Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless LAN Security.

Published by Modified over 10 years ago

Similar presentations

Presentation on theme: "Wireless LAN Security."— Presentation transcript:

1 Wireless LAN Security

2 Wireless Webster’s New World Dictionary, 2nd College Edition, defines wireless as: “without wire or wires; specifically operating with electromagnetic waves and not with conducting wire”

3 LAN Newton’s Telecom Dictionary, 11th Edition, defines "LAN" as:
"A short distance data communications network (typically within a building or campus) used to link computers and peripheral devices under some form of standard control."

4 What is Wireless LAN? A wireless LAN (WLAN) is a flexible data communication system implemented as an extension to, or as an alternative for, a wired LAN within a building or campus. Using electromagnetic waves, WLANs transmit and receive data over the air, minimizing the need for wired connections. WLANs combine data connectivity with user mobility, and, through simplified configuration, enable movable LANs.

5 Wireless LAN Technology
IEEE HomeRF 2Mbps (10Mbps shortly) Frequency Hopping Spread Spectrum Bluetooth Low power Personal Area Networks

6 Wireless Personal Area Networking (WPAN)
The WPAN category is led by a short-range wireless technology called Bluetooth. Most Bluetooth implementations support low cost, modest speed (up to 700Kbps), and short range (<10 meters) applications. Bluetooth is ideal for applications such as wireless headsets, wireless synchronization of PDAs with computers, and wireless peripherals such as printers or keyboards.

7 TECHNOLOGY OF WIRELESS LANS
Infared (IR) Never commercially implemented Radio Frequency (RF) Frequency Hopping Spread Spectrum (FHSS) Direct Sequence Spread Spectrum (DSSS)

8 Why Wireless LAN? (I) Mobility-Wireless LAN systems can provide LAN users with access to real-time information anywhere in their organization. This mobility supports productivity and service opportunities not possible with wired networks. Installation Speed and Simplicity-Installing a wireless LAN system can be fast and easy and can eliminate the need to pull cable through walls and ceilings. Installation Flexibility-Wireless technology allows the network to go where wire cannot go.

9 Why Wireless LAN? (II) Reduced Cost-of-Ownership-While the initial investment required for wireless LAN hardware can be higher than the cost of wired LAN hardware, overall installation expenses and life-cycle costs can be significantly lower. Long-term cost benefits are greatest in dynamic environments requiring frequent moves, adds, and changes. Scalability-Wireless LAN systems can be configured in a variety of topologies to meet the needs of specific applications and installations. Configurations are easily changed and range from peer-to-peer networks suitable for a small number of users to full infrastructure networks of thousands of users that allows roaming over a broad area.

10 IEEE and the ISO Model The Institute of Electrical and Electronics Engineers (IEEE) publishes the standards. (1997) was the 1st wireless standard from an internationally recognized, independent organization IEEE Ethernet uses CSMA/CD-Carrier Sense Multiple Access with Collision Detection IEEE b uses CSMA/CA-Carrier Sense Multiple Access with Collision Avoidance CSMA/CA utilizes the RTS/CTS (Request To Send/Clear To Send) protocol to notify other workstations that a transmission is about to take place. Difference is transparent RTS CTS Data ACK

11 IEEE

12 IEEE b Published in 1999 Higher speeds (11Mbps and 5.5Mbps) while maintaining compatibility with DSSS 1 & 2 Mbps rates (roughly equivalent to10Mbps shared Ethernet) Interoperability Wireless Fidelity (Wi-Fi) certification by the Wireless Ethernet Compatibility Alliance (WECA) Affordability PC Card NICs under $200 Starting to see built-in wireless NICs

13 Wireless LAN Market Projection
Source: Micrologic Research

14 ISM Spectrum Allocation
In the United State, the Federal Communications Commission (FCC) governs radio transmission, but FCC does not require the end-user to purchase license to use the ISM bands. ISM bands includes MHz, GHz, GHz, GHz. Wireless LANs are typically designed to operate in Instrumentation, Scientific, and Medical (ISM) radio bands.

