What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne

Similar documents
Wireless Networks. Lecture 4: Wireless Networking Devices. Assistant Teacher Samraa Adnan Al-Asadi 1

Wireless Attacks and Countermeasures

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Wireless technology Principles of Security

Wireless Router at Home

Wireless Network Security

Wireless Terms. Uses a Chipping Sequence to Provide Reliable Higher Speed Data Communications Than FHSS

Table of Contents. Chapter 1Introduction Package Contents Features Specifications Physical Description...

802.11g PC Card/USB Wireless Adapter

PRODUCT GUIDE Wireless Intrusion Prevention Systems

How Insecure is Wireless LAN?

Chapter 10: Wireless LAN & VLANs

Wireless LAN Access Point

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology

Wireless LAN Security (RM12/2002)

Karthik Pinnamaneni COEN 150 Wireless Network Security Dr. Joan Holliday 5/21/03

Wireless# Guide to Wireless Communications. Objectives

ITRAINONLINE MMTK WIN98 WIRELESS CLIENT INSTALLATION

Family Structural Overview

Wireless LAN Access Point

802.11ac 3x3 Dual Band High-Powered Wireless Access Point/Client Bridge

LevelOne User Manual WNC-0600USB N_One Wireless USB Adapter

NWD2705. User s Guide. Quick Start Guide. Dual-Band Wireless N450 USB Adapter. Version 1.00 Edition 1, 09/2012

Appendix E Wireless Networking Basics

Wireless g AP. User s Manual

LESSON 12: WI FI NETWORKS SECURITY

802.11N Wireless Broadband Router

Chapter 1 Introduction

2013 Summer Camp: Wireless LAN Security Exercises JMU Cyber Defense Boot Camp

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Wireless Bridge User Manual. Version 1.0

Digital Entertainment. Networking Made Easy

Wireless Technologies

Wireless Networking. Chapter The McGraw-Hill Companies, Inc. All rights reserved

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

EAP Wireless Access Point. 2.4 GHz b/g 54 Mbps

Wireless networking with three times the speed and five times the flexibility.

Guide to Wireless Communications, Third Edition. Objectives

Configuring Cipher Suites and WEP

LevelOne WBR User s Manual. 11g Wireless ADSL VPN Router. Ver

Chapter 5 Local Area Networks. Computer Concepts 2013

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Wireless Access Point

Wireless LAN Access Point

CE MARK WARNING LIMITED WARRANTY

Configuring WEP and WEP Features

Add a Wireless Network to an Existing Wired Network using a Wireless Access Point (WAP)

Secure Mobility Challenges. Fat APs, Decentralized Risk. Physical Access. Business Requirements

Wireless Networking Basics. Ed Crowley

Wireless LAN Connection Guide

Wednesday, May 16, 2018

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. Access Point WIRELESS WAP54G (EU/LA/UK) Model No.

Configuring Wireless Security Settings on the RV130W

WL-5420AP. User s Guide

CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

Wireless High power Multi-function AP

Wireless-G USB Dongle. User Manual. Ver 1.00

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

WLAN Security. Dr. Siwaruk Siwamogsatham. ThaiCERT, NECTEC

CSCD 433/533 Advanced Networking

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Wireless N USB Adapter. User Guide

U S E R M A N U A L b/g PC CARD

D-Link AirPlus G DWL-G700AP

Chapter 24 Wireless Network Security

Chapter 7. Basic Wireless Concepts and Configuration. Part I

Naveen Kumar. 1 Wi-Fi Technology

SAGEM Wi-Fi 11g USB ADAPTER Quick Start Guide

What is Eavedropping?

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

WPA SECURITY (Wi-Fi Protected Access) Presentation. Douglas Cheathem (csc Spring 2007)

Wireless 300N Access Point 300 Mbps, MIMO, Bridge, Repeater, Multiple SSIDs and VLANs Part No.:

Thursday, May 29,

Outdoor High Power b/g/n Wireless USB Adapter USER MANUAL 4.0

Chapter 3 Wireless Configuration

EnGenius Quick Start Guide

PracticeTorrent. Latest study torrent with verified answers will facilitate your actual test

Wireless SOHO Router/Bridge 2.4 GHz b/g 54 Mbps

PRODUCT DESCRIPTION. Learn more about EnGenius Solutions at

Today s challenge on Wireless Networking. David Leung, CISM Solution Consultant, Security Datacraft China/Hong Kong Ltd.

Wireless Network Security

WIRELESS EVIL TWIN ATTACK

Package Content IEEE g Wireless LAN USB Adapter... x 1 Product CD-ROM.x 1

ECB3500 Wireless Long Range Multi-function 7+1 AP 2.4GHz Super G 108Mbps EIRP up to 2000mW

Learn How to Configure EnGenius Wi-Fi Products for Popular Applications

Information Technology Policy Board Members. SUBJECT: Update to County WAN/LAN Wireless Standards

Wireless PCI PCMCIA Super G 108 Mbit. Manual

300Mbps Wireless Gigabit PoE Access Point

Interworking Evaluation of current security mechanisms and lacks in wireless and Bluetooth networks ...

2.4GHz / 5GHz 54Mbps a/b/g Flexible Application

Wireless LAN USB Super G 108 Mbit. Manual

The 8 th International Scientific Conference DEFENSE RESOURCES MANAGEMENT IN THE 21st CENTURY Braşov, November 14 th 2013

11N Wall Mount Access Point / WDS AP / Universal Repeater. Features. Fully compatible with IEEE b/g/n devices

EOC1650. Wireless Access Point / Client Bridge / Client Router PRODUCT DESCRIPTION. 2.4GHz 54Mbps b/g Superior Performance

CHAPTER 7 ADVANCED ADMINISTRATION PC

Wireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design

Ruckus ZoneDirector 3450 WLAN Controller (up to 500 ZoneFlex Access Points)

Wi-Net Window and Rogue Access Points

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

Transcription:

Introduction to Wireless Networking and Security Chino Information Technology Center Steve Siedschlag, Associate Professor

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in New York, and it meows in Los Angeles. The wireless is the same way, only without the cat. - Attributed to Albert Einstein Chino Information Technology Center 2

What is a Wireless LAN? (really) It is a LAN Extension of Wired LAN Uses High Frequency Radio Waves (RF) Speed : 2Mbps to 54Mbps Distance 100 feet to 15 miles (with fancy antennas) Chino Information Technology Center 3

How WLANs Operate Although a variety of radio frequency WLANs exist, different products share similarities and operate similarly Only two components are required ed for a wireless network Wireless network interface (NIC) cards Access points (AP) Chino Information Technology Center 4

Wireless Network Interface Card NICs connect a computer to the network so it can send and receive data On wired network, NIC has a port for a cable connector On wireless network, the NIC has an antenna to send and receive RF signals Chino Information Technology Center 5

Desktop PC Wireless NIC Chino Information Technology Center 6

Notebook Wireless NIC PCMCIA wireless NICs are available for notebook PCs Some vendors integrate components of wireless NIC onto single chip on motherboard Chino Information Technology Center 7

Software for Wireless NICs Software may be part of operating system itself Windows XP has software integrated while previous versions of Windows do not Software may be separate program loaded into the computer All operating systems before Windows XP, require loading software Chino Information Technology Center 8

Access Point An access point (AP) has three main parts An antenna and a radio transmitter/receiver An RJ-45 wired network interface to connect to a wired network Special bridging software Chino Information Technology Center 9

Access Point Chino Information Technology Center 10

Functions of an Access Point Access point has two basic functions Acts as base station for wireless network Acts as bridge between wireless and wired network Chino Information Technology Center 11

Access Point Characteristics Max range approximately 375 feet (115 meters) Expect a LOT less when there are obstructions Supports as many as 100 users s One access point for each 50 users with light email and basic Internet access One access point per 20 users for heavy network access and large file transfer APs typically mounted on ceiling, but AC power may be a problem Chino Information Technology Center 12

Features of Access Points Coverage area should overlap when using multiple l access points Clients find the AP that provides the best service A seamless handoff occurs when client associates with new AP Chino Information Technology Center 13

WLAN Alphabet Soup 802.11 IEEE family of specifications for WLANs 2.4GHz 2Mbps 802.11a 5GHz, 54Mbps 802.11b Often called Wi-Fi, 2.4GHz, 11Mbps 802.11g 2.4GHz, 54Mbps 802.11i Newly adopted encryption standard parts of 802.11i are already available (WPA, TKIP, AES) on some new hardware/software Chino Information Technology Center 14

Chino Information Technology Center 15

Wireless Topologies There are multiple modes of operation for wireless devices Chino Information Technology Center 16

WLAN Terms & Basic Concept Ad Hoc Mode Wireless client-to-client communication Chino Information Technology Center 17

WLAN Terms & Basic Concept Infrastructure Mode All clients connect via an Access Point AP Chino Information Technology Center 18

