat_talk_nixed_medical_app_vulns/  urbine_blown_away_by_csrf_vulnerability/ urbine_blown_away_by_csrf_vulnerability/  investigates-insider-breach/ investigates-insider-breach/ MIS

 First, a small bit of trivia:  Who invented the technology we now think of as WiFi? MIS

 Source: lamarr/ MIS The Actress Hedy Lamar

 Wireless is different  Physical security is no longer releavant  Access from outside perimeter  Users connecting to “other” networks  Users and Networks are vulnerable even when not in use MIS

 Attack tools are cheap  Hardware is close to zero  Software is zero  Segregation doesn’t work  Even with “guest” networks, there still on your wires and can still cause you issues  Falacy of “We don’t have any wireless”  No, you just don’t know about the wireless you have MIS

 Encryption doesn’t protect you, at least not completely  Authentication doesn’t protect you, at least not completely  Firewalls? Really, we’re going to go their?  Why would anybody attack us? MIS

 Signal required to use wireless access means you need to be relatively close  Signal required to “sniff” traffic means attacker could be miles away with the right conditions MIS Source: lans-set-new-wifi-distance-record-237-miles/ lans-set-new-wifi-distance-record-237-miles/

 Wireless networking is a shared segment  Think “Hub”, not “Switch”  Sniffing is passive  No access required  No forensic evidence attacker was there  Only need some level of physical proximity  So, you would need to be here, to be safe. Maybe! MIS Source: content/uploads/2009/04/area-51-satellite- image.jpg content/uploads/2009/04/area-51-satellite- image.jpg

 RF Jamming  Expensive  Traceable  attacks  Cheap (Free?)  Can look like regular traffic  Effective, and hard to locate MIS

 Long history of problems  WEP  LEAP  Bluetooth authentication  Preferred networks broadcast  Management frames cannot be encrypted  Easily capture  Geo Location MIS

 Multiple players  FCC – Federal Comunications Commision  IEEE – Institute of Electrical and Electronics Engineers  IETF – Internet Engineering Task Force  WiFi Alliance MIS

 Government Regulatory Body  Sets output power limits  Investigates interference cases  Requires acceptance testing of new products prior to going on sale  Covers all of US including territories MIS

 Develops the detailed “specifications” for layer 1 and 2  PHY  MAC  Complies with FCC and other country regulatory bodies  Membership made up of vendore, manufactures, etc… MIS

 Similar makeup to IEEE  Responsible for layer 3 and above  Standards are published as RFCs MIS

 Trade Organization  Focused on interoperability  In early days work out pre-specification requirements due to vendor concerns over time required by IEEE and IETF MIS

 Extensible Authentication Protocol  Defines framework to authenticate users to the network (Not limited to Wireless)  Works with IEEE 802.1x  IETF provides extremely detailed information  MIS

 The replacement for WEP  Provided for enhanced security  Introduces TKIP and CCMP  TKIP – Temporal Key Interchange Protocol  CCMP - Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol or simply CCMP  Later rolled in to MIS

 Definitions  “dB” – Decibels  SSID – Service Set Identifier (Name Advertised)  BSSID – Basic Service Set Identifier (Think MAC Address)  EAP Extensible Authentication Protocol  EAPOL – EAP over LAN MIS

 Basic access mechanism  Fragmentation support  Reliable data delivery  Network separation on same frequency (BSSID)  Mobility between BSSs (Roaming)  Power Management MIS

 Not just Access Points  Peer to Peer (Ad-Hoc)  Point to Point (Typically proprietary to bridge locations where cabling is not feasible, also known as Wireless Distribution Networks)  Mesh (Think massive ad-hoc) MIS

 IEEE Specification for network authentication  Originally designed for wired networks  Used for NAC (Network Acces Control)  Requires  Supplicant (End point agent)  Authenticator (Typically a 802.1x capable switch)  Authentication Server (LDAP, AD, etc…) MIS

 defines MAC layer  Three types of frames  Management (Beacon, Probe, Authentication)  Data  Control (Confirmation of packet reception)  Defines addressing and features  Designed to accommodate roaming, power management MIS

 In the news  More wireless  Kismet  More about WEP  Intro to AirCrack MIS

? MIS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.