![Page 1: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/1.jpg)
Wireless network security
Lt. Robert Drmola, University of defence, Communication and information system department
![Page 2: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/2.jpg)
Content
Home and corporal networks comparison Data protection Protection methods WLAN standards comparison Conclusion
![Page 3: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/3.jpg)
Home versus organizations networks WiFi – phenomenon of Czech republic
(Internet providers policy) Urgency of protection also small office and
home networks It has got advantages for hackers Big organizations usually uses better access
methods
![Page 4: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/4.jpg)
Reasons for wireless security
Computer criminality Activities masking Industrial espionage Unauthorization access Connectivity to internet
![Page 5: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/5.jpg)
Organizations data protection 38% scans company network for unauthorized
access points 22% instruct employees about wireless
network problems 57% set up network policy 33% without protection !!!!!
![Page 6: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/6.jpg)
Company data protection
Unauthorized (black) access point
![Page 7: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/7.jpg)
Company data protection
Ad-Hoc networks
![Page 8: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/8.jpg)
Basic methods
MAC filter activation SSID change Change of defaults parameters
IP Admin password Default cryptography keys
Argue out of 20% of attackers
![Page 9: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/9.jpg)
Advanced methods
WEP activation – Not so strong but better than nothing
WPA, WPA2 activation Radius server activation
Alternative for SOHO networks (WPA-PSK)
![Page 10: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/10.jpg)
Corporal networks
WLAN protection on commercial and organizations level
User authentization:
No authentization of devices but users – guard against
stolen devices or device simulations
![Page 11: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/11.jpg)
Corporal networks
WLAN protection on commercial and organizations level
System interdependence:
protect against unauthorized access points. Not only the client to network but also the network to client authorization.
![Page 12: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/12.jpg)
Corporal networks
WLAN protection on commercial and organizations level
Centralized management:
All information about users, devices, access points are saved centrally. Easy for admins to change information but hard to attackers
![Page 13: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/13.jpg)
Corporal networks
WLAN protection on commercial and organizations level
Dynamical encryption keys:
Different keys for every session and for every device and user.
![Page 14: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/14.jpg)
Security standards comparison
Secu
rity
level
Open network
WEP
WPA-PSKWPA2-PSK
WPA2-802.1xWPA2-802.1x IPSec - VPN
![Page 15: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/15.jpg)
Security standards for WLAN
Authentization/Encryption Corporal networks SOHO networks
Open network ---- / ---- unsuitable unsuitable
WEP Practically none/WEP unsuitable Very bad
WPA-PSK PSK/WEP-TKIP Very badVery good (quality-price
ratio)
WPA2-PSK PSK/AES-CCMP Bad Ideal solution
WPA-802.1x 802.1x/WEP-TKIP Good solutionUnsuitable because of the
price and hard implementation
WPA2-802.1x 802.1x/AES-CCMPIdeal solution for big
networks
Unsuitable because of the price and hard
implementation
![Page 16: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/16.jpg)
Idea and conclusion
WLAN protection:
Nowadays is possible to solve WLAN security can be personalized for every
kind of running Solve encryption only in radio parts (IPSec,
VPN)
![Page 17: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/17.jpg)
Conclusion
Security isn’t something what we can buy in box in our shop. It is unremitting fight between security experts and hackeres, which try to increase security level of our world. It requires persistent comparisons, tests and implementations. Unfortunately it can not be said: “Now - we protected our network and we can not solve this problem in future.”
![Page 18: Wireless network security Lt. Robert Drmola, University of defence, Communication and information system department](https://reader035.vdocuments.us/reader035/viewer/2022070308/551c07f7550346a84f8b4f88/html5/thumbnails/18.jpg)
Thank you for your attention
Lt. Robert Drmola, University of defence, Communication and information systems department