Presentation is loading. Please wait.

Presentation is loading. Please wait.

Access Control and Site Security (Part 2)

Published byGlenna Setiabudi Modified over 6 years ago

Similar presentations

Presentation on theme: "Access Control and Site Security (Part 2)"— Presentation transcript:

1 Access Control and Site Security (Part 2)
(January 27, 2016) © Abdou Illia – Spring 2016

2 Learning Objectives Discuss Site Security
Discuss Wireless LAN Security

3 Site Security

4 Building Security Basics
Single point of (normal) entry to building Fire doors and alarms Security centers Monitors for closed-circuit TV (CCTV) Videotapes that must be retained (Don’t reuse too much or the quality will be bad) Interior doors to control access between parts of the building Prevent piggybacking, i.e. holding the door open so that someone can enter without identification defeats this protection

5 Building Security Basics
Phone stickers with security center phone number Prevent dumpster diving by keeping dumpsters in locked, lighted area Training security personnel Training all employees Enforcing policies: You get what you enforce

6 Reading Questions Answer Reading Questions 1 posted to the course web site (in Notes’ section)

7 Wireless LAN Security

8 Wireless telecomm control
IEEE* is a professional association that Is dedicated to advancing technological innovations Develops standards for wired LAN devices Develops standards for Wireless LAN (WLAN) devices Wi-Fi Alliance is a trade association that at promotes Wireless LAN technology Certifies products if they conform to certain standards * Institute of Electrical and Electronics Engineers

9 IEEE 802.11 WLAN standards ≤ 54 Mbps ≤ 54 Mbps ≤ 150 Mbps 802.11b
802.11g 802.11n 802.11ac Unlicensed Band 2.4 GHz 5 GHz 2.4 GHz 2.4 GHz or 5 GHz 2.4/5 GHz Rated Speed ≤11 Mbps ≤ 54 Mbps ≤ 54 Mbps ≤ 150 Mbps >866 Mbps # of channels 3 12 13 13 802.11n Service band GHz divided into 13 channels Each channel is 40 MHz wide Channels spaced 5 MHz apart Channel 1 centered on 2412 MHz. Channel 13 centered on 2472 MHz Transmissions spread across multiple channels 802.11b and g devices use only Channel 1, 6, 11 to avoid transmission overlap. Wireless speed is the product of three factors: channel bandwidth, constellation density, and number of spatial streams ac pushes hard on the boundaries on each of these as shown in Table 1 (next slide) For the mathematically inclined, the physical layer speed of ac is calculated according to Table 1. For instance, an 80-MHz transmission sent at 256QAM with three spatial streams and a short guard interval delivers 234 × 3 × 5/6 × 8 bits/3.6 microseconds = 1300 Mbps AM radio channels have a 10KHz bandwidth FM radio channels: 200KHz bandwidth

10 IEEE WLAN standards Table 1. Calculating the Speed of n and ac PHY Bandwidth (as Number of Data Subcarriers) × Number of Spatial Streams Data Bits per Subcarrier ÷ Time per OFDM Symbol = PHY Data Rate (bps) 802.11n or ac 56 (20 MHz) 1 to 4 Up to 5/6 × log2(64) = 5 3.6 microseconds (short guard interval) 108 (40 MHz) 4 microseconds (long guard interval) 802.11ac only 234 (80 MHz) 5 to 8 Up to 5/6 × log2(256) ≈ 6.67 2 × 234 (160 MHz) Source: Cisco, (nd) ac: The Fifth Generation of Wi-Fi Technical White Paper, Retrieved 1/26/2016 from

11

12 802.11 Wireless LAN operation
refers to the IEEE Wireless LAN standards Ethernet Switch 802.3 Frame Containing Packet (2) Access Point Frame Containing Packet (3) (1) Notebook with wireless NIC Server Client PC

13 802.11 Wireless LAN (WLAN) Security
Basic Operation: Main wired network for servers (usually Ethernet) Wireless stations with wireless NICs Access Points for spreading service across the site Access points are internetworking devices that: link LANs to Ethernet LANs link stations to stations

