Presentation is loading. Please wait.

Presentation is loading. Please wait.

NETW 05A: APPLIED WIRELESS SECURITY Unauthorized Access

Published byMarvin Butler Modified over 6 years ago

Similar presentations

Presentation on theme: "NETW 05A: APPLIED WIRELESS SECURITY Unauthorized Access"— Presentation transcript:

1 NETW 05A: APPLIED WIRELESS SECURITY Unauthorized Access
By Mohammad Shanehsaz February 22, 2005

2 Objectives Explain how intruders obtain network access using wireless LAN protocol analyzers, site surveying tools, and active intrusion techniques. Explain common points of attacks. Describe common non-secure configuration issues that can be the focus of an attack.

3 Objectives Describe weaknesses in existing security solutions.
Explain security vulnerabilities associated with public access wireless networks. Explain how malicious code or file insertion occurs in wireless LAN through the use of Viral attacks and Placement of illegal content. Explain peer-to-peer hacking and how it can be prevented.

4 Tools For Gaining Access
Cisco 350 & Orinoco Gold Cards High gain omni & directional antennas Lophtcrack Manufacturer’s client utilities Lucent Registry Crack ( LRC ) List of manufacturer’s default settings

5 Rogue Devices A rogue device is any device that is not authorized to be on the network. It is considered a security breach of the highest level. The best way to go about discovering these devices is to learn how a professional intruder would go about placing them.

6 Items that an intruder consider when placing rogue devices such as Access Points
Location WEP settings Placement Costs Visibility SSID settings Frequency Spectrum choice Antenna

7 Location, placement, visibility
Rogue devices will be placed as if the device were designed to be there in the first place, without any disruption in service to the existing network. These devices will be placed near the edge of the building-the closer to a window the better, for better coverage from outside the building. It is well hidden, placing it in the CEO or other executive's office behind his or her desk is ideal, but it require a lot of work.

8 Costs, WEP, SSID settings
Small and cheap access points are usually used, there is a good chance to lose it. Using WEP key making it easier for a rogue device without WEP, to be discover by administrator who is scanning the area. The SSID must be match with the existing wireless LAN implementation, having closed system feature, making it harder to detect the device.

9 Frequency, Antennas, and Spectrum choice
Intruders may use 900 MHz units instead 2.4 GHz or 5 GHz, Wi-Fi compliant unit, because no discovery tools can find it. Horizontally polarized antennas are often used to produce a very small RF signature on any scanning devices. Intruders may use FHSS technology, Bluetooth, OpenAir, or HomeRF instead of DSSS, so to avoid being discovered by discovery tools .

10 List of items that an intruder consider when placing rogue devices such as Wireless Bridges
Placement Priority MAC Spoofing Antenna Use Costs

11 Placement, and priority
A rogue bridge is placed within the Fresnel Zone of an existing bridge link, which may span several miles, making it tougher to detect. It must be set to a very low priority so it does not become root bridge, and thus give itself away as a rogue device.

12 MAC spoofing, Antenna use and Costs
If MAC spoofing features are available in the bridge, then the MAC address of an authorized non-root bridge can be spoofed. It will use high-gain directional antennas to ensure a consistently high quality connection. The cost of bridge is higher than access point, even though the chances of being discovered are much lower

13 DATA Theft & Malicious Insertion
High-speed wireless connectivity allows nearby intruders to pull large amount of data from a network as well as pushing equal amount of data to the network. It can be Illegal, Unethical, or Inappropriate Content that attacker deposits on the corporate server or individual computer which will result in employment termination of the individual or legal battles between companies.

14 DATA Theft & Malicious Insertion
There are many types of malware ( viruses and spyware ) that an intruder can place on a computer in order to obtain information or damage the network. These worms, Trojans, and other types of viruses can be caught and disinfected before they do damage by properly installed, configured, and updated virus scanning software.

15 Peer-to-Peer Attacks Peer-to-peer attacks are attacks instigated by one host aimed at another particular host, both of which are clients of the same network system. Targets that hackers commonly seek are sensitive data files, password files, registry information such as WEP keys, or file share properties, and network access info.

16 Types of peer-to-peer attacks
Spread spectrum RF, by using a compatible RF technology in ad hoc or infrastructure mode. Infrared, using the port on the back of PC. Hijacking, using a rogue access point and a rogue DHCP server, to capture layer 2, and layer 3 connections, then using RF jamming device force the user to roam to the rogue access point

17 Unauthorized Control Network Management Tools
Network management tools are powerful utilities for managing large enterprise LANs and WANs from a central point of control. Attacker can take over entire network from a mobile workstation using software packages such as Hyena, Solarwinds

18 Unauthorized Control Configuration Changes
Attacker can reconfigure one access point and having that access point push its configuration to all other access points due to unsecured settings in wireless LAN, or if it start a firmware push followed by terminating the power to all access points because of PoE, it could disable all APs

19 Unauthorized Control Third Party Attacks
Denial of service and SPAM attacks originating from an unsuspecting network with unsecured wireless LAN, the corporation can then be blacklisted and eventually disconnected from their ISP. - Legal Liabilities - ISP termination of service

20 Discussion Questions How has this lesson changed your outlook on rogue access points? Is manual searching for rogues, even on a regular basis, is enough to keep them off your network? What are some ramifications of illegal or unethical content being placed on the network over wireless LAN? Could a hacker target a person for termination?

Download ppt "NETW 05A: APPLIED WIRELESS SECURITY Unauthorized Access"

Similar presentations

Anatomy of an 802.11 Wi-Fi Enterprise Wireless LAN Chris De Herrera Pacific Crest Bank Chief Information Officer Webmaster, Tablet PC Talk, CEWindows.NET.

Anatomy of an Wi-Fi Enterprise Wireless LAN Chris De Herrera Pacific Crest Bank Chief Information Officer Webmaster, Tablet PC Talk, CEWindows.NET.
Wi-Fi Technology.

Wi-Fi Technology.
Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.

Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.
Wireless LAN Security Understanding and Preventing Network Attacks.

Wireless LAN Security Understanding and Preventing Network Attacks.
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”

WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Wireless Security. Objective: Understand the benefits of a wireless network Understand security risks Examples of vulnerabilities Methods to protect your.

Wireless Security. Objective: Understand the benefits of a wireless network Understand security risks Examples of vulnerabilities Methods to protect your.

Similar presentations

Ads by Google