WLAN Terms & Basic Concept SSID or BSSID Basic Service Set Identifier beacon BSS BSSID or SSID (Basic Service Set Identifier) An AP forms an association with one or more wireless clients that is referred to as a Basic Service Set beacon beacon Chino Information Technology Center 19

WLAN Terms & Basic Concept ESSID Extended Service Set Identifier ESS To increase the range and coverage of a wireless network, overlapping APs are installed. This is referred to as an Extended Service Set ESSID (Extended Service Set Identifier) Chino Information Technology Center 20

WLAN Terms & Basic Concept WEP Optional method to encrypt (scramble) transmissions Offers some level of protection for wireless networks NOT enabled by default Chino Information Technology Center 21

WLAN Terms & Basic Concept There are 11 channels used by 802.11b & 802.11g Most APs default to channel 6 802.11a 1 uses 2 3 different 4 5 (higher 6 7 frequency) 8 9 10 11 channels Channel 4 Channel 5 Channel 9 Channel 10 Channel 3 Channel 8 Channel 2 Channel 7 Channel 1 Channel 6 Channel 11 2.400 2.412 2.437 Chino Information Technology Center 22 Frequency (GHz) 2.462 2.474

WLAN Risk Unauthorized Clients In range Malicious client Detector Chino Information Technology Center 23

WLAN Risk Unauthorized or Renegade Access Points Interception and unauthorized monitoring of wireless traffic Client-to-Client Attacks Jamming (DoS) Client-to-client attack Jamming malicious Chino Information Technology Center 24

WLAN Risk - Fake Access Point Access Point Clone (Evil Twin) Traffic Interception AP1 AP1* Chino Information Technology Center 25

WLAN Risk Brute force attacks against access point passwords WEP weakness Misconfiguration Chino Information Technology Center 26

WLAN Risk (continued) WEP weakness WEP security flaws documented in a 2001 UC Berkley study Weak encryption (never intended for repeated use) Short keys (64bits 24bit Init Vector = 40 bits) Static Keys No distribution method (shared key) Chino Information Technology Center 27

WLAN Risk (continued) Mis-configurations Default SSID SSID broadcasting is on by default Default Password SNMP Community (RO & RW) Newer hardware/firmware turns this off by default Default security settings (none) Chino Information Technology Center 28

WLAN Risk Unauthorized installation Rogue APs can open a back door to the network. Who is allowed to install? Where are they be installed? Chino Information Technology Center 29

WLAN Risk Network Stumbler Chino Information Technology Center 30

WLAN Risk Wardriving Network Stumbler Chino Information Technology Center 31

WLAN Risk Low cost product prevalent limited features, insecure Well-intentioned user may compromise network security Accidental detection Windows xp automatically discovers access points Chino Information Technology Center 32

Wireless LAN Protection Strategies Chino Information Technology Center Steve Siedschlag, Associate Professor

Recommendations Wireless LAN related Configuration Enable WEP, use 128bit key Disable SSID Broadcasts No SNMP access Use MAC (hardware) address to restrict access Non-default Access Point password Change default Access Point Name Use 802.1x / WPA / 802.11i (when available) Chino Information Technology Center 34

Wireless LAN related Configuration Enable WEP, use 128bit key Chino Information Technology Center 35

Wireless LAN related Configuration Enable WEP, use 128bit key Chino Information Technology Center 36

Wireless LAN related Configuration Enable WEP, use 128bit key Chino Information Technology Center 37

Wireless LAN related Configuration Disable SSID Broadcast Chino Information Technology Center 38

Wireless LAN related Configuration No SNMP access Chino Information Technology Center 39

Wireless LAN related Configuration Use 802.1x / WPA / 802.11i (when available) Chino Information Technology Center 40

General Recommendations Always (wired or wireless) Install virus protection software plus automatic frequent pattern file update Shared folders must impose password Management Issue Prohibit installation of AP s without authorization Discover any new APs constantly (NetStumbler is free, Antenna is cheap) Power off Access Point when not in use Carefully select the physical location of your AP, not near windows or front doors. Chino Information Technology Center 41

Thank You! Computer Network Security Resources at the Robert Pile Chino Information Technology Center CIS-420 PC Security & Privacy CISNTWK-440 Fund. Of Network Security (Security+) CISNTWK-441 Firewalls & Intrusion Detection CISNTWK-442 Disaster Recovery Planning CISNTWK-445 Windows Security Administration CISNTWK-447 Linux Security Administration Steve Siedschlag Associate Professor steve.siedschlag@chaffey.edu Chino Information Technology Center 42

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback