2 Today s Topics Wireless Networking Economic drivers and Vulnerabilities IEEE Family WLAN Operational Modes Wired Equivalent Privacy (WEP) WPA and WPA2 Authentication Protocols WLAN Threats Wireless Hacking (Auditing) Tools Securing WLANs Bluetooth and Infrared Overview WiMax IEEE
3 Wireless Communications Transmission of information from one place to another without cables. Can utilize: Radio Microwave Infrared Other Common wireless examples include Cell phone network Wireless (802.11) networking In the future, will they merge into one pervasive network?
4 Convergence/Pervasive Networking
5 Wireless Growth Drivers 1. Convenience 2. Cost Dynamic Attributes Gilder's Law Total bandwidth of communication systems triples every twelve months. Metcalfe's Law Value of a network is proportional to the square of the number of nodes. As a network grows, the value of being connected to it grows exponentially, while the cost per user remains the same or reduces.
6 Wireless Vulnerabilities At home, your next door neighbor, with a UHF scanner, may listen to your cordless phone calls. At the coffee shop, the person next to you might sniff your wireless connection. (MiM Attack) Stealing your credit card numbers, passwords, Facebook credentials... Conclusion Open broadcast infrastructures such as Wireless LANs (WLANs) have vulnerabilities. 1. For the last decade or so, it has been illegal for a nongovernmental person to purchase a scanner with these capabilities Prior to that, these receivers were legal
7 Governmental Regulations In US, electromagnetic frequencies used for communications are treated as a public resource and FCC regulated. Governmental regulation means: Wireless systems in different countries may operate on different frequencies Allocated wireless frequencies in one country may not match allocated frequencies in another country.
8 Industrial, Scientific, and Medical Bands In US, WLANs operate in three radio spectrum areas, aka the ISM bands 1. Industrial 2. Scientific 3. Medical In general, communications equipment must accept any interference generated by ISM equipment b operation falls under the ISM mandate while a operation falls under the National Information Infrastructure (U-NII) mandate
9 Cellular Network Elements Cell Tower Base Station Controller (BSC) Mobile Switching Center (MSC) Visiton Location Register (VLR) Home location Register (HLR) Mobile Identity Number (MIN) Equipment Identity Register (EIR) Authentication Center (AuC) Operations and (OMC) Maintenance Center
10 Wireless Networking Spread Spectrum a de facto wireless LAN communication standard. Broadcasts signals over a range of frequencies. Originally military technology developed to provide secure, mission-critical communications. Provides some immunity to interference associated with narrowband systems.
11 Spread Spectrum RF Technologies ` Different spread spectrum modulation technologies utilized in different Wireless LANs: 1. Direct Sequence Spread Spectrum (DSSS) (802.11b) 2. Orthogonal Frequency Division Multiplexing (OFDM) a multi-carrier modulation scheme where data is split up among several closely spaced subcarriers. ( a,g,n) 3. MIMO--multiple-input multiple-output ( n)
12 IEEE Family Most popular Wireless LAN (WLAN) standards. 1997, IEEE accepts Specification. Specifies an over-the-air interface between: A mobile device wireless client and a base station or Between two mobile device wireless clients. Uses Industrial Scientific Medical (ISM) Bands MHz GHz GHz
13 Standard Family Protocol Release Frequen cy Throughput Modulation Indoor Range Outdoor Range GHz 2Mbps 20m 100m a GHz 54Mbps OFDM 35m 120m b GHz 11Mbps DFSS 38m 140m g GHz 54Mbps OFDM 38m 140m n * Est /5GH z 248Mbps MIMO 70m 250m *DRAFT STANDARD
14 Channels and Throughputs Channels Available Throughputs
15 IEEE Standard Specifies physical and data link (medium access control (MAC)) network layer attributes. Physical layer responsible for transmission of data among nodes. Can use direct sequence spread spectrum, frequency hopping spread spectrum or infrared pulse position remodulation. MAC Layer consists of a set of protocols responsible for maintaining order on the shared medium.
16 Service Sets A Basic Service Set (BSS) without an Access Point (AP) is called an ad hoc network A BSS with an AP is called an infrastructure network. When using multiple APs called an Extended Service Set (ESS)>
17 MAC Layer Services Data transfer CSMA/CA Carrier Sense Multiple Access/Collision Avoidance Contrast to wired CSMA/CD Association In Infrastructure mode, establishes wireless links between wireless clients and access points Re-association Takes place when a wireless client moves from one Basic Service Set (BSS) to another Authentication Proves a client s identity with Wired Equivalent Privacy (WEP) Shared key configured into the access point and each client.
