Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless and Instant Messaging

Published byRolf Franklin Modified over 9 years ago

Similar presentations

Presentation on theme: "Wireless and Instant Messaging"— Presentation transcript:

1 Wireless and Instant Messaging
Chapter 8

2 Learning Objectives Understand security issues related to wireless data transfer Understand the x standards Understand Wireless Application Protocol (WAP) and how it works Understand Wireless Transport Layer Security (WTLS) protocol and how it works continued…

3 Learning Objectives Understand Wired Equivalent Privacy (WEP) and how it works Conduct a wireless site survey Understand instant messaging

4 802.11 IEEE group responsible for defining interface between wireless clients and their network access points in wireless LANs First standard finalized in 1997 defined three types of transmission at Physical layer Diffused infrared - based on infrared transmissions Direct sequence spread spectrum (DSSS) - radio-based Frequency hopping spread spectrum (FHSS) - radio-based continued…

5 802.11 Established WEP as optional security protocol
Specified use of 2.4 GHz industrial, scientific, and medical (ISM) radio band Mandated 1 Mbps data transfer rate and optional 2 Mbps data transfer rate Most prominent working groups: b, a, i, and g

6 802.11a “High-Speed Physical Layer in the 5 GHz Band”
Sets specifications for wireless data transmission of up to 54 Mbps in the 5 GHz band Uses an orthogonal frequency division multiplexing encoding scheme rather than FHSS or DSSS Approved in 1999

7 802.11b “Higher-Speed Layer Extension in the 2.4 GHz Band”
Establishes specifications for data transmission that provides 11 Mbps transmission (with fallback to 5.5, 2, and 1 Mbps) at 2.4 GHz band Sometimes referred to as “Wi-Fi” when associated with WECA certified devices Uses only DSSS Approved in 1999

8 802.11c Worked to establish MAC bridging functionality for to operate in other countries Folded into 802.1D standard for MAC bridging

9 802.11d Responsible for determining requirements necessary for to operate in other countries Continuing

10 802.11e Responsible for creating a standard that will add multimedia and quality of service (QoS) capabilities to wireless MAC layer and therefore guarantee specified data transmission rates and error percentages Proposal in draft form

11 802.11f Responsible for creating a standard that will allow for better roaming between multivendor access points and distribution systems Ongoing

12 802.11g Responsible for providing raw data throughput over wireless networks at a throughput rate of 22 Mbps or more Draft created in January 2002; final approval expected in late 2002 or early 2003

13 802.11h Responsible for providing a way to allow for European implementation requests regarding the 5 GHz band Requirements Limits PC card from emitting more radio signal than needed Allows devices to listen to radio wave activity before picking a channel on which to broadcast Ongoing; not yet approved

14 802.11i Responsible for fixing security flaws in WEP and 802.1x
Hopes to eliminate WEP altogether and replace it with Temporal Key Integrity Protocol (TKIP), which would require replacement of keys within a certain amount of time Ongoing; not yet approved

15 802.11j Worked to create a global standard in the 5 GHz band by making high-performance LAN (HiperLAN) and a interoperable Disbanded after efforts in this area were mostly successful

16

17 Wireless Application Protocol (WAP)
Open, global specification created by the WAP Forum Designed to deliver information and services to users of handheld digital devices Compatible with most wireless networks Can be built on any operating system

18 WAP-Enabled Devices

19 WAP-Enabled Devices

20 How WAP 1x Works WAP 1.x Stack
Set of protocols created by the WAP Forum that alters the OSI model Five layers lie within the top four (of seven) layers of the OSI model Leaner than the OSI model Each WAP protocol makes data transactions as compressed as possible and allows for more dropped packets than OSI model

21 WAP 1.x Stack Compared to OSI/Web Stack

22 Differences Between Wireless and Wired Data Transfer
WAP 1.x stack protocols require that data communications between clients (wireless devices) and servers pass through a WAP gateway Network architectural structures

23 WAP versus Wired Network

24 The WAP 2.0 Stack Eliminates use of WTLS; relies on a lighter version of TLS – the same protocol used on the common Internet stack – which allows end-to-end security and avoids any WAP gaps Replaces all other layers of WAP 1.x by standard Internet layers Still supports the WAP 1.x stack in order to facilitate legacy devices and systems

25

26 Additional WAP 2.0 Features
WAP Push User agent profile Wireless Telephony Application Extended Functionality Interface (EFI) Multimedia Messaging Service (MMS)

27 Wireless Transport Layer Security (WTLS) Protocol
Provides authentication, data encryption, and privacy for WAP 1.x users Three classes of authentication Class 1 Anonymous; does not allow either the client or the gateway to authenticate each other Class 2 Only allows the client to authenticate the gateway Class 3 Allows both the client and the gateway to authenticate each other

28 WTLS Protocol: Steps of Class 2 Authentication
WAP device sends request for authentication Gateway responds, then sends a copy of its certificate – which contains gateway’s public key – to the WAP device WAP device receives the certificate and public key and generates a unique random value WAP gateway receives encrypted value and uses its own private key to decrypt it

29 WTLS Security Concerns
Security threats posed by WAP gap Unsafe use of service set identifiers (SSIDs)

30 Wired Equivalent Privacy (WEP)
Optional security protocol for wireless local area networks defined in the b standard Designed to provide same level of security as a wired LAN Not considered adequate security without also implementing a separate authentication process and providing for external key management

31 Wireless LAN (WLAN) Connects clients to network resources using radio signals to pass data through the ether Employs wireless access points (AP) Connected to the wired LAN Act as radio broadcast stations that transmit data to clients equipped with wireless network interface cards (NICs)

32 How a WLAN Works

33 APs

34 NICs

35 How WEP Works Uses a symmetric key (shared key) to authenticate wireless devices (not wireless device users) and to guarantee integrity of data by encrypting transmissions Each of the APs and clients need to share the same key Client sends a request to the AP asking for permission to access the wired network continued…

36 How WEP Works If WEP has not been enabled (default), the AP allows the request to pass If WEP has been enabled, client begins a challenge-and-response authentication process

37 WEP’s Weaknesses Problems related to the initialization vector (IV) that it uses to encrypt data and ensure its integrity Can be picked up by hackers Is reused on a regular basis Problems with how it handles keys

38 Other WLAN Security Loopholes
War driving Unauthorized users can attach themselves to WLANs and use their resources, set up their own access points and jam the network WEP authenticates clients, not users Wireless network administrators and users must be educated about inherent insecurity of wireless systems and the need for care

39 Conducting a Wireless Site Survey
Conduct a needs assessment of network users Obtain a copy of the site’s blueprint Do a walk-through of the site Identify possible access point locations Verify access point locations Document findings

40 Instant Messaging (IM)
AOL Instant Messenger (AIM) MSN Messenger Yahoo! Messenger ICQ Internet Relay Chat (IRC)

41 Definition of IM Uses a real-time communication model
Allows users to keep track of online status and availability of other users who are also using IM applications Can be used on both wired and wireless devices Easy and fast continued…

42 Definition of IM Operates in two models: Peer-to-peer model
May cause client to expose sensitive information Peer-to-network model Risk of network outage and DoS attacks making IM communication unavailable

43 Problems Facing IM Lack of default encryption enables packet sniffing
Social engineering overcomes even encryption

44 Technical Issues Surrounding IM
Files transfers Application sharing

45 Legal Issues Surrounding IM
Possible threat of litigation or criminal indictment should the wrong message be sent or overheard by the wrong person Currently immune to most corporate efforts to control it Must be monitored in real time

46 Blocking IM Install a firewall to block ports that IM products use; IM will be unavailable to all employees Limited blocking not currently possible

47 Cellular Phone Simple Messaging Service (SMS)
Messages are typed and sent immediately Problems Tracking inappropriate messages Risk of having messages sniffed

48 Chapter Summary Efforts of IEEE, specifically x standards, to standardize wireless security Security issues related to dominant wireless protocols WAP Connects mobile telephones, PDAs, pocket computers, and other mobile devices to the Internet WEP Used in WLANs continued…

49 Chapter Summary WTLS protocol
Conducting a site survey in advance of building a WLAN Security threats related to using (IM)

Download ppt "Wireless and Instant Messaging"

Similar presentations

Chaper 11-Wireless LANS Wireless LAN Concepts Deploying WLANs

Chaper 11-Wireless LANS Wireless LAN Concepts Deploying WLANs
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Wireless networking technology By Abbas Izadpanah January 2007.

Wireless networking technology By Abbas Izadpanah January 2007.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
CPET 260 – Network I Wireless Networks Bluetooth.

CPET 260 – Network I Wireless Networks Bluetooth.
Access Control and Site Security (Part 2) (Tuesday, January 22, 2008) © Abdou Illia – Spring 2008.

Access Control and Site Security (Part 2) (Tuesday, January 22, 2008) © Abdou Illia – Spring 2008.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.

Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
CIST 1601 Information Security Fundamentals Chapter 12 Wireless Networking Security Collected and Compiled By JD Willard MCSE, MCSA, Network+, Microsoft.

CIST 1601 Information Security Fundamentals Chapter 12 Wireless Networking Security Collected and Compiled By JD Willard MCSE, MCSA, Network+, Microsoft.
Network and Internet Security

Network and Internet Security
Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.
 An electrical device that sends or receives radio or television signals through electromagnetic waves.

 An electrical device that sends or receives radio or television signals through electromagnetic waves.
WLAN What is WLAN? Physical vs. Wireless LAN

WLAN What is WLAN? Physical vs. Wireless LAN
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Wireless Security Chapter 12.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Wireless Security Chapter 12.
Access Control and Site Security (Part 2) (January 28, 2015) © Abdou Illia – Spring 2015.

Access Control and Site Security (Part 2) (January 28, 2015) © Abdou Illia – Spring 2015.
1 Chapter Overview Wireless Technologies Wireless Security.

1 Chapter Overview Wireless Technologies Wireless Security.
Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.

Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.

Similar presentations

Ads by Google