15 Channel Assignments 11 channels are used in the U.S., 13 in Europe, 4 in France, and 1 in Japan The 11 channels used in the U.S. have center frequencies of 2.412GHz-2.462GHz in 5MHz increments

16 Channel Selection Each DSSS channel is 22MHz wide
Channels 1, 6, & 11 provide non-overlapping coverage A minimum of 3 channels of separation (e.g. 1,4,7 & 10) can be used in certain situations. ch 1 ch 6 ch 11 An example of a frequency plan of an infrastructure network using DSSS.

17 Interference The unlicensed ISM band is subject to possible interference from: Cordless phones, video monitoring devices, etc. that operate at 2.4GHz Microwave Ovens Other Wireless LANs

18 Access Point Range Line-of-sight transmission Open office: ~500’
Semi-open: ~160’ Closed Office: ~80’ These are approximate figures and can vary greatly depending on AP and client placement, wall construction,furniture, etc.

19 How Many Wireless Connections within a AP?
This depends upon the manufacturer. Some hardware access points have a recommended limit of 10, with other more expensive access points supporting up to 100 wireless connections. Using more computers than recommended will cause performance and reliability to suffer.

20 Safety Most wireless NICs only output ~30mW to conserve battery power
Radio transmits only when there is data to be sent; a cell phone which transmits throughout the entire call Read the manufacturer’s safety information

21 Wireless LAN Hardware (I)
Wireless Network Interface Card (NIC) Contains the radio transceiver, antenna, and circuitry to convert Radio Frequency (RF) to digital Form factors PC Card ISA or PCI NIC or PC Card adapter USB

22 Wireless LAN Hardware (II)
Wireless Access Point (AP) A network device that interconnects a wireless radio network to a wired LAN. Also known as a Base Station Bridges between wireless and wired segments to minimize traffic Frequency selection Authentication & Encryption Built-in radio & antenna(s) or slots for PC Cards Hardware vs. software APs

23 Software AP & Hardware AP
Hardware Access Point Software Access Point

24 Wireless LAN Configurations
Peer-to-peer Workgroup Also known as Ad Hoc Network Infrastructure or Client/Server Network

25 Infrastructure Mode Standalone LAN or integrated into an existing enterprise network

26 Ad Hoc Mode Simplest and cheapest to build
Client computers communicate directly with each other All client computers must be within range of each other File & printer sharing using a peer-to-peer operating system

27 More Than One AP Configuration
Extension Point Multiple Access Points

28 FHSS v.s. DSSS Frequency hopping spread spectrum technology (FHSS)
Carrier frequency hops among multiple narrow channels according to a unique sequence Direct sequence spread spectrum technology (DSSS) Data is encoded and decoded using a Psuedo Random Noise Code

29 When Should I Use Wireless?
Wireless makes the most sense in situations requiring: Quick setup and take down (conferences, trade shows) Temporary facilities (leased or rented space) Historical buildings

30 When Shouldn’t I Use Wireless?
Wireless is not a substitute for a good wired infrastructure. Speed Reliability Security Cost (?)

31 Security There are two main components involved in securing Wireless LANs: Authorization Service Set ID (SSID): also known as Network Name MAC Address Access List Encryption WEP (Wired Equivalent Privacy)

32 Service Set ID (SSID) Default client setting is "ANY"; all open networks within range will respond and the radio will usually associate with the strongest signal Closed networks require the exact SSID to be entered in the client configuration settings and only APs with the same SSID will be visible Allows assigning clients into specific groups by forcing them to associate with a specific AP or group of APs Updates would need to be performed on APs and clients simultaneously

33 MAC Address Access List
Wireless NIC MAC address must be included in the list for the AP to allow data to pass. Difficult to implement on a large scale or with transient users Lists need to be maintained in each access point, although querying a centralized list may be possible

34 WEP (Wired Equivalent Privacy)
Intended to provide privacy equivalent to that of a non-encrypted wired network 40-bit encryption based on the RC4 algorithm. 128-bit version may be vendor-specific Encryption key updates would need to be performed on APs and clients simultaneously Keys can be entered in ASCII or Hex, depending on the manufacturer May impact AP throughput

