wireless network security · •limits outside access to the dmz network only security awareness,...

Security Awareness

Wireless Network Security

Attacks on Wireless Networks

• Three-step process

– Discovering the wireless network

– Connecting to the network

– Launching assaults

Security Awareness, 3rd Edition 2

Discovering

• Beaconing

– At regular intervals, a wireless router sends a signal

to announce its presence

• Scanning

– Wireless device looks for the incoming beacon

information

• Wireless location mapping

– Also known as war driving

– Finding a beacon from a wireless network and

recording information about it

Security Awareness, 3rd Edition 3

Discovering (cont’d.)

• Tools needed for war driving

– Mobile computing device

– Wireless NIC adapter

– Antenna

• Omnidirectional antenna

– Global positioning system (GPS) receiver

– Software

Security Awareness, 3rd Edition 4

Discovering (cont’d.)

Figure 5-8 USB wireless NIC

Security Awareness, 3rd Edition 5

Course Technology/Cengage Learning

Connecting

• Service Set Identifier (SSID)

– ‘‘Network name’’ and can be any alphanumeric

string from 2 to 32 characters

• Wireless networks are designed to freely distribute

their SSID

• Once a wireless device receives a beacon with the

SSID, it can then attempt to join the network

– Virtually nothing that an attacker must do in order to

connect

Security Awareness, 3rd Edition 6

3rd

Connecting (cont’d.)

Figure 5-9 Connecting to a wireless network

Security Awareness, 3rd Edition 7

Course Technology/Cengage Learning

Connecting (cont’d.)

• Some wireless security sources encourage users

to configure APs to prevent the beacon from

including the SSID

– Does not provide protection

Security Awareness, 3rd Edition 8

Launching Assaults

• Eavesdropping

– Attackers can easily view the contents of

transmissions from hundreds of feet away

– Even if they have not connected to the wireless

network

Security Awareness, 3rd Edition 9

Launching Assaults (cont’d.)

• Wired Equivalent Privacy (WEP)

– Ensure that only authorized parties can view

transmitted wireless information

– Encrypts information into ciphertext

– Contains a serious flaw

– Attacker can discover a WEP key in less than one

minute

Security Awareness, 3rd Edition 10

Launching Assaults (cont’d.)

• Stealing data

– Once connected attacker treated as “trusted user”

– Has access to any shared data

• Injecting malware

– “Trusted user” enters from behind the network’s

firewall

– Can easily inject malware

• Storing illegal content

– Can set up storage on user’s computer and store

content

Security Awareness, 3rd Edition 11

Launching Assaults (cont’d.)

• Launching denial of service (DoS) attacks

– Denial of service (DoS) attack

• Designed to prevent a device from performing its

intended function

– Wireless DoS attacks

• Designed to deny wireless devices access to the

wireless router itself

– Packet generator

• Create fake packets; flood wireless network with traffic

– Disassociation frames

• Communication from a wireless device that indicates

the device wishes to end the wireless connection

Security Awareness, 3rd Edition 12

Launching Assaults (cont’d.)

Figure 5-13 DoS attack using disassociation frames

Security Awareness, 3rd Edition 13

Course Technology/Cengage Learning

Launching Assaults (cont’d.)

• Impersonating a legitimate network

– Attackers will often impersonate legitimate networks

in restaurants, coffee shops, airports, etc.

– Does not require wireless router

– Ad hoc or peer-to-peer network

– Once the connection is made

• Attacker might be able to directly inject malware into

the user’s computer or steal data

Security Awareness, 3rd Edition 14

Wireless Network Defenses

• Secure the home wireless network

• Use an unprotected public wireless network in the

most secure manner possible

Security Awareness, 3rd Edition 15

Securing a Home Wireless Network

• Locking down the wireless router

– Create username and password

– Do not use default password

– Typical settings on the wireless router login security

screen

• Router Password

• Access Server

• Wireless Access Web

• Remote Management

Security Awareness, 3rd Edition 16

Securing a Home Wireless Network

(cont’d.)

Figure 5-15 Wireless router login security screen

Security Awareness, 3rd Edition 17

Course Technology/Cengage Learning

Securing a Home Wireless Network

(cont’d.)

• Limiting users

– Restrict who can access network by MAC address

• MAC address filter

– Dynamic Host Configuration Protocol (DHCP)

• Wireless routers distribute IP addresses to network

devices

• Properly configuring settings

• DHCP lease

Security Awareness, 3rd Edition 18

3rd

Securing a Home Wireless Network

(cont’d.)

Figure 5-16 MAC address filter

Security Awareness, 3rd Edition 19

Course Technology/Cengage Learning

Securing a Home Wireless Network

(cont’d.)

• Turning on Wi-Fi protected access 2 (WPA2)

– Personal security model

– Designed for single users or small office settings

– Parts

• Wi-Fi Protected Access (WPA)

• Wi-Fi Protected Access 2 (WPA2)

– To turn on WPA2

• Choose security mode

• Select WPA Algorithm

• Enter shared key

Security Awareness, 3rd Edition 20

Securing a Home Wireless Network

(cont’d.)

Figure 5-18 Security Mode options

Security Awareness, 3rd Edition 21

Course Technology/Cengage Learning

Securing a Home Wireless Network

(cont’d.)

Figure 5-19 WPA Algorithms setting

Security Awareness, 3rd Edition 22

Course Technology/Cengage Learning

Securing a Home Wireless Network

(cont’d.)

• Configuring network settings

– Network Address Translation (NAT)

• Hides the IP addresses of network devices from

attackers

• Private addresses

• NAT removes the private IP address from the sender’s

packet and replaces it with an alias IP address

– Port address translation (PAT)

• Each packet is sent to a different port number

Security Awareness, 3rd Edition 23

Securing a Home Wireless Network

(cont’d.)

– Virtual local area networks (VLANs)

• Segment users or network equipment in logical

groupings

• Creates a separate virtual network for each user of the

wireless network

– Demilitarized Zone (DMZ)

• Separate network that sits outside the secure network

perimeter

• Limits outside access to the DMZ network only

Security Awareness, 3rd Edition 24

Securing a Home Wireless Network

(cont’d.)

Figure 5-21 Demilitarized zone (DMZ)

Security Awareness, 3rd Edition 25

Course Technology/Cengage Learning

Securing a Home Wireless Network

(cont’d.)

– Port forwarding

• More secure than DMZ

• Opens only the ports that need to be available

Security Awareness, 3rd Edition 26

Using a Public Wireless Network

Securely

• Turning on a personal firewall

– Runs as a program on the user’s local computer

– Operates according to a rule base

– Rule options

• Allow

• Block

• Prompt

– Stateless packet filtering

– Stateful packet filtering

• Provides more protection

Security Awareness, 3rd Edition 27

Using a Public Wireless Network

Securely (cont’d.)

• Virtual Private Networks (VPNs)

– Uses an unsecured public network as if it were a

secure private network

– Encrypts all data that is transmitted between the

remote device and the network

– Advantages

• Full protection

• Transparency

• Authentication

• Industry standards

Security Awareness, 3rd Edition 28

Figure 5-22 Virtual private network (VPN)

Security Awareness, 3rd Edition 29

Course Technology/Cengage Learning