Presented by: Dr. Munam Ali Shah

Slides:



Advertisements
Similar presentations
Wi-Fi Technology.
Advertisements

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.
CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Networks Olga Agnew Bryant Likes Daewon Seo.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
Wireless Networking 102.
CCNA DISCOVERY 1 MODULE 7 – WIRELESS TECHNOLOGIES.
Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.
Wireless Networks This section Contain : 1) Wireless Basics. 2) Bluetooth. 3) Wi-Fi. 4) Wi-Fi Equipment. 5)Wi-Fi Setup.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.
Wireless Networking.
Wireless Networks 2015 CTSP Course CTSP Clsss Wireless - February
Version Slide 1 Format of lecture Introduction to Wireless Wireless standards Applications Hardware devices Performance issues Security issues.
CWNA Guide to Wireless LANs, Second Edition
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.
Implementing Wireless and WLAN Chapter 19 powered by DJ 1.
Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.
1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.
 Introduction  Components of Wi-Fi and its working  IEEE Architecture  Advantages and Limitations.
Wireless standards Unit objective Compare and contrast different wireless standards Install and configure a wireless network Implement appropriate wireless.
MAHARANA PRATAP COLLEGE OF TECHNOLOGY, GWALIOR
Guided by: Jenela Prajapati Presented by: (08bec039) Nikhlesh khatra.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Configure a Wireless Router Chapter 7.
PRESENTATION ON WI-FI TECHNOLOGY
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
1. Outlines Introduction What is Wi-Fi ? Wi-Fi Standards Hotspots Wi-Fi Network Elements How a Wi-Fi Network Works Advantages and Limitations of Wi-Fi.
Wi-Fi Technology. Agenda Introduction Introduction History History Wi-Fi Technologies Wi-Fi Technologies Wi-Fi Network Elements Wi-Fi Network Elements.
Network Security Lecture 8 Presented by: Dr. Munam Ali Shah.
WIRELESS NETWORKING TOT AK Agenda Introduction to Wireless Technologies Wireless Networking Overview Non-Technical considerations Other Comparable.
5 SECTION A 1 Network Building Blocks  Network Classifications  LAN Standards  Network Devices  Clients, Servers, and Peers  Physical Topology  Network.
20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
Lecture 24 Wireless Network Security
Lesson 10: Configuring Network Settings MOAC : Configuring Windows 8.1.
WLAN.
CSE 5/7349 – April 5 th 2006 Wireless Networking.
CO5023 Wireless Networks. Varieties of wireless network Wireless LANs: the main topic for this week. Consists of making a single-hop connection to an.
Cisco Discovery Networking for Homes and Small Businesses Chapter 7 JEOPARDY.
Wi-Fi Technology PRESENTED BY:- PRIYA AGRAWAL.
Cisco Discovery Home and Small Business Networking Chapter 7 – Wireless Networking Jeopardy Review v1.1 Darren Shaver Kubasaki High School – Okinawa,
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Securing a Wireless Home Network BY: ARGA PRIBADI.
Wireless Networks2 Wired Network Application Transport Internet Link Physical
Wireless Networking Presented by: Jeffrey D. Bombell, American Computer Technologies.
IEEE Wireless LAN Standard
Lecture 7 (Chapter 17) Wireless Network Security Prepared by Dr. Lamiaa M. Elshenawy 1.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Wireless LANs.
Discovery Internetworking Module 7 JEOPARDY K. Martin.
Wireless Networks Dave Abbott.
TERMINOLOGY Define: WPAN
Instructor Materials Chapter 6 Building a Home Network
Wireless Technologies
Wireless Fidelity 1 1.
Wireless Network Security
Wireless Local Area Network (WLAN)
Chapter 4: Wireless LANs
Wireless Networking Chapter 23.
Presentation transcript:

Presented by: Dr. Munam Ali Shah Network Security Lecture 7 Presented by: Dr. Munam Ali Shah

Summary of the previous lecture We learnt about different types of DoS attacks We have seen how ICMP can be a victim of DoS attack Some examples of ping to death and SYNC flood attacks were discussed in detail

Outlines Some more discussion on DDoS attacks Security in Wireless Networks Types of WLAN and relevant security mechanism Different ways to secure a WLAN

Objectives To be able to understand why wireless LANs are more prone to security threats and vulnerabilities To identify and classify among different solutions that can be used to secure a WLAN

Distributed Denial of Service (DDoS) The attacking host is replicated through an handler-agent distributed framework

Distributed Denial of Service Cont. Two kinds of victims: agents (compromised using common weaknesses to install DDoS agents code), likely to be identified guilty during the first stage of the investigation end targets (during the attack)

DDoS protection Configure routers to filter network traffic Perform ingress filtering Configure traffic rate limiting (ICMP, SYN, UDP, etc) Deploy firewalls at the boundaries of your network The filtering system must be able to distinguish harmful uses of a network service from legitimate uses. Perform regular network vulnerability scans common and known vulnerabilities could be exploited to install DDoS agents. Identify the agents that are listening to the handler’s commands Ingress: the right or permission to enter.