35 Security, Security, Security
Large-scale networks cannot rely on b alone to provide authorization and encryption. Authorization and encryption could be accomplished by using a Virtual Private Network (VPN) Encryption needs to be implemented at the two endpoints so that data does not traverse the wireless network in clear text. Uses SSL or Pretty Good Privacy (PGP)

36 Wireless Security Scope & Risks
AirSnort WEPCrack Network Stumbler Internet Scanner Wireless Scanner RealSecure BlackICE PC Protection 3.5 11.a 11.b 11.g Insertion Attacks Plug-in unauthorized APs & Clients SSID configuration Interception and monitoring wireless traffic WEP vulnerability Mis-configuration (including use default value) Jamming (Interfering) Client to Client Attacks (DoS) War Driving Parasitic Grids

37 Taxonomy of Security Attacks

38 WLAN Security Mitigation
Wireless Security Policy and Architecture Design Treat BaseStations as Untrusted Base Station Configuration Policy 802.1X Security MAC Address Filtering Base Station Discovery Honeypots - FakeAP Base Station Security Assessments Wireless Client Protection Emerging Security Standards and Technologies IEEE Task Group I ( TGi ) Advanced Encryption Standard ( AES ) WiFi Protected Access ( WPA ) Temporal Key Integrity Protocol ( TKIP ) IEEE IEEE 802.1X-2001 Extensible Authentication Protocol ( EAP ) IEEE i Management Countermeasures Operational Countermeasures Technical Countermeasures

Download ppt "Wireless LAN Security."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”

WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.
Wireless Local Area Networks By Edmund Gean August 2, 2000.

Wireless Local Area Networks By Edmund Gean August 2, 2000.
CPET 260 – Network I Wireless Networks Bluetooth.

CPET 260 – Network I Wireless Networks Bluetooth.
RELIABILITY OF WIRELESS NETWORKS Cagatay Bozturk.

RELIABILITY OF WIRELESS NETWORKS Cagatay Bozturk.
Wi-Fi the 802.11 Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.

Wi-Fi the Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.
WLAN 802.11b 802.11a Johan Montelius

WLAN b a Johan Montelius
1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.

1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.
 An electrical device that sends or receives radio or television signals through electromagnetic waves.

 An electrical device that sends or receives radio or television signals through electromagnetic waves.
Wireless LANs Presented by: Jerome Thompson Mei-Lun Huang Liu-Yin Hu Kai-Wing Sum.

Wireless LANs Presented by: Jerome Thompson Mei-Lun Huang Liu-Yin Hu Kai-Wing Sum.
WIRELESS NETWORKING Presenter: Nhan Nguyên Phương.

WIRELESS NETWORKING Presenter: Nhan Nguyên Phương.
© 2010 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to Managing and Troubleshooting PCs Third Edition Wireless Networking.

© 2010 The McGraw-Hill Companies, Inc. All rights reserved Mike Meyers’ CompTIA A+ ® Guide to Managing and Troubleshooting PCs Third Edition Wireless Networking.
Stacy Drake Bluetooth Vs. Wi-Fi. What is Bluetooth?

Stacy Drake Bluetooth Vs. Wi-Fi. What is Bluetooth?
© 2009 Pearson Education, Inc. Publishing as Prentice Hall Chapter 5 Updated January 2009 Raymond Panko’s Business Data Networks and Telecommunications,

© 2009 Pearson Education, Inc. Publishing as Prentice Hall Chapter 5 Updated January 2009 Raymond Panko’s Business Data Networks and Telecommunications,
CCNA DISCOVERY 1 MODULE 7 – WIRELESS TECHNOLOGIES.

CCNA DISCOVERY 1 MODULE 7 – WIRELESS TECHNOLOGIES.
Wireless Versus Wired Network Components By: Steven R. Yasoni & Dario Strazimiri.

Wireless Versus Wired Network Components By: Steven R. Yasoni & Dario Strazimiri.

Similar presentations

Ads by Google