Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Slides:



Advertisements
Similar presentations
Encrypting Wireless Data with VPN Techniques
Advertisements

Network Security.
DSL-2730B, DSL-2740B, DSL-2750B.
Security in Wireless Networks Juan Camilo Quintero D
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
16-1 Last time Internet Application Security and Privacy Authentication Security controls using cryptography Link-layer security: WEP.
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless networking Roger Treweek Oxford University Computing Services.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
1 Configuring Linksys Wireless Router Prof. Valencia Community College.
Wireless Network Security Lab Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.
Network Address Translation, Remote Access and Virtual Private Networks BSAD 146 Dave Novak Sources: Network+ Guide to Networks, Dean 2013.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Virtual Private Network
Technical Training: DIR-615
1 BASIC TELECOMMUNICATIONS Wireless fidelity x.
NetComm Wireless VPN Functionality Feature Spotlight.
Dainis Krakops’ Wireless Network MOTOROLA SURFboard SB5101 CABLE MODEM Enables cable operators to provide broadband Internet connection for my LAN devices.
Wireless Networking 102.
WIRELESS SECURITY ASHIMA SOOD PEYTON GREENE. OVERVIEW History Introduction to Wireless Networking Wireless Network Security Methods Securing Wireless.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
1 Chapter Overview Wireless Technologies Wireless Security.
Mobile and Wireless Communication Security By Jason Gratto.
Internet Addressing. When your computer is on the Internet, anything you do requires data to be transmitted and received. For example, when you visit.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.
Secure connections.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod9_L8 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Module 8: Designing Network Access Solutions. Module Overview Securing and Controlling Network Access Designing Remote Access Services Designing RADIUS.
Module 11: Remote Access Fundamentals
Environment => Office, Campus, Home  Impact How, not Whether A Checklist for Wireless Access Points.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
VIRTUAL PRIVATE NETWORK By: Tammy Be Khoa Kieu Stephen Tran Michael Tse.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
Secure Wireless Home Networks Area 2 SIR Presentation Nov. 18, 2004 Dean Steichen Br. 8.
CAEN Wireless Network College of Engineering University of Michigan October 16, 2003 Dan Maletta.
C3 confidentiality classificationIntegrated M2M Terminals Introduction Vodafone MachineLink 3G v1.0 1 Vodafone MachineLink 3G VPN functionality Feature.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Wireless Networking & Security Greg Stabler Spencer Smith.
20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.
WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
Virtual Private Network. VPN In the most basic definition, VPN is a connection which allows 2 computers or networks to communicate with each other across.
DHP Agenda: How to Access Web Interface of the DHP-1320 on Access Point Mode How to Access Web Interface of the DHP-1320 on Router Mode How to Change.
Virtual Private Network. ATHENA Main Function of VPN  Privacy  Authenticating  Data Integrity  Antireplay.
Mohammed F & Aya. Peer-to-peer network are usually common in homes and small businesses and are not necessarily expensive. On a peer-to-peer network each.
Lesson 10: Configuring Network Settings MOAC : Configuring Windows 8.1.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Chapter 14 Network Encryption
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Remote Access Usages. Remote Desktop Remote desktop technology makes it possible to view another computer's desktop on your computer. This means you can.
Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
Don’t Log in!. Recap on the previous units I’ve tried to make it as concise as possible but there is a bit of writing, to ensure that you have some notes.
Securing your Personal Wireless Networks By: Bryan Oxendale.
Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Wireless Security.
Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.
How to Use LINCWorks as a Wireless Repeater For additional help please contact: Paul Peterson
Instructor Materials Chapter 6 Building a Home Network
How To Set Up A Wireless Network
Presentation transcript:

Wi-Fi Security January 21, 2008 by Larry Finger

Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however, always remember that the device is a radio. Whatever it broadcasts can be seen by any receiver tuned to that channel. This presentation will cover how to protect your own (private) network, and how to protect yourself when you use a public network.

Wi-Fi Security A “typical” home network

Wi-Fi Security Why Secure the home network (part 1)‏ Protect your information Using a program called wireshark, I captured data from the tengointernet wifi. One of the messages contained the following: href="/prize/prize-rules.jsp" target="_top">Prize Rules ';.prizes[2]=' This gobbledygook is HTML, the language of web pages. These data contain no secrets; however, the parts I didn't show could be used to determine what sites you visit, etc. Note: Wireshark does not work with Windows.

Wi-Fi Security Things are not quite as bad as the previous slide would suggest. When really sensitive information such as bank account numbers, log-in names, and passwords are transmitted, and you are using an “https” site, the data are already encrypted, and are usually safe. I'll cover the exception later.

Wi-Fi Security Why secure the home network (part 2)‏ Keep strangers from using your Internet connection You may have excess capacity, and sharing may not hurt, but what happens if the unwanted guest is downloading kiddie porn? The Internet record will point to YOUR connection!!! To my knowledge, no one has been prosecuted for this; however, why take a chance?

Wi-Fi Security How do you encrypt your Access Point? There are several flavors of encryption: WEP – Wired Equivalency Protocol WPA – Wi-Fi Protected Access WPA Personal (TKIP - Temporal Key Integrity Protocol or AES - Advanced Encryption Standard)‏ WPA2 Personal (TKIP or TKIP + AES)‏ RADIUS – Remote Authentication Dial In User Service – needs separate server - mostly for companies (highly secure)‏ WPA Enterprise – needs RADIUS server WPA2 Enterprise – needs RADIUS server

Wi-Fi Security WEP – Use only if it is the only encryption available!!! The designers did it badly. Even with the 128- bit version, the encryption can be broken in as little as 5 minutes! Be aware that the conversion of a WEP passphrase into a hexadecimal string is not unique and the key used by your AP may not match that of the computer!! Put a passphrase into the AP, but copy the string for later usage.

Wi-Fi Security WPA2 Personal – The best available encryption for the home network. Use this one if it is available. WPA Personal – This method is less secure than WPA2, but is designed to work with equipment originally designed for WEP. Unlike WEP, the WPA methods can only be cracked by dictionary attack. If the passphrase is 20 characters or more, cracking is essentially impossible. Use a strange combination of upper/lower case and special characters and/or numbers. My phrase is 28 characters, and includes special characters. WPA and WPA2 passphrase conversion is unique.

Wi-Fi Security How do you set the encryption method? The answer depends on the maker of your AP. For the Linksys models, you connect via a wired connection and point your browser to This address is the default value for these routers. I'll show later how to determine these “magic” numbers.

Wi-Fi Security You will be presented with this window. No “User Name” is required. Note: If you have not already changed the default password, do so now!

Wi-Fi Security After logging into the router, select the “Wireless” and “Wireless Security” tabs, and pull down “Security” to get

Wi-Fi Security To set up your AP for WPA2 with TKIP + AES, you would select

Wi-Fi Security This slide shows the way to generate the WEP key from a passphrase. Only the “Default” key will be needed

Wi-Fi Security If you have a different make of access point, the process may differ, but in general, you still will have to contact the IP address of the AP, log in, and select the encryption method and passphrase. To find the IP address that is needed, select “start/run”, put “cmd.exe” in the box, and click “Ok”. In the window that pops up, type “ipconfig /all”. The address listed as the “Default gateway” for the wired interface is what you need..

Wi-Fi Security I have now described what you do to secure your private network, but what can you do if you are using a public network such as found in RV parks, libraries, motels, and coffee shops? The solution is a Virtual Private Network or VPN. Unless your employer has a VPN server, these are not free. The one I use costs $40/year. Note: VPN's will also work with wired connections.

Wi-Fi Security A VPN is a network “tunnel” between your computer and the VPN server. With the tunnel, ALL transmitted data are encrypted before leaving your computer and is not decrypted until it reaches your VPN server, which sends your data on to the final target. Of course, if you are using https, there is an additional level of encryption.

Wi-Fi Security There are three flavors of VPN's: PPTP – Point to Point Transfer Protocol This method is easiest to implement, but relies on a password that is entered when you connect. It also uses a less-secure encryption than the other two. SSL – Secure Sockets Library This method uses a certificate, which was generated by the VPN provider, to authenticate the client. No password need be entered. Both the openvpn and ipsec programs use this method. IPSec – Internet Protocol SECurity This method is very secure; however, it requires modification to the operating system. Thus, it is harder to implement.

Wi-Fi Security Besides encryption, VPN has other benefits: Access “blocked” sites Use blocked servers and services Eliminate “Man-in-the-Middle” attacks

Wi-Fi Security References Detailed description of encryption methods: en.wikipedia.org The commercial VPN provider that I use:

Wi-Fi Security I will now show you the steps needed to create a PPTP VPN on Windows.