copyright 2003 tel tech plus inc wireless without worry secure wireless networking tuesday, may 13,...
TRANSCRIPT
Copyright 2003 Tel Tech Plus Inc
Wireless Without WorrySecure Wireless Networking
Tuesday, May 13, 2003 4:15 – 5:00 pm
Presenter: Philip H. Schlesinger
MCSE, CCNA IT Manager TEL TECH PLUS, INC.
[email protected] BiCSi Wireless Design Specialty
DACUM Panel Member
Copyright 2003 Tel Tech Plus Inc
Wireless Without WorrySecure Wireless Networking
Presented by:
TTELEL T TECHECH P PLUSLUS, I, INCNC.. Concepts in Voice and Data
Communications Network Cabling Phone Systems / Voice Mail IT Services Repair & Maintenance
For an electronic copy of this presentation,please visit our web site and click on the
BiCSi link on the main page.
Copyright 2003 Tel Tech Plus Inc
Why Am I Here?
History of wireless communications
Cellular vs. wireless LAN
Security issues affecting both technologies
Copyright 2003 Tel Tech Plus Inc
In the Beginning . . . Section 1 History
In the BWC era (Before Wireless Communications), electronic communication required a wire strung between two locations . . .
Copyright 2003 Tel Tech Plus Inc
The People Cried Out : Section 1 History
Free us from our wired shackles!
And so the G-ds of wirelesscommunication heard theirpleas and sent fortha messenger . . .
Copyright 2003 Tel Tech Plus Inc
100 Years Ago . . . Section 1 History
On January 18, 1903, standing on a sandy bluff of Cape Cod, Marconi sent greetings from President Theodore Roosevelt to British monarch King Edward VII. This was the first wireless message ever sent across the ocean without help from a repeater station.
Copyright 2003 Tel Tech Plus Inc
Events that Furthered Wireless
Section 1 History
The sinking of the Titanic brought about 24-hour monitoring of radio channels on ships
Radio and television (need I say more?)
1971: ALOHANET – the first wireless packet switching network
Copyright 2003 Tel Tech Plus Inc
Benefits of Working Wirelessly Section 2 Cellular vs. WLAN
• Mobility• Installation Speed and Simplicity• Installation Flexibility• Reduced Cost-of-Ownership• Scalability
Copyright 2003 Tel Tech Plus Inc
Cellular Phone Progression Section 2 Cellular vs. WLAN
1G – Analog with no built-in security
2G – Digital with built-in security (top data speed 14.4 kbps)
2.5G/2.75G – Higher speeds (data speeds range from 56kbps dial-up to 128 kbps ISDN)
3G – True broadband speeds (not economically feasible yet)
Distance goal: 10 km
Copyright 2003 Tel Tech Plus Inc
Wireless LAN IEEE SpeedsSection 2 Cellular vs. WLAN
1997 ► 802.11 2.4 GHz, 1-2 Mbps
1999 ► 802.11b 2.4 GHz, up to 11Mbps
1999 ► 802.11a 5.0 GHz, up to 54 Mbps
2003 ► 802.11g 2.4 GHz, up to 54 Mbps
Distance goal: 150-300 ft LANs,
multiple km WANs
Copyright 2003 Tel Tech Plus Inc
OK, so what ?Section 3 Security
Need to protect two things when doing wireless networking:
The Data (can be air-tapped) The Computers and Network
Hardware (can be attacked)
Copyright 2003 Tel Tech Plus Inc
Air Tapping Section 3a Security – Air-
Tapping
Cellular: little to no potential risk here as long as signal is digital
WLAN: Uh-oh
Copyright 2003 Tel Tech Plus Inc
Data Intercepted by Hacking Section 3a Security – Air-Tapping
H
ACKER
AccessPoint
YOU
To: AccountantFrom: CEO
Dear Jane,Attached you will find myfinancials as well as details ofour upcoming projectrelease.....
Code Cracked - Data stream
To: AccountantFrom: CEO
Dear Jane,........................
Copyright 2003 Tel Tech Plus Inc
WEP – the first attempt Section 3a Security – Air-Tapping
Initial system: Wired Equivalent Privacy (a.k.a. WEP)
Problem: Shared non-changing encryption key combined with a bad implementation of RC4
Proof of concept: WEPCrack, AirSnort, WarLinux
Copyright 2003 Tel Tech Plus Inc
So WEP’s a Joke – Ideas?Section 3a Security – Air-Tapping
Band aids:
RADIUS / 802.1x (centralized authentication)
TKIP (dynamic encryption) Combination of the above two
(WPA) Various flavors of EAP
Copyright 2003 Tel Tech Plus Inc
More Stable Solutions Section 3a Security – Air-
Tapping
Disable SSID broadcast MAC address filtering Virtual Private
Networking(a.k.a. VPN) with
individual user SA’s Antenna placement &
configuration
Copyright 2003 Tel Tech Plus Inc
Join the Knights of Camelot Section 3a Security – Air-
Tapping
The holy grail: IEEE 802.11i
AES Encryption Secured connect/disconnect Other goodies
Copyright 2003 Tel Tech Plus Inc
Attacks on Computers and Network Hardware
Section 3b Security - Computer & Network Hardware Attacks
Viruses & Trojan Horses password and data stealingdata corruptioncomputer and network
usurping
Hackersall the above plusnetwork jamming attacksgeneral mischief
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios Section 3b Security - Computer
& Network Hardware Attacks
BeforeMonkey Jack
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios Section 3b Security - Computer
& Network Hardware Attacks
AfterMonkey Jack
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios Section 3b Security - Computer &
Network Hardware Attacks
This is your connection
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios Section 3b Security - Computer
& Network Hardware Attacks
This is yourconnection
on WLAN Jack
Copyright 2003 Tel Tech Plus Inc
Defenses Against Attackson the Enterprise
Section 3b Security - Computer & Network Hardware Attacks
Firewalls (hardware & software) Antivirus software Good password protection Keeping up to date on firmware,
drivers, and patches
Copyright 2003 Tel Tech Plus Inc
What Else Can Be Done? Section 3b Security - Computer
& Network Hardware Attacks
Site survey before deployment If not installing a wireless
Intrusion Detection System, periodic site surveys after deployment
Wi-Fi certification makes life a little easier
Copyright 2003 Tel Tech Plus Inc
Public Network Concerns Section 3b Security - Computer
& Network Hardware Attacks
Usually no wireless LAN encryption is employed, so:
When accessing corporate info: VPN a must
For public sites: use https:// or people can see what you’re sending back and forth over the air
Copyright 2003 Tel Tech Plus Inc
In Closing . . .
Cellular & Wireless LAN are great tools
Readily available and inexpensive Speeds are reasonable Just need to prep computers and users beforehand as to the risks
Copyright 2003 Tel Tech Plus Inc
Wireless Without WorrySecure Wireless Networking
Presented by:
TTELEL T TECHECH P PLUSLUS, I, INCNC.. Philip H. Schlesinger, CCNA, MCSEIT Manager990 Park Center Drive, Suite CVista, CA 92083-8352760-598-6233 760-598-6307 [email protected]
For an electronic copy of this presentation, please visit our web site
and click on theBiCSi link on the main page.
Copyright 2003 Tel Tech Plus Inc
Sources
http://www.marconicalling.com
http://www.gartner.com
http://www.ieee.org
http://www.wi-fi.org
http://www.airdefense.net
http://802.11ninja.net
http://www.yahoo.com(probably the best place to go for info)