wirelsslansecurity

8/3/2019 WirelssLANsecurity

1/30


2/30

Introduction to Wireless LANs Wireless LAN Technology

Threats and Vulnerabilities of Wireless LAN

War driving, its configuration Encryption Hazards

How to protect your Wireless LAN

Securing Rogue Access points

Conclusion


3/30

Wireless LAN is a flexible communicationsystem implemented as an extension to awired LAN ,using electromagnetic waves to

transmit and receive data over air,minimizing the need for wired connections.

It combines data connectivity with user

mobility and through simplifiedconfiguration enables movable LANs.


4/30

Key drivers are mobility and accessibility

Easily change work locations in the office

Internet access at airports and cafes,etc

Increased Productivity

Improved collaboration

No need to reconnect to the network

Ability to work in more areas

No need to wire hard-to-reach areas


5/30

Installation speed and simplicity

No cable to pull.

Eliminates current architecture obstacles.

Few transmitters/receivers for multiple for users.


6/30

Installation flexibility

The network goes where wires cannot.

Not constrained by expensive walls.

Easy to add more computers and devices.


7/30

Reduced cost-of-ownership

Mobile devices are less expensive than computerworkstations.

Can Run Errands and stay in touch. No need to build wiring closets.


8/30

Mobility

Access to real-time information.

Supports productivity.

Provides service opportunities.

Promotes flexibility.


9/30

Scalability Spans a variety of topologies.

Configurations are easily changed.

Works over great distances. Effective for wide range of user communities.

Small number of users with local needs.

Full infrastructure networks roaming over a broad area.


10/30

Cost

Wireless network cards cost 4 times more than wirednetwork cards.

The access points are more expensive than hubs andwires.

Signal Bleed Over

Access points pick up the signals of adjacent access

points or overpower their signal.


11/30

Environmental Conditions Susceptible to weather and solar activity.

Constrained by buildings, trees, terrain.

Less Capacity Slower bandwidth.

Limit to how much data a carrier wave can transmitwithout lost packets impacting performance.

http://www.Compaq.com


12/30

Corporate

Mobile networking for e-mail, file sharing, and webbrowsing.

Education Connectivity to the University Network for

collaborative class activities.

Ability to access research sources without requiring

a hard point.


13/30

Narrowband Technology.

Spread Spectrum.

Frequency-Hopping spread SpectrumTechnology

Direct Sequence Spread spectrum

Infrared Technology


14/30

IEEE 802.11

IEEE 802.11b

IEEE 802.11a

IEEE 802.11e

HiperLAN/2


15/30

Someone could block the entire radiocommunication channel by transmittingjunk on certain frequencies andanonymously stage a denial of service attackfrom your network.

Someone can plant viruses on your system. Change Web pages. The latest high-profile hacking method is

called war driving, whereby hackers findunprotected WLANs by driving aroundwith a laptop and 802.11 Ethernet card .


16/30

Regardless of the technology, WLAN securitywill always be limited because users willsidestep security features .

Thus,its the weakest link in an ITinfrastructure to steal corporate data.

As the number of WLAN cards grows, so willthe opportunities for hackers to break into

wireless networks


17/30

Sniffing and War Driving

Rogue Networks

Policy Management

MAC Address

SSID

WEP


18/30

Default installation allow any wireless NIC toaccess the network

Drive around (or walk) and gain access to

wireless networks

Provides direct access behind the firewall

Heard reports of an 8 mile range using a 24dB

gain parabolic dish antenna


19/30

Basic Configuration of War Driving


20/30

Network users often set up rogue wirelessLANs to simplify their lives

Rarely implement security measures

Network is vulnerable to War Driving andsniffing and you may not even know it


21/30

Full network access or no network access

Need means of identifying and enforcingaccess policies


22/30

Can control access by allowing only definedMAC addresses to connect to the network

This address can be spoofed

Must compile, maintain, and distribute a list ofvalid MAC addresses to each access point

Not a valid solution for public applications


23/30

SSID is the network name for a wirelessnetwork.

WLAN products common defaults: 101for 3COM and tsunami for Cisco

The more people that know the SSID, thehigher the likelihood it will be misused.

Changing the SSID requires communicating

the change to all users of the network


24/30

Designed to be computationally efficient,self-synchronizing, and exportable

Vulnerable to attack

All users of a given access point share thesame encryption key

Data headers remain unencrypted soanyone can see the source and destination ofthe data stream


25/30

WEP uses the RC4 encryption algorithm,

which uses the same key to scramble anddescramble the packets .

Dedicated hackers could still compromisethe network, most likely due to weakencryption and the reuse of encryption keys..

If your key management system cyclesthrough the same set of keys in a predictablemanner, determined hackers can gather datafrom your LAN traffic and correlate it with

the keys to help decipher the encryption.


26/30

Find unsecured access points

Use personal firewall software

Physically Secure Laptops

Biometrics

Using Hardware Tokens


27/30

TCP Fingerprinting (Nmap):


28/30


29/30

Wireless LANs are very useful and convenient,but current security state not ideal for sensitiveenvironments.

Cahners In-Stat group has projected that thenumber of wireless LAN cards will grow upfrom 2.6 million in 2000 to 11.8 million in 2003 .

Growing use and popularity require increased

focus on security


30/30

wirelsslansecurity

Documents