LESSON 12: WI FI NETWORKS SECURITY Raúl Siles raul@taddong.com Founder and Security Analyst at Taddong
Introduction to Wi Fi Network Security Wireless networks or Wi Fi networks IEEE 802.11 Standards Information transmission through radio frequency signