Wireless Security. Objective: Understand the benefits of a wireless network Understand security risks Examples of vulnerabilities Methods to protect your.

Slides:



Advertisements
Similar presentations
Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.
Advertisements

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Wireless Security Threats and Solutions By: Shirene Turpin & Rob Waight.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World
This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
Wireless Network Security
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Dainis Krakops’ Wireless Network MOTOROLA SURFboard SB5101 CABLE MODEM Enables cable operators to provide broadband Internet connection for my LAN devices.
Securing a Wireless Network
WIRELESS SECURITY ASHIMA SOOD PEYTON GREENE. OVERVIEW History Introduction to Wireless Networking Wireless Network Security Methods Securing Wireless.
Securing Information Systems
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Udit Verma( ) Aditya Gulati( ) Abhishek Meena( )
Wireless Networks Tamus, Zoltán Ádám
Wireless Network Security. What is a Wireless Network Wireless networks serve as the transport mechanism between devices and among devices and the traditional.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Guided by: Jenela Prajapati Presented by: (08bec039) Nikhlesh khatra.
Doc.: IEEE ai Submission Paul Lambert, Marvell Security Review and Recommendations for IEEE802.11ai Fast Initial Link Setup Author:
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
WLAN Security Issues, technologies, and alternative solutions Hosam M. Badreldin Western Illinois University December 2011 Hosam Badreldin – Fall 2011.
Wireless Network Security Presented by: Prabhakaran Theertharaman.
Wi-Fi Technology. Agenda Introduction Introduction History History Wi-Fi Technologies Wi-Fi Technologies Wi-Fi Network Elements Wi-Fi Network Elements.
Wireless Networking & Security Greg Stabler Spencer Smith.
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
Internet Security and Your Computer Welcome to Boot Camp.
Wireless Networks. Wireless Network A wireless network transports data from one device to another without cables or wires – RF signals – Microwaves –
Solving the Security Risks of WLAN Tuukka Karvonen
Wireless Network Security By Simon Langford. About… This oral presentation is on wireless networks and the methods of security in use on them, in order.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
There is a lot to talk about if we think of the advantages of a wireless connection, the most important of its aspects is mobility and everything that.
Securing a Wireless Home Network BY: ARGA PRIBADI.
Brianne Stewart.   A wireless network is any computer network that is not connected with a cable  Many homes use this type of internet access  Less.
Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
Network System Security - Task 2. Russell Johnston.
NETWORK SECURITY. What do you see THE IMPORTANCE OF SECURITY THE ARE WEBSITES ON THE INTERNET COULD INFORM PEOPLE THE RANGE AND AVAILABLE UNSECURED SITES.
Wireless Network By Mohammed AL Amoudi. Overview Definition of Wireless Reliability Speed Security Conclusion.
Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.
Instructor Materials Chapter 6 Building a Home Network
NETW 05A: APPLIED WIRELESS SECURITY Unauthorized Access
Securing A Wireless Network
Wireless Network Security
Technology - wireless Describe equipment and technologies operating in the radio frequency (RF) spectrum between 3 Hz and 300 GHz. Examples of wireless.
Chapter 11: It’s a Network
Security of a Local Area Network
Hacking Wireless Networks
Wireless Security.
Wireless LAN Security 4.3 Wireless LAN Security.
September 2011 April 2009 doc.: IEEE /xxxxr0
WLAN Security Antti Miettinen.
Security in mobile technologies
Wireless Spoofing Attacks on Mobile Devices
Presentation transcript:

Wireless Security

Objective: Understand the benefits of a wireless network Understand security risks Examples of vulnerabilities Methods to protect your network

Benefits of a Wireless Network Can be an extension to a wired LAN Wired LANs can be at time, impractical, or impossible No wiring Moving does not require re-wiring, network re-configuration or cable drops. Portability/Flexibility Less Expenditures on relocation and initial setup

WVA-Wireless Vulnerabilities and Attacks Wireless attacks fall under 4 main categories: Passive Attacks Active Attacks Man in the Middle Attacks Jamming

Passive Attack Eavesdropping: People listening and monitoring your network Network Monitor, TCPdump in Linux,NetStumbler, or Airsnort, are tools used to capture and “analyze” network traffic by “war drivers”

“War Driving” The act of driving around looking for open WI FI nodes There are websites and software that allows potential hackers to get a map of open APs. Many sites/forums with thousands of users have adopted war driving as a hobby. While many claim this to be solely as hobby, your network may be at risk if a potential hacker discovers your unsecured network Same sites and forums map your Wi Fi location on the internet..

Stats of found Wi Fi Spots (wigle.net)

Wardriving maps available online (wigle.net)

Wardriving map using Google Earth

Active Attacks Insertion :based on placing unauthorized devices on the wireless network without going through a security process. Spoofing: Cloaking SSID or MAC addresses to get by security measures DOS (denial of service): Jamming, flooding attacks that prevent sites/networks from performing efficiently. Releasing Malware into Network: software with the intent to cause harm to nodes/network. (viruses, trojan horses, spyware, adware, keystroke loggers, etc.

WVA-Wireless Vulnerability and Attacks MAC Authentication Spoofing MAC Authentication Spoofing Most Wi-Fi WLAN equipment vendors include a sublevel of rudimentary authentication via MAC address white/black listing. Standard tools can "spoof" MAC addresses which allow any attacker to mask himself/herself as an authorized client thereby gaining access to the WLAN.

Man in the Middle Attack attacker will control the communication between two parties by secretly controlling both sides of the communication stream. Attacker can use a rogue AP and “spoof” the SSID to which unsuspecting users will log on to.

WVA-Wireless Vulnerabilities and Attacks SSID Can be Spoofed The SSID used to identify an network can be trivially faked by an attacker SSID Can be Spoofed If a client can be tricked into connecting to a malicious AP then it may become vulnerable in a number of ways: (a) it may accept an unencrypted connection, (b) the malicious AP might be used as part of a man-in-the-middle attack, (c) the user might be tricked by phishing attacks behind the AP (e.g. a fake hotspot signup page).

Jamming RF frequencies interfere with the operation of the wireless network Can be unintentional jamming: cordless phones and other devices on the same frequency Not very common attack: A lot of work only to “interfere”…The payoff isn't as great for hackers.

WVA-Wireless Vulnerability and Attacks Falling victim to an insertion attack can prove to be costly. Personal information is exposed Corporations risk losing money, personnel info., client accounts, etc. (possibly lead to lawsuits)

Security Measures Although there is no guarantee that your network will be 100 % secure, you can minimize the chances and, perhaps, even deter a few “wannabe hackers”. After all, you wouldn’t leave your front door open…would you?

Security Measures Avoid Misconfiguration Change ALL default passwords on your router. Enable WEP. WEP is disabled by default. Avoid using DHCP if possible (especially in corporate environment) Periodically change Passwords.

Security Measures Use Static IP addresses Avoid dynamic addresses assigned by DHCP. (default setting on AP is to use DHCP) Corporate environment: Avoid employees bringing in their personal, possibly misconfigured AP. Assign every node a private address so as to avoid your devices from being reached directly from the internet. Private IP EX:

Security Measures MAC filtering: Enable MAC filtering in your router so that only specified computers can connect to your AP Reduce signal “leakage” by placing router in an area where its radius covers only your work space. (i.e. avoid the coverage including front yard)

Security Measures From a corporate standpoint: It is crucial to create an risk assessment before incorporating a wireless network. They should make security measures which they have a need for, so that they can aquire the proper hardware/software solutions

Security Measures -continued Agencies should understand the need to constantly having to provide upgrades, fixes, and or patches, to maintain proper security. No one protocol or encryption is 100% safe or effective.

Conclusion An overall good practice for a personal or corporate level, is to use common sense. Educate yourself about the risks and vulnerabilities, and make sure that you use every security measure available to you: Firewalls, encryptions, properly placed APs, MAC filtering, etc.

Sources for further Information NIST (National Institute of Standards and Technology)