Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Published byChristopher Harrison Modified over 9 years ago

Similar presentations

Presentation on theme: "Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research."— Presentation transcript:

1 Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research Vanderbilt University http://staffweb.library.vanderbilt.edu/breeding http://www.librarytechnology.org

2 Security concerns Eavesdropping a major concern Eavesdropping a major concern Unprotected wireless access points are an easy of entry for mobile hackers Unprotected wireless access points are an easy of entry for mobile hackers Many rogue Wireless LANS were put up in corporate networks without IT support or adequate security Many rogue Wireless LANS were put up in corporate networks without IT support or adequate security War Driving / War Chalking War Driving / War Chalking Some war driving / freeloading happens in residential settings Some war driving / freeloading happens in residential settings

3 Positioning your wireless network Libraries should already have a network security architecture that separates public access computing from the business network Libraries should already have a network security architecture that separates public access computing from the business network Adding a wireless LAN is easy when the library already has a solid security environment in place Adding a wireless LAN is easy when the library already has a solid security environment in place

4

5 Encryption necessary to ensure security Sensitive data must be encrypted when transmitted across any untrusted network Sensitive data must be encrypted when transmitted across any untrusted network Most Encryption algorithms uses a secure key to encode the data and decode it after transmission Most Encryption algorithms uses a secure key to encode the data and decode it after transmission The longer the key, the more difficult it is to use brute force to decrypt the message The longer the key, the more difficult it is to use brute force to decrypt the message WEP uses 40, 64, or 128 (WEP2) bit keys WEP uses 40, 64, or 128 (WEP2) bit keys

6 Wired Equivalency Privacy Optional Encryption scheme part of the 802.11b specification Optional Encryption scheme part of the 802.11b specification RC4 encryption RC4 encryption Single key encrypts all traffic Single key encrypts all traffic No system for key management No system for key management Hackers can easily recover the key Hackers can easily recover the key WEP often not enabled WEP often not enabled WEP can be defeated by sophisticated hackers WEP can be defeated by sophisticated hackers Provides a barrier to most potential intruders Provides a barrier to most potential intruders

7 Wireless Hacking tools At least two open source tools are available for recovering 802.11 WEP keys: At least two open source tools are available for recovering 802.11 WEP keys: WEPCrack WEPCrackhttp://wepcrack.sourceforge.net/ AirSnort AirSnort http://airsnort.shmoo.com/

8 802.11i Security Standard for the 802.11 arena Security Standard for the 802.11 arena Includes WPA and RSN (Robust Security Network) Includes WPA and RSN (Robust Security Network) Relies on 802.1x specification for port- based user and device authentication Relies on 802.1x specification for port- based user and device authentication Ratified June 2004 Ratified June 2004 Marketed as WPA2 Marketed as WPA2

9 WPA Wi-Fi Protected Access Wi-Fi Protected Access Enhanced security over WEP Enhanced security over WEP TKIP TKIP Available now Available now Backwardly compatible with WEP – requires only a firmware upgrade. Backwardly compatible with WEP – requires only a firmware upgrade.

10 Temporal Key Integrity Protocol (TKIP) 128 bit encryption keys 128 bit encryption keys Each packet encrypted with a different key based on a 48-bit serial number, incremented with each use. Each packet encrypted with a different key based on a 48-bit serial number, incremented with each use. Avoids replay attacks Avoids replay attacks Relies on a base key with is generated when a device associates with the base station Relies on a base key with is generated when a device associates with the base station Ideally unique base keys transmitted during 802.1x authentication Ideally unique base keys transmitted during 802.1x authentication Pre-shared keys used otherwise Pre-shared keys used otherwise

11 WPA2 WPA + AES = WPA2 WPA + AES = WPA2 Advanced Encryption Standard instead of TKIP Advanced Encryption Standard instead of TKIP Stronger encryption algorithm Stronger encryption algorithm Not guaranteed to be backwardly compatible with existing WEP equipment Not guaranteed to be backwardly compatible with existing WEP equipment Personal version uses pre-shared key Personal version uses pre-shared key Enterprise version uses 802.1X authentication through RADIUS server. Enterprise version uses 802.1X authentication through RADIUS server.

12 WPA/802.1x Diagram See: See: http://www.infoworld.com/infoworld/ img/20FEwifi_in-x.gif http://www.infoworld.com/infoworld/ img/20FEwifi_in-x.gif

13 Wi-Fi Security Services SecureMyWiFi (http://www.witopia.net/) SecureMyWiFi (http://www.witopia.net/)http://www.witopia.net/ RADIUS authentication and security key distribution service RADIUS authentication and security key distribution service Operates with AP’s that support WPA- Enterprise or WPA2-Enterprise Operates with AP’s that support WPA- Enterprise or WPA2-Enterprise $29 annual fee $29 annual fee

14 Virtual Private Networks (VPN) A technology that offers strong security A technology that offers strong security Common approach for remote users that rely on accessing organizational resources through the Internet Common approach for remote users that rely on accessing organizational resources through the Internet Applicable to wireless users on premises Applicable to wireless users on premises Enhances security / adds inconvenience. Enhances security / adds inconvenience.

15 WEP Security

16 VPN Security

17 Conclusions Solutions are available that provide solid security for wireless networks Solutions are available that provide solid security for wireless networks Trade-off between convenience and security. Trade-off between convenience and security. Open wireless networks can be operated without jeopardizing the library’s business network Open wireless networks can be operated without jeopardizing the library’s business network

Download ppt "Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research."

Similar presentations

Security in Wireless Networks Juan Camilo Quintero D. 1041718.

Security in Wireless Networks Juan Camilo Quintero D
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Security in IEEE 802.11 wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.

Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
Wireless Security Chi-Shu Ho, Raymond Chi CS265 Cryptography and Computer Security SJSU November 18, 2003.

Wireless Security Chi-Shu Ho, Raymond Chi CS265 Cryptography and Computer Security SJSU November 18, 2003.
WEP and 802.11i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.

WEP and i J.W. Pope 5/6/2004 CS 589 – Advanced Topics in Information Security.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
COMP4690, HKBU1 Security of 802.11 COMP4690: Advanced Topic.

COMP4690, HKBU1 Security of COMP4690: Advanced Topic.
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE

Similar presentations

Ads by Google