Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ

What is the need to go wireless? Wireless communication has developed enormously over the last past years allowing instant and fast communication from point to point (s). It has been adopted by businesses and professional users who depend on “up to the minute information” to conduct daily business activities. Is this communication secure? If so, how?

Wireless Security Requirements Reported incidents in terms of security and data/investments loss call for more measures. Any secure mobile solution must follow this functionality: Authentication Encryption Access & Accountability

Security: Authentication Low level of authentication must have one of the following categories: Something you know (i.e. user name and password/pin) Something you are (i.e. finger prints) Something you have (i.e. smart card/employee ID card) A combination of those will make authentication stronger.

Security: Encryption No encryption used for wireless has been critical to security. WEP (Wired equivalent privacy) was not intended for security and encryption. It was only for casual eavesdropping or unauthorized data modification. Encryption recomemded: PKI (Public key infrastructure) 128 bit minimum encryption Use of AES (Advanced encryption standard)

Security: Access & Accountability User should only be allow to authorized information Tracking use of services access by user. Ensuring the principal of C.I.A (Confidentiality, Integrity & Availability)

Security: Wireless Break-ins Many of the securities weaknesses are created by the user itself as a result of ignorance and/or disregard for security. Vulnerabilities and how to fix them: Rogue Access Points Chatty Laptops Unconfigured Access Points Ignoring Security Standards

Rogue Access Points Vulnerability: They are not secure. They are not yours & they can read your traffic as well. Alternative: Use IDS (intrusion detection System) to detect rogue Wlans and monitor Wlan. End user: inexpensive idsinexpensive ids

Chatty Laptops Vulnerability: Once laptop on, it look for an access point to talk to. Devices have no brain – therefore they do what they are designed to do. Alternative: Follow configuration standards from your employer Learn configuration policies from provider.

Unconfigured Access points Vulnerability: Access point equipment such as Lynksys or Cisco has default passwords. Ex. Cisco is “Tsunami” Alternative: IT departments or local administrator must configure devices assigning proper ids and password.

Ignoring Security Standards Vulnerability: Anyone sniffing the air can read packets from unsecured devices. Companies indicate how to connect wirelessly, users ignore standards and forget about security. Alternative: If equipment granted by company, standards should be implemented in system before assigning equipment to users. & Enforcing policies by regularly checking on equipment.

Unencryption  Solutions Unencrypted: MAC registration: restrict DHCP leases to know MAC addresses. Verifies card have been registered, cannot verify the user. Firewall: Use of HTTP, HTTPs. Request is sent to authentication server. Added components are: user name, time stamp, failure.

Encryption  Solutions Encrypted: WEP wired equivalent privacy works with another security system to provide authentication. Changing the value of IV after each transmission. MAC addresses are sent in the clear VPN virtual private network, provides higher level of security using advanced encryption algorithms.

WEP encryption

Wireless Application Protocol (WAP) Developed to implement a standard for communication between wireless devices and the Internet. Improve productivity, service, installation speed, cost. WAP capabilities coexist with Bluetooth and WLANs Currently allows authentication, privacy and secure connections; non-repudiation and integrity checks. WAP provides PKI services via supporting services.

Potential WAP security solution

T-mobile hot spot ensures: “Our network now supports the IEEE 802.1x security standard with WiFi Protected Access (WPA). This provides robust encryption of data transfer over the air between devices connected via WPA”. Quote from WPA is called Temporal Key Integrity Protocol (TKIP).TKIP takes the original master key only as a starting point and derives its encryption keys mathematically from this master key. TKIP then regularly changes and rotates the encryption keys so that the same encryption key is never used twice.

On the news: Wireless Cnn.com: Cities find Wi-Fi future Will they be secure? Do users really know how this works? Cnn.com: Wireless life, Avoid break-ins. Easy steps for unaware wireless users.

What NetStumbler can do for you? NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using b, a and g. It has many uses: Verify that your network is set up the way you intended. Find locations with poor coverage in your WLAN. Detect other networks that might be causing interference with your network. Detect unauthorized "rogue" access points in your workplace. Help aim directional antennas for long-haul WLAN links. Use it recreationally for WarDriving.

Network Stumbler:

NetStumbler – Results

NetStumbler - Findings

NetStumble – Results at MSU Science Building

IEEE WLAN Standards

References: All references noted on final report, please see documentation. Montclair State University Computer Science Department Montclair, New Jersey - USA