18 WLAN Operational Modes Ad Hoc Mode Denotes a mesh wireless network with computers connected as peers. Infrastructure Mode Centered around a wireless access point (WAP). A WAP is a centralized wireless device that controls wireless traffic.
19 Original MAC Layer Services Privacy By default, data transfers in the clear. Optional WEP encryption originally RC-4 in output feedback mode Secret key shared between mobile and base stations Flawed implementation Using CRC-32 checksum another vulnerability No protection against replay attacks Aireplay to send fake authentication packets to the AP
20 Association Frames Before communicating data, mobile wireless clients and access points must establish a relationship, or an association. Three Possible States 1. Unauthenticated and unassociated 2. Authenticated and unassociated 3. Authenticated and associated
21 Service Set Identifier (SSID) and Basic Service Set Channel and service set identifier must be configured for a WLAN to function. SSID is an alphanumeric string that differentiates networks operating on the same channel and functions as a unique identifier. In infrastructure mode one access point (AP) together with all associated stations (STAs) is called a Basic Service Set (BSS). Each BSS is identified by an BSSID. In infrastructure mode, a basic BSS consists of at least one AP and one STA...
22 Wired Equivalent Privacy (WEP) Original mechanism for securing wireless LANs. Part of original standard. Utilized RC 4 stream cipher Symmetric scheme same key encrypts and decrypts. To encrypt, keystream X0Red with plaintext.
23 (Flawed) RC-4/WEP Encryption Process 24 bit IV
24 WEP Goals Access control Prevent users lacking WEP key from gaining network access Privacy (Confidentiality) Protect wireless LAN data streams by encrypting them Allowing decryption only by users with correct WEP keys
25 WEP Authentication Methods Client cannot participate in a wireless LAN until after client is authenticated. Two types 1. Open Open, the default authentication protocol, authenticates any request. 2. Shared Key Considered a null authentication
26 Shared Key Authentication Utilizes shared secret key to authenticate station to AP. Uses: Challenge and response Anyone without assigned key is denied access. Same shared key encrypts and decrypts Note, this vulnerability
27 WEP Key Management Shared key resides in each station s Management Information Database (mib). Two schemes 1. A set of four default keys are shared by all stations, including the wireless clients and their access points. 2. Each client establishes a key mapping relationship with another station
28 Popular WEP Cracks Passive attacks that decrypt traffic based on statistical analysis Active attacks that inject new traffic from unauthorized mobile stations Based on known plaintext (ARPs) Active attacks that decrypt traffic based on tricking the access point Dictionary-building attacks that, after an analysis of an appropriate volume of traffic, allow real-time automated decryption of all traffic.
29 WPA and WPA2 WPA instant response to WEP vulnerabilities WPA2 part of i standard Attempts to address WEP s vulnerabilities Consists of two encryption approaches: 1. TKIP/MIC 2. AES-CCMP
30 Supports RADIUS Provides remote centralized authentication, authorization, and accounting (AAA) services. Until the client is authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port to which the client is connected. After successful authentication, normal traffic can pass through the port. Also supports EAP, EAP-TLS, and LEAP.
31 EAP and LEAP Extensible Authentication Protocol (EAP) is an authentication framework that provides some common functions and negotiation of authentication methods (called EAP methods). LEAP is a proprietary EAP method that uses a modified version of MS-CHAP. Lightweight Extensible Authentication Protocol (LEAP) developed by Cisco Systems. Cracked early 2004, when Joshua Wright released ASLEAP.
32 Extensible Authentication Protocol
33 PEAP Designed to correct some EAP deficiencies, Protected Extensible Authentication Protocol (PEAP), a protocol that encapsulates EAP within a potentially encrypted and authenticated Transport Layer Security (TLS) tunnel. Jointly developed by Cisco Systems, Microsoft, and RSA Security. aka Protected EAP or PEAP
34 WLAN Threats Denial of Service Attacks Many potential vectors. For example, Microwave ovens operate in the 2.4 GHz range SSID Problems Default The Broadcast Bubble Extends past your building War Driving Rogue Access Points MAC Spoofing defeats MAC filtering
35 Wireless Auditing Tools Kismet Layer 2 wireless network detector, sniffer, and intrusion detection system. Sniffs a, b, and g traffic NetStumbler Functions as a high level WLAN scanner. WEPCrack Open source tool for breaking WEP secret Keys.
36 Wireless Auditing Tools AirCrack WLAN and WEP auditing tool. Fast tool can crack encryption. Tools such as Kismet, NetStumbler, and NetSurveyer can also be used to identify rogue access points.
37 Securing WLANs Includes strategies for MAC address filtering, firewalls or a combination of protocol based or standards based measures. Standards and Policy Based Solutions Address ownership and control of wireless MAC Address Filtering Time consuming, limited effectiveness.
38 Securing WLANs SSID Solutions If the SSID is set to manufacturers default settings, it often means that the other measures are also at default. SSID should not reflect company s name, division, or products. Antenna Placement Should be incorporated into site survey and site updates
39 Other Measures VLANS VPNs Wireless RADIUS Dynamic WEP Keys
40 Want Security? Don t use WEP Enable WPA2 For enterprises, employ a AAA server Employ regular scans to find rogue access points. Consider network based Intrusion detection on the wireless LAN Employ secure logging
41 TKIP Temporal Key Integrity Protocol (TKIP) was designed by the IEEE i task group and the Wi-Fi Alliance as a solution to replace WEP without requiring the replacement of legacy hardware.
42 CCMP Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) was created to replace TKIP and WEP. Uses Advanced Encryption Standard (AES) algorithm with a 128-bit key and a 128-bit block.
43 Bluetooth A simple peer to peer protocol that connects multiple consumer mobile information devices with different functions (cell phones, laptops, printers, cameras, ) Whenever any Bluetooth enabled devices come within range, they instantly transfer address information and establish small ad hoc networks between each other.
44 Bluetooth and Infrared Attributes Bluetooth Class 1,2, or 3 creates Personal Area Networks (PANs) Range from 1 to 100 meters Power from 1 to 100 mw Infrared Networking Line of sight Range up to 1 meter Throughput up to 4 Mbps
45 WiMAX IEEE Worldwide Interoperability for Microwave Access Physical and DataLink Standard Long (relatively) range system that uses licensed or unlicensed spectrul to deliver network connectivity Complements
Wireless technology Principles of Security 1 Wireless technologies 2 Overview This module provides an introduction to the rapidly evolving technology of wireless LANs (WLANs). WLANs redefine the way the
TDC 363 Introductions to LANs Lecture 7 Wireless LAN 1 Outline WLAN Markets and Business Cases WLAN Standards WLAN Physical Layer WLAN MAC Layer WLAN Security WLAN Design and Deployment 2 The Mobile Environment
Wireless Attacks and Countermeasures Wireless Network Technology Wireless network refers to any type of computer network which is wireless, and is commonly associated with a network whose interconnections
Wireless Networks Authors: Marius Popovici Daniel Crişan Zagham Abbas Technical University of Cluj-Napoca Group 3250 Cluj-Napoca, 24 Nov. 2003 Presentation Outline Wireless Technology overview The IEEE
How to Set Up a Secure Home Wireless Network What you don t know about setting up a home wireless network can hurt you. 2008 APCUG Convention Session Tom Jones, P.E., RCDD-NTS CQS-CWLSS AGENDA Some Terms
Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/
Wireless Technologies Networking for Home and Small Businesses Chapter 7 Manju. V. Sankar 1 Objectives Describe wireless technologies. Describe the various components and structure of a WLAN Describe wireless
Wi-Fi 1 1. INTRODUCTION Wi-Fi, or Wireless Fidelity, is freedom: it allows you to connect to the Internet from your home, a bed in a hotel room or at a conference room at work without wires. How? Wi-Fi
Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g
Chapter 7 Basic Wireless Concepts and Configuration Part I CCNA3-1 Chapter 7-1 Note for Instructors These presentations are the result of a collaboration among the instructors at St. Clair College in Windsor,
Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed  2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group
Wireless Network Security Why wireless? Wifi, which is short for wireless fi something, allows your computer to connect to the Internet using magic. -Motel 6 commercial 2 but it comes at a price Wireless
Wireless Networking Chapter 23 Overview In this chapter, you will learn how to Discuss wireless networking components Analyze and explain wireless networking standards Install and configure wireless networks
Advanced Security and Mobile Networks W.Buchanan (1) 9. GSM/3G Unit 7: Mobile Networks. Wireless. Security. Mobile IP. Mobile Agents. Spread spectrum. Military/Emergency Networks 8. Ad-hoc 7. Mobile Networks
Volume: 119 Questions Question No: 1 John Smith uses a coffee shop's Internet hot-spot (no authentication or encryption) to transfer funds between his checking and savings accounts at his bank's website.
