Presentation is loading. Please wait.

Presentation is loading. Please wait.

By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.

Published byAbner Owens Modified over 8 years ago

Similar presentations

Presentation on theme: "By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion."— Presentation transcript:

1 By Billy Ripple

2  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion

3  Security between two network entities should provide the following  Authentication ▪ Process of determining whether somebody or something is who or what it is declared  Integrity ▪ Maintaining accuracy and consistency of data  Privacy ▪ Prevents security threats, primarily eavesdropping attempts

4  Denial of service  Man-in-the-middle attacks  Rogue access points  Other threats include:  Ad hoc networks  MAC Spoofing  Network Injection

5  An attempt to make a machine or network unavailable  Many different methods of attacks  Internet Control Message Protocol Flood  SYN flood  Teardrop attacks  Peer-to-peer attacks

6  Smurf Attack  Relies on misconfigured network devices that allow packets to be sent to all computer hosts  The attackers will send large numbers of IP packets with the source address faked to appear to be the address of the victim  The network's bandwidth is quickly used up, preventing legitimate packets from getting through to their destination

7  Ping Flood  Based on sending the victim an overwhelming number of ping packets by using the “ping” command from Unix-like hosts  This allows access to greater bandwidth than the victim  Ping of death  Sending the victim a malformed ping packet which ultimately leads to a system crash

8  Occurs when a host sends a flood of TCP/SYN packets  Each packet is handled like a connection request  The server creates a half open connection by sending back an ACK packet and waiting for a response to the ACK packet  These half-open connections keep the server from responding to legitimate requests until after the attack is over

9  Attacker sends mangled IP fragments with over-sized payloads to the victims machine  This crashes operating systems due to a bug in their TCP/IP fragmentation  Newer operating systems aren’t affected by this type of attack  Except Windows Vista

10  The attacker intercepts messages in a public key exchange and retransmits them. The attacker substitutes his own public key for the requested one.  The original parties believe they are just communicating with each other  The attacker has access to both user’s messages

11

12  Attacker spoofs a disassociate message from the victim  The victim starts to look for a new access point  The attacker advertises his access point using the real access point’s mac address  The attacker connects to the real access point using the victim’s mac address.

13  A wireless access point that has been installed on a secure company network without authorization from a network administrator  Often created to allow a hacker to conduct a man-in-the-middle attack  There are many different types of software that allow businesses to detect a rogue access point

14  WEP – Wired Equivalent Privacy  WPA- Wi-Fi Protected Access  WPA2/802.11i

15  The original encryption protocol developed for IEEE 802.11 wireless LANs  Designed to provide the same level of security as wired networks  No longer recommended  Uses a network security key to encrypt information that one computer sends to another across your network

16  When WEP is active, each 802.11 packet is encrypted separately  These packets are encrypted with an RC4 cipher stream generated by a 64-bit RC4 key  This key is composed of a 24-bit initialization vector(IV) and a 40-bit WEP key  The encrypted packet is generated with a bitwise XOR of the original packet and the RC4 stream  The IV is chosen by the sender and can be changed periodically

17 RC4 Most widely used software stream cipher Very simple, relatively weak

18  Key Management and key size  Keys are long-lived and of poor quality  The Initialization Vector is too small  WEP’s IV size of 24 bits allows for 16,777,216 different RC4 cipher streams for a given WEP key  If the RC4 cipher for a given IV is found an attacker can decrypt packets  Message Integrity Checking is ineffective  WEP has a message integrity check but hackers can change messages and recompute a new value to match

19  https://www.youtube.com/watch?v=GqleMWzSvUk  Uses AirPcap and Cain and Abel software  Software must capture at least one Address Resolution Protocol request from a system on the target access point  You can force this by sending something to the connected client  You must make sure you have over 250,000 Ivs before attempting to crack the WEP key

20  Security technology that improves on the authentication and encryption of WEP  Developed to replace WEP in 2003  Provides stronger encryption than WEP by using two standard technologies  TKIP – Temporal Key Integrity Protocol  AES – Advanced Encryption Standard  Includes built-in authentication support that WEP doesn’t offer

21  Wraps additional code around WEP  TKIP implements a key mixing function that combines the secret root key with the IV before passing it to the RC4 routine  WPA then implements a sequence counter to protect against replay attacks  Packets received out of order will be rejected by the access point  TKIP then implements a 64-bit message integrity check

22

23  Very complex  Requires more computing power  Better than the TKIP option  Based on a design principle known as substitution- permutation network  AES operates on a 4X4 matrix of bytes  The key size used for AES specifies the number of repetitions of rounds that convert the input into output  10 cycles of repetition for 128-bit keys  12 cycles of repetition for 192-bit keys  14 cycles of repetition for 256-bit keys

24 Possible Combinations: 128-bit- 3.4 X 10^38 192-bit- 6.2 X 10^57 256-bit- 1.1 X 10^77 It would take 1 billion years to crack the 128-bit AES key using a brute force method

25  The primary weakness with WPA is it is password protected  Easy password makes this easier to hack  TKIP isn’t much more secure than WEP due to the simplicity of the RC4 algorithm  WPA AES isn’t supported on older equipment  WPA used to only be able to use TKIP

26  Replaced WPA on all Wi-Fi hardware since 2006  Provides government grade security by combining the AES encryption algorithm and 802.1x-based authentication  Based on the IEEE 802.11i technology standard for data encryption  Has several different forms of security keys  Two versions  Enterprise – Server authentication 802.1x  Personal – AES pre-shared key  Backward compatible with WPA

27  Personal  Uses pre-shared key to optimize its effectiveness without an authentication server ▪ Used in small office and home environments  Enterprise  Caters to big businesses  Uses open system authentication in its first phase and the Extensible Authentication protocol method and 802.1x protocol in its second phase

28  IEEE 802.1x  Standard defined by IEEE for port based network access control  Protocol to make sure only legitimate clients can use a network secured by WPA2  Separates the user authentication from the message integrity and privacy  Allows for more flexibility  WPA2 personal doesn’t require an authentication server  WPA2 enterprise consists of the following:  Client  Access Point  Authentication Server

29  WPA2 has immunity against  Man-in-the-middle attacks  Weak Keys  Packet forging  Brute-force attacks  Allows the client to reconnect to APs he has recently connected to without needing re- authentication

30  Can’t withstand a physical layer attack such as:  Data flooding  Access point failure  Vulnerable to a DoS attack  Vulnerable to MAC address spoofing

31  To have a secure connection between two connection entities you must have authentication, integrity, and privacy  There are many security threats in a WLAN  WEP, WPA,WPA2 are wireless network security methods  WEP should be avoided  WPA2 is the best security method  Questions?

32  http://www.esecurityplanet.com/views/article.php/3869221/ Top-Ten-WiFi-Security-Threats.htm http://www.esecurityplanet.com/views/article.php/3869221/ Top-Ten-WiFi-Security-Threats.htm  http://searchsecurity.techtarget.com/definition/man-in-the- middle-attack http://searchsecurity.techtarget.com/definition/man-in-the- middle-attack  http://www.dummies.com/how-to/content/wireless- security-protocols-wep-wpa-and-wpa2.html http://www.dummies.com/how-to/content/wireless- security-protocols-wep-wpa-and-wpa2.html  http://www.networkworld.com/details/715.html http://www.networkworld.com/details/715.html  http://www.howtogeek.com/167783/htg-explains-the- difference-between-wep-wpa-and-wpa2-wireless- encryption-and-why-it-matters/ http://www.howtogeek.com/167783/htg-explains-the- difference-between-wep-wpa-and-wpa2-wireless- encryption-and-why-it-matters/  http://www.eetimes.com/document.asp?doc_id=1279619 http://www.eetimes.com/document.asp?doc_id=1279619

Download ppt "By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion."

Similar presentations

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
802.11 Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.

Similar presentations

Ads by Google