Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Published byCorey Ford Modified over 8 years ago

Similar presentations

Presentation on theme: "Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues."— Presentation transcript:

1 Lesson 20-Wireless Security

2 Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues. Deploying wireless safely.

3 Introduction to Wireless Networks Wireless networks are inexpensive and easy to set up and use. But wireless technology opens up some serious security issues to organizations using them. As yet no effective solution has been put forward to handle the risk of wireless networks.

4 Understanding Current Wireless Technology Wireless LANs (WLAN) center around IEEE 802.11x standards. These standards allow workstations to establish connections with a wireless access point (AP). Access points are in turn connected to wired LAN or another workstation. 802.11x standard provides for exchange of authentication information and for encryption of the information.

5 Understanding Current Wireless Technology Standard architectures: Typical 802.11x standard allows for connectivity up to 150 feet indoors and 1,500 feet outdoors. DHCP server in this architecture provides necessary information that allows proper workstation communication to network.

6 Understanding Current Wireless Technology Transmission security: 802.11x standard defines Wired Equivalent Privacy (WEP) protocol to protect information passing over WLAN. WEP provides authentication, confidentiality, and integrity services. Authentication service can be used to authenticate a workstation to the AP.

7 Understanding Current Wireless Technology Transmission security: Open System authentication or cryptographic authentication provides no proof to the AP of the workstation’s identity. This method leaves the workstation open to attach itself to any rogue AP. Authentication and confidentiality services use RC4 algorithm, which cannot be easily attacked.

8 Understanding Current Wireless Technology Transmission security: Confidentiality mechanism protects all protocol header information and data above the 802.11x protocol. WEP supports 40-bit and 128-bit keys. WEP does not specify a key management system, which means that WEP installations rely on static keys.

9 Understanding Current Wireless Technology Transmission security: Another problem with WEP is that an intruder can capture the initialization vectors and also determine the encryption key. Implementation of RC4 in WEP is flawed and open to compromise. Integrity check on each packet should be done by using cyclic redundancy check (CRC) of 32 bits.

10 Understanding Current Wireless Technology Authentication: Authentication is a part of securing a WLAN. WLAN users have service set identifier (SSID), MAC address, WEP, and 802.1x port-based network access control options for authentication. These options cannot manage risk of WLAN by themselves. For a workstation to associate with an AP, it must have the SSID.

11 Understanding Current Wireless Technology Authentication: Since SSID is broadcast by many APs, listening workstations can use it to add themselves to the appropriate network. Some APs use MAC address authentication to authorize computers to access the WLAN. MAC addresses must be transmitted in clear or the network would not function. An intruder listening to the traffic could misuse MAC addresses.

12 Understanding Current Wireless Technology Authentication: 802.1X protocol is an add-on to all layer 2 network access protocols including Ethernet and WLANs. Use of 802.1X allows for stronger authentication mechanism. Since mutual authentication is optional with 802.1X, many default installations will be open to interception attacks.

13 Understanding Wireless Security Issues Use of WLANs involves risks like eavesdropping, direct internal attacks, and attacks against external sites. Several tools are available to detect WLANs easily. WLANs allow computers close to the physical network to communicate as if on the network. In WLANs, intruders have the ability to gain access to an organization’s internal network.

14 Understanding Wireless Security Issues Organizations using WEP are also subject to eavesdropping because of tools like WEPCrack. WEPCrack requires the intruder to collect millions of packets to determine the encryption key. A passive eavesdropping attack is almost impossible to detect. An intruder can attack WLANs internally or externally and discover and exploit vulnerabilities.

15 Understanding Wireless Security Issues It is difficult to find the physical location of an intruder since IP addresses are not location-specific. The organization may be legally responsible if an intruder gained access to the internal network.

16 Deploying Wireless Safely Deployment of WLAN should be preceded by a thorough risk assessment. Proper security measures should be implemented by the organization to reduce risk while deploying a WLAN. Access point security, transmission security, workstation security, and site security measures assist in risk management.

17 Deploying Wireless Safely Access point security: Configuring the AP is an important starting point. Setting WEP key and using MAC addresses help to limit AP detection. HTTPS should be used to manage AP when possible along with strong passwords. APs should be positioned so that their range outside the facility is limited.

18 Deploying Wireless Safely Transmission security: Though WEP has serious vulnerabilities, it does not provide easy access to casual intruders. It is appropriate to use another encryption system along with WEP. WLAN can be treated as a semi-trusted or untrusted segment of the network.

19 Deploying Wireless Safely Workstation security: It is possible to directly attack workstations on a WLAN. Appropriate anti-virus software or personal firewalls should be used on workstations for protection.

20 Deploying Wireless Safely Site security: WLANs should be placed on their own network and protected with a firewall between WLAN and the internal network. An intrusion detection system should be deployed on WLAN to detect unauthorized visitors. Organizations must address illegal or unauthorized APs by performing periodic wireless assessments on their networks.

21 Summary Wireless LANs center around the 802.11x standards. WEP provides authentication, confidentiality, and integrity services. WLAN users have service set identifier (SSID), MAC address, WEP, and 802.1x port-based network access control options for authentication.

22 Summary Security risks in WLANs include eavesdropping, direct internal attacks, and attacks against external sites. Security measures like access point security, transmission security, workstation security, and site security assist in managing risk.

Download ppt "Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues."

Similar presentations

Security in Wireless Networks Juan Camilo Quintero D. 1041718.

Security in Wireless Networks Juan Camilo Quintero D
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
CSA 223 network and web security Chapter one

CSA 223 network and web security Chapter one
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Security and Wireless LANs Or Fun and Profit With Your Neighbor’s Bandwidth Chris Murphy MIT Information Systems.

Security and Wireless LANs Or Fun and Profit With Your Neighbor’s Bandwidth Chris Murphy MIT Information Systems.
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.

Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.

Similar presentations

Ads by Google