DDoS protection Cont. Install IDS (Intrusion Detection Systems) capable of detecting DDoS handler-to-agent communication DDoS agent-to-target attacks

Manifestation of DoS Attacks Unusually slow network performance (opening files or accessing web sites) unavailability of a particular web site inability to access any web site dramatic increase in the number of spam emails received. Manifestation is an indication of the existence. US-CERT Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.

Security in Wireless Network Due to its nature, wireless Networks are more prone to security threats and vulnerabilities. Since, the medium is air (radio waves), it cannot be physically protected.

Wireless LANs IEEE ratified 802.11 in 1997. Also known as Wi-Fi. Wireless LAN at 1 Mbps & 2 Mbps. WECA (Wireless Ethernet Compatibility Alliance) promoted Interoperability. Now Wi-Fi Alliance 802.11 focuses on Layer 1 & Layer 2 of OSI model. Physical layer Data link layer

802.11 Components Two pieces of equipment defined: Wireless station A desktop or laptop PC or PDA with a wireless NIC. Access point A bridge between wireless and wired networks Composed of Radio Wired network interface (usually 802.3) Bridging software Aggregates access for multiple wireless stations to wired network.

802.11 modes Infrastructure mode Ad-hoc mode Basic Service Set One access point Extended Service Set Two or more BSSs forming a single subnet. Most corporate LANs in this mode. Ad-hoc mode Also called peer-to-peer. Independent Basic Service Set Set of 802.11 wireless stations that communicate directly without an access point. Useful for quick & easy wireless networks.

Service Set Identifiers The Service Set Identifier (SSID) is the name of the wireless network. A wireless router or access point broadcasts the SSID by default so that wireless devices can detect the wireless network. To disable SSID broadcasting, use the following path, as shown in the figure: Wireless > Basic Wireless Settings > select Disabled for SSID Broadcast > Save Settings > Continue Disabling the SSID broadcast provides very little security. If the SSID broadcast is disabled, each computer user that wants to connect to the wireless network must enter the SSID manually. When a computer is searching for a wireless network, it will broadcast the SSID. 10.2.4.2 Service Set Identifiers

Infrastructure mode Basic Service Set (BSS) – Single cell Access Point Basic Service Set (BSS) – Single cell Station Usual configuration for offices. Extended Service Set (ESS) – Multiple cells

Independent Basic Service Set (IBSS) Ad-hoc mode For meetings, conferences or other places where wireless infrastructure (access points) doesn’t exist. Independent Basic Service Set (IBSS)

Joining a BSS When 802.11 client enters range of one or more APs APs send beacons. AP beacon can include SSID. AP chosen on signal strength and observed error rates. After AP accepts client. Client tunes to AP channel. Periodically, all channels surveyed. To check for stronger or more reliable APs. If found, reassociates with new AP. Wireless NICs can measure strength of wireless signal.

Wireless Ethernet Standards Bandwidth Frequency Range Interoperability 802.11a Up to 54 Mbps 5 GHz band 100 feet (30 meters) Not interoperable with 802.11b, 802.11g, or 802.11n 802.11b Up to 11 Mbps 2.4 GHz band Interoperable with 802.11g 802.11g Interoperable with 802.11b 802.11n Up to 540 Mbps 164 feet (50 meters) Interoperable with 802.11b and 802.11g 802.15.1 Bluetooth Up to 2 Mbps 2.4 GHz band or 5 GHz band 30 feet (10 meters) Not interoperable with any other 802.11 6.6.1.4 Explain wireless Ethernet standards

Components and Operations of Basic Wireless LAN Topologies Components of a 802.11-based wireless infrastructure

The Components and Operations of Basic Wireless LAN Topologies How wireless networks operate

The Components and Operations of Basic Wireless LAN Security The threats to wireless LAN security

Security in a WLAN in 5 ways Disabling the SSID

Security in WLAN 2. MAC address filtration

Security in WLAN 3. Limiting the number of IPs

Security in WLAN 4. Enabling the Security mode

Security in WLAN 4. Wireless Security mode Wired Equivalent Privacy (WEP) – The first generation security standard for wireless. Attackers quickly discovered that WEP encryption was easy to break. Wi-Fi Protected Access (WPA) An improved version of WEP, uses much stronger encryption. Wi-Fi Protected Access 2 (WPA2) WPA2 supports robust encryption, providing government-grade security.

Security in WLAN 5. Internet Access Policy

Wireless Access More ways to secure a WLAN Wireless Antennae Avoid transmitting signals outside of the network area by installing an antenna with a pattern that serves your network users. Network Device Access On first connection to the network device, change the default username and password. Wi-Fi Protected Setup (WPS) The user connects to the wireless router using the factory-set PIN that is either printed on a sticker or shown on a display. Software has been developed that can intercept traffic and recover the WPS PIN and the pre-shared encryption key. Disable WPS on the wireless router if possible. 10.2.4.6 Wireless Access

Summary of today’s lecture In today’s lecture, we discussed how DDoS can be harmful to a network and what countermeasures such as IDS can be used to stop DDoS attacks We have seen that the nature of wireless network makes it vulnerable to security attacks We also discusses different ways that can be used to make a WLAN secure

Next lecture topics We will continue our discussion on WLAN Wardriving, which is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a portable computer, smartphone, will also be discussed.  Discussion on different security attacks on WLAN

The End

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.