How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

Slides:

Advertisements

Similar presentations

Ethical Hacking Module XV Hacking Wireless Networks.

Advertisements

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wired Equivalent Privacy (WEP)

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Security and Wireless LANs Or Fun and Profit With Your Neighbor’s Bandwidth Chris Murphy MIT Information Systems.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University

WLAN What is WLAN? Physical vs. Wireless LAN

Securing a Wireless Network

IE 419/519 Wireless Networks Lecture Notes #4 IEEE Wireless LAN Standard Part #2.

Agenda 10:00 11:00 Securing wireless networks 11:00 11:15 Break 11:15 12:00Patch Management in the Enterprise 12:00 1:00 Lunch 1:00 2:30 Network Isolation.

Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Computer Network Forensics Lecture 5 - Wireless © Joe Cleetus Concurrent Engineering Research Center, Lane Dept of Computer Science and Engineering, WVU.

WIRELESS LAN SECURITY Using

CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.

Wireless Networking.

Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.

Wireless Network Security Dr. John P. Abraham Professor UTPA.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

1 Figure 2-11: Wireless LAN (WLAN) Security Wireless LAN Family of Standards Basic Operation (Figure 2-12 on next slide)  Main wired network.

Wireless Insecurity By: No’eau Kamakani Robert Whitmire.

Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.

Environment => Office, Campus, Home  Impact How, not Whether A Checklist for Wireless Access Points.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

Doc.: IEEE ai Submission Paul Lambert, Marvell Security Review and Recommendations for IEEE802.11ai Fast Initial Link Setup Author:

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

WLAN Security Issues, technologies, and alternative solutions Hosam M. Badreldin Western Illinois University December 2011 Hosam Badreldin – Fall 2011.

Standard: Comparison and Security Jason Gibson TCM471 Professor Crum.

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

WEP Protocol Weaknesses and Vulnerabilities

CWNA Guide to Wireless LANs, Second Edition Chapter Eight Wireless LAN Security and Vulnerabilities.

Wireless Networking & Security Greg Stabler Spencer Smith.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.

Lecture 24 Wireless Network Security

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.

CSE 5/7349 – April 5 th 2006 Wireless Networking.

Dependability in Wireless Networks By Mohammed Al-Ghamdi.

Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.

Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.

Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.

1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.

Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal.

CWNA Guide to Wireless LANs, Third Edition Chapter 9: Wireless LAN Security Vulnerabilities.

Standard: Security Methods Jason Gibson TCM471 Professor Crum.

Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?

Understand Wireless Security LESSON Security Fundamentals.

Wireless Network Security

Wireless LAN Security 4.3 Wireless LAN Security.

WLAN Security Antti Miettinen.

Antti Miettinen (modified by JJ)

Security Issues with Wireless Protocols

Presentation transcript:

How secure are b Wireless Networks? By Ilian Emmons University of San Diego

Agenda Introduction What is a Hacker? Root Causes of Poor Security Conclusion & Solutions Questions & Answers

Introduction A wireless LAN is one in which a mobile user can connect to a local area network through a wireless (radio) connection. A standard, IEEE , specifies the technologies for wireless LANs. The standard includes an encryption method, the Wired Equivalent Privacy algorithm.

Wireless Networks is a family of specifications for WLANs developed by IEEE. There are currently four specifications in the family: , a, b, and g. The most recently approved standard, g, offers wireless transmission over relatively short distances at up to 54 Mbps.

802.11b Wireless Networks The b standard - often called Wi-Fi - is backward compatible with It offers wireless transmission over relatively short distances at up to 11 megabits per second. The modulation method selected for b is known as complementary code keying (CCK), which allows higher data speeds and is less susceptible to multipath-propagation interference.

Wired Equivalent Privacy Protocol Wired Equivalent Privacy (WEP) is a security protocol that encrypts data transmitted over a WLAN. Depending on the manufacturer and the model of the NIC card and access point, there are two levels of WEP commonly available: (1) 40-bit encryption key and 24-bit initialization vector (also called 64-bit encryption). (2) 104-bit key plus the 24-bit IV (also called 128- bit encryption).

Agenda Introduction What is a Hacker? Root Causes of Poor Security Conclusion & Solutions Questions & Answers

Portrait of a Hacker Male or female Between the ages of 1 and 99 Has more time than you Trying to prove how good they are Typically dumb and typically smart CISA-Jason Hacker-Jason

Users Reporting WLAN Security Incidents or Attacks Source: “ Wireless LAN Security: Usage, Expectations and Strategies for the Future.” June 2002.

Agenda Introduction What is a Hacker? Root Causes of Poor Security Conclusion and Solutions Questions & Answers

Controlling WLAN access Unauthorized use of WLAN bandwidth. For example: Unauthorized access to the Internet. Unauthorized access to intranet services. Wireless gateways and APs should always be placed in untrusted subnets. Wireless station (end-user desktops/laptops) Compromise.

Controlling WLAN access cont… AP Compromise. Numerous APs are installed with default parameters. Mac Spoofing (WEP Deficiencies). War Driving.

Authentication Risks Two-step form authentication (1) authentication; (2) association. The weaknesses of the two-step form authentication are: (1) the previously discussed weaknesses of WEP; and (b) that all vendors broadcast the SSID values in the clear, so a protocol analyzer with a wireless card can find these values in seconds.

Authentication Risks cont… Rogue Access Points Lost or Stolen Cards

Data integrity and reliability Replay: Unencrypted frames are easily captured and replayed. IPSec VPNs provide strong replay protection, but nothing prevents re-sending a captured frame that was encrypted with WEP. Forgery: WEP includes a CRC that detects corruption, but cannot prevent a frame from being modified such that the CRC still passes. A VPN or higher-layer solution should be use to ensure wireless data integrity.

Data integrity and reliability Session Hijacking: A hacker can use a high- powered AP to intercept associate requests, masquerade as the legitimate AP, relay WLAN traffic to intended destination, and return responses to requesting stations. Stations and intranet servers may be unaware that sessions have been hijacked. To reduce this risk, network administrators should monitor for rogue APs and use b with strong authentication.

Agenda Introduction What is a Hacker? Root Causes of Poor Security Conclusion and Solutions Questions & Answers

Conclusion Every network technology has vulnerabilities. War driving and WEP shortcomings have simply heightened industry awareness of the risks inherent in WLANs.

Potential Solutions Always enable WEP. WEP is not secure, but at least it is a fist barrier. Change the default SSID of the product. Do not change the SSID to reflect your company’s main names, divisions, products or street address. Disable “broadcast SSID” in clear text. Change default passwords on access points or wireless routers.

Potential Solutions cont… Conduct attack and penetration testing on a regular basis to validate the security measures that they have implemented. Use of log monitoring and intrusion detection systems to identify unusual behavior. Use VPN to protect the Network. Traffic Analysis

Agenda Introduction What is a Hacker? Three of the major root causes of poor security in Wireless Networks Conclusion & Solutions Questions & Answers

Questions??? Answers!!!