14 802.11 Wireless LAN operation
1. If the AP is n-compliant, it can communicate with the notebook even if the notebook has a a NIC. T F 2. Given what you know about WLAN operation, where (i.e. on which device) security should be implemented to prevent unauthorized devices from gaining access to network services? Wireless LAN operation Ethernet Switch (2) Access Point Frame Containing Packet 802.3 Frame Containing Packet (1) (3) Server Notebook With PC Card Wireless NIC Client PC

15 Summary Question (1) Which of the following is among Wireless Access Points’ functions? Convert electric signal into radio wave Convert radio wave into electric signal Forward messages from wireless stations to devices in a wired LAN Forward messages from one wireless station to another All of the above Only c and d

16 MAC Filtering The Access Point could be configured to only allow mobile devices with specific MAC addresses Today, attack programs exist that could sniff MAC addresses, and then spoof them to gain access MAC Access Control List O9-2X-98-Y6-12-TR 10-U1-7Y-2J-6R-11 U1-E2-13-6D-G1-90 H1-80 …………………….. Access Point

17 IP Address Filtering The Access Point could be configured to only allow mobile devices with specific IP addresses Attacker could Get IP address by guessing based on companies range of IP addresses Sniff IP addresses, then spoof them to gain access IP Address Access Control List / /24 …………………….. Access Point

18 Access control at EIU What is used at EIU today to control access to the WLAN?

19 SSID: Apparent 802.11 Security
Service Set Identifier (SSID) It’s a “Network name” of up to 32 characters Access Points come with default SSID. Example: “tsunami” for Cisco or “linksys” for Linksys All Access Points in a WLAN have same SSID Mobile devices must know the SSID to “talk” to the access points SSID frequently broadcasted by the access point for ease of discovery. SSID in frame headers are transmitted in clear text SSID broadcasting could be disabled but it’s a weak security measure Sniffer programs (e.g. Kismet, inSSIDer) can find SSIDs easily

20 Wired Equivalent Privacy (WEP)
Standard originally intended to make wireless networks as secure as wired networks With WEP, mobile devices need to provide a shared key to be authenticated and gain access Typical WEP key length: 40-bit, 128-bit, 256-bit If a hacker intercepts, decrypts, and compares two messages encrypted with the same key, he/she will know the key Question: Besides through hacking, how can a WEP key be leaked? What can be done to limit access by unauthorized users? WEP authentication process Wireless station sends authentication request to AP AP sends back a 128 bits challenge text in plaintext Wireless station uses the RC4 encryption scheme to encrypt the challenge text and its WEP key and sends result to AP AP regenerate the WEP key from received result, then compare WEP key to its own WEP key AP sends a success or failure message Open Source WEP Cracking software aircrack-ng weplab WEPCrack airsnort

21 Wired Equivalent Privacy (WEP)
Using a Initialization Vectors (IV) To make the shared key hard to crack, WEP uses a per-frame key that is the shared key plus a 24-bit initialization vector (IV) that is different for each frame/packet. However, many frames “leak” a few bits of the key With high traffic, an attacker using readily available software can crack a shared key in 2 or 3 minutes

22 Wi-Fi Protected Access (WPA)
WPA extends the security of WEP/RC4 primarily by: increasing the IV from 24 bits to 48 bits Implementing a system for automatic rekeying called TKIP (Temporal Key Integrity Protocol) Cryptographic Characteristic WEP WPA 802.11i (WPA2) Cipher for Confidentiality RC4 with a flawed implementation RC4 with 48-bit initialization vector (IV) AES with bit keys Automatic Rekeying None Temporal Key Integrity Protocol (TKIP), which has been partially cracked AES-CCMP Mode Overall Cryptographic Strength Negligible Weaker but no complete crack to date Extremely strong

23 802.11i (or WPA2) The128-bit key changes
In 2004, the IEEE working group developed a security standard called i to be implement in networks. 802.11i tightens security through the use of the AES encryption scheme with a 128-bit key 802.11i can be added to existing AP and NICs The128-bit key changes

24 Other protocols used in 802.11i
Authentication and data integrity in i and x rely on the Extensible Authentication Protocol (EAP) which has different options: Wireless Transport Layer Security (WTLS) protocol Server and mobile devices must have digital certificates Requires that Public Key Infrastructure (PKI) be installed to manage digital certificates Tunneled WTLS Digital certificates are installed on the server only Once server is securely authenticated to the client via its Certificate Authority, a secured tunnel is created. Server authenticates the client through the tunnel. Client could use passwords as mean of authentication

25 Using Authentication server
2. Pass on Request to RADIUS Server RADIUS Server / WAP Gateway 1. Authentication Request Access Point Applicant (Lee) 4. Accept Applicant Key=XYZ 5. OK Use Key XYZ 3. Get User Lee’s Data (Optional; RADIUS Server May Store Authentication Data) Directory Server or Kerberos Server RADIUS is an AAA (Authentication, Authorization, Accounting) protocol Once user authenticated, AP assigns user individual key, avoiding shared key.

26 Soft Access Point* Usually, a soft AP is a laptop loaded with cracking software Soft AP allow the hacker to get passwords, MAC address, etc. Access Point Ethernet Switch 802.3 Frame Containing Packet (2) (1) (3) Notebook With PC Card Wireless NIC Server Soft AP Client PC * Also called Rogue Access Point

27 Wireless Intrusion Detection Systems
Monitor the radio spectrum for the presence of unauthorized access points Conventionally, operate by checking the MAC addresses of the participating access points Use fingerprinting approach to weed out devices with spoofed MAC addresses Compare unique signatures exhibited by the signals emitted by each wireless access point against the known signatures of legitimate access points

28 How Cracking Wireless Networks works?
Visit Youtube.com Search for the following video Video name: Cracking Wireless Networks Posted by: spektral311 Date: 9/8/2008 Copy of video in Review section of website

29 Basic Terminology Accidental Association Malicious association
Wireless device latching onto a neighboring Access Point when turned on. User may not even notice the association Malicious association Intentionally setting a wireless device to connect to a network Installing rogue wireless devices to collecting corporate info War driving Driving around looking for weak unprotected WLAN

30 Summary Questions What is meant by accidental association? Malicious association? What are the functions of a wireless access point? What is a SSID? How many SSIDs are needed in a WLAN with 3 wireless access points and 13 mobile stations? How good security measure is disabling the broadcasting of a WLAN’s SSID? What is WEP? How secure is a WEP-protected WLAN compared to WPA, WPA2, and i? Explain the operation of a RADIUS authentication server What is rogue AP? How can you detect a rogue AP? Answer Review Questions 2 in Notes’ section of class Website

Download ppt "Access Control and Site Security (Part 2)"

Similar presentations

Security+ All-In-One Edition Chapter 10 – Wireless Security

Security+ All-In-One Edition Chapter 10 – Wireless Security
Chaper 11-Wireless LANS Wireless LAN Concepts Deploying WLANs

Chaper 11-Wireless LANS Wireless LAN Concepts Deploying WLANs
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Security in IEEE 802.11 wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.

Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
December 17, 2002 1 Wi-Fi Mark Faggiano GBA 576. December 17, 20022 Purpose of the Project  I hear Wi-Fi, WLAN, 802.11 everywhere  What does it all.

December 17, Wi-Fi Mark Faggiano GBA 576. December 17, Purpose of the Project  I hear Wi-Fi, WLAN, everywhere  What does it all.
Access Control and Site Security (Part 2) (Tuesday, January 22, 2008) © Abdou Illia – Spring 2008.

Access Control and Site Security (Part 2) (Tuesday, January 22, 2008) © Abdou Illia – Spring 2008.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Conducted and Wireless Media (Part II) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 7, Tuesday 2/21/2007)

Conducted and Wireless Media (Part II) School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 7, Tuesday 2/21/2007)
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Access Control and Site Security (Part 2) (January 28, 2015) © Abdou Illia – Spring 2015.

Access Control and Site Security (Part 2) (January 28, 2015) © Abdou Illia – Spring 2015.
Access Control and Site Security (Part 2) (January 28, 2015) © Abdou Illia – Spring 2015.

Access Control and Site Security (Part 2) (January 28, 2015) © Abdou Illia – Spring 2015.

Similar presentations

Ads by Google