1 The Wi-Fi Boom Dr. Malik Audeh Tropos Networks March 13, 2004 Outline 2 Wi-Fi has gone mainstream Background of Wi-Fi/802.11 Technical Details of Wi-Fi Physical Layer(s) MAC Layer Security Wi-Fi in different
U S E R M A N U A L 802.11b/g PC CARD Table of Content CHAPTER 1 INTRODUCTION... 1 1.1 WIRELESS LAN FEATURE FUNCTIONS... 1 1.2 REGULATORY NOTICE... 1 1.2.1 FCC Class B Statement...1 1.2.2 Canadian Regulatory
Wireless Networking 802.11 based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers topics History Standards Technical Concepts Implementation Troubleshooting 1 HISTORY AND STANDARDS History
Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical
FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most
Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE COURSE TITLE WIRELESS TECHNOLOGY SPECIALIST COURSE DURATION 13 Hours of Interactive Training COURSE OVERVIEW This course will teach you
Page 1 of 7 How Insecure is Wireless LAN? Abstract Wireless LAN has gained popularity in the last few years due to its enormous benefits such as scalability, mobile access of the network, and reduced cost
CHAPTER 9 DEVELOPING NETWORK SECURITY STRATEGIES Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy Network Security Design
10 CHAPTER This chapter describes how to configure the cipher suites required to use WPA authenticated key management, Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP), and broadcast
A Configuration Protocol for Embedded Devices on Secure Wireless Networks Larry Sanders email@example.com 6 May 2003 Introduction Wi-Fi Alliance Formally Wireless Ethernet Compatibility Alliance (WECA)
802.11 Technical Introduction Tomas Krag firstname.lastname@example.org Unlicensed Spectrum There was a need for spectrum with fewer regulations The ISM band at 2.4 Ghz & 5.2 GHz The UNII band at 5.8 GHz No need for a
HW Institute of Electrical and Electronics Engineers (IEEE) IEEE 802.11 standards WLAN Standard (IEEE 802.11) The IEEE 802.11 is a family of standards that governs the operations and functions of WLANs.
[ 2 ] Chapter 1 Describing Regulatory Compliance Failure to secure a WLAN makes it vulnerable to attack. To properly secure your network, you must be able to identify common threats to wireless and know
Attack & Defense in Wireless Networks John M. Shea April 22, 2008 Overview Wireless networks fundamentals vulnerabilities WING testbed Demonstration of Denial-of-Service Attack and Defense Classification:
Public Wireless LAN Service email@example.com Radio Wave Wave Frequency Amplitude Wave Length Radio Wave Band Frequency Wavelength VLF 3-30 khz > 10 km LF 30-300 khz 1-10 km MF 300-3,000 khz 100-1000
In-Building Wireless Networks Mitchell Shnier Lance Communications Toronto Users Group March 19, 2003 Wireless Local Area Networks Overview motivation and perspective Background history and standards Management
Product Brief: SDC-PE15N 802.11n PCIe Module with Antenna Connectors The SDC-PE15N PCI Express Mini Card (PCIe) radio module from Summit Data Communications combines a high-performance, dual-band 802.11n
Authentication and Security: IEEE 802.1x and protocols EAP based Pietro Nicoletti Piero[at]studioreti.it 802-1-X-EAP-Eng - 1 P. Nicoletti: see note pag. 2 Copyright note These slides are protected by copyright
The 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013 Florin OGÎGĂU-NEAMŢIU National Defense University of Romania "Carol I"/ The Regional
2013 Summer Camp: Wireless LAN Security Exercises 2013 JMU Cyber Defense Boot Camp Questions Have you used a wireless local area network before? At home? At work? Have you configured a wireless AP before?
Naveen Kumar 1 Contents 2 Introduction Need of Purpose History How a Wi-Fi Network Works Topologies & Configurations Applications Wi-Fi Security Advantages & Limitations Innovations Introduction 3 Wireless
CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS Wireless networks are everywhere, from the home to corporate data centres. They make our lives easier by avoiding bulky cables and related problems. But with these
LAN Technologies 802.11 Wireless LAN Network connectivity to the legacy wired LAN Access Point Desktop with PCI 802.11 LAN card Laptop with PCMCIA 802.11 LAN card Provides network connectivity over wireless
Course Summary Description Implementing Cisco Unified Wireless Networking Essentials (IUWNE) v2.0 is a five-day instructor-led course that is designed to help students prepare for the CCNA _ wireless certification,
Vendor: HP Exam Code: HP2-Z32 Exam Name: Implementing HP MSM Wireless Networks Version: Demo QUESTION 1 A network administrator deploys several HP MSM APs and an HP MSM Controller. The APs discover the
The WLAN Roadmap Wireless Local Area Networking (WLAN) is a simple concept, but one that entails a wide, sometimes confusing, variety of standards, implementations, and future plans for development. This
Rev: 1.0.0 COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of PROWARE TECHNOLOGIES CO., LTD. Other brands and product names are trademarks or registered
Five components of WLAN Security 1. Data Privacy 1. Privacy is important because transmission occurs over the air in freely licensed bands. The Data can be sniffed by anyone within range. 2. Eavesdropping
Wireless LANs The 802.11 Protocol Stack The 802.11 Physical Layer The 802.11 MAC Sublayer Protocol The 802.11 Frame Structure Services 56 802.11 The 802.11 Working Group The IEEE 802.11 was formed in July
Wireless LAN USB Super G 108 Mbit Manual Dear Customer, Thanks for choosing Hamlet. Please carefully follow the instructions for its use and maintenance and, once this item has run its life span, we kindly
Metro Part 1 Wi-Fi Friend or Foe? The number of municipalities getting into the Wi-Fi game has more than tripled in the past two years. Worried yet? Part 1 in a two-part series. By Christopher Skarica,
802.11g PC Card/USB Wireless Adapter User Guide Regulatory Approvals FCC Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of
Wireless MAXg Technology MAXimizing range, performance, security and simplicity for 802.11g networks Technology Note Wireless technology has undoubtedly become a ubiquitous presence in our computing environment,
Model No. ib-wua300nm Ver.: 1.0.0 FCC STATEMENT This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to part 15 of the FCC Rules. These limits are designed
Q&A PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL This document answers questions about Protected Extensible Authentication Protocol. OVERVIEW Q. What is Protected Extensible Authentication Protocol? A.
Interworking 2006 Evaluation of current security mechanisms and lacks in wireless and Bluetooth networks Interworking Conference, 15th - 17th of January 2007 Dr-Ing Kai-Oliver Detken Business URL: http://wwwdecoitde
Introduction Wireless Networking The IEEE 802.11 Wireless LAN Standard Wireless Networking Bluetooth, WiMAX, RFID, and Mobile Communications Wireless LAN Security DRAFT Introduction So far, we have been
Exam : PW0-200 Title : Certified wireless security professional(cwsp) Version : DEMO 1. Given: John Smith often telecommutes from a coffee shop near his home. The coffee shop has an 802.11g access point
IT220 Network Standards & Protocols Unit 6: Chapter 6 Wireless LANs 2 Objectives Identify the major needs and stakeholders for computer networks and network applications. Identify the classifications of
s@lm@n CWNA Exam PW0-100 certified wireless network administrator(cwna) Version: 5.0 [ Total Questions: 120 ] Topic 1, A A Question No : 1 - (Topic 1) What criteria can an 802.11 wireless client use to
Certified Wireless Network Administrator (CWNA) Course Overview This course provides students with the knowledge and skills to successfully survey, install, and administer enterprise Wi-Fi networks. Course
Last Lecture: Data Link Layer 1. Design goals and issues 2. (More on) Error Control and Detection 3. Multiple Access Control (MAC) 4. Ethernet, LAN Addresses and ARP 5. Hubs, Bridges, Switches 6. Wireless
A Division of Cisco Systems, Inc. 5 GHz 802.11a + GHz 2.4 802.11g WIRELESS Dual-Band Wireless A+G Notebook Adapter User Guide Model No. WPC55AG Copyright and Trademarks Specifications are subject to change
Product Brief: SDC-MSD0AG 802.11a/g Miniature SDIO Module with Antenna Connectors The SDC-MSD0AG SDIO radio module from Summit Data Communications combines a high-performance 802.11a/g radio with the Summit
TL-WN353GD 54M Wireless PCI Adapter Rev: 1.0.1 1910010046 COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other brands
Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: firstname.lastname@example.org Content
CSC344 Wireless and Mobile Computing Department of Computer Science COMSATS Institute of Information Technology Wireless Local Area Networks (WLANs) Part II WiFi vs 802.11 IEEE 802.11 Features Hidden Node
Chapter 3.1 Acknowledgment: This material is based on the slides formatted by Dr Sunilkumar S. manvi and Dr Mahabaleshwar S. Kakkasageri, the authors of the textbook: Wireless and Mobile Networks, concepts
802.11 Wireless Networks Presentation for North Central Regional Meeting October 19, 2010 Tom Jones, PE, RCDD / NTS Field Sales Engineer, D-Link Agenda Brief History of Wireless Networks 802.11b, 802.11g
Department of Computer Science Institute for System Architecture, Chair for Computer Networks Wireless Local Area Networks (WLAN) Mobile Communication and Mobile Computing Prof. Dr. Alexander Schill http://www.rn.inf.tu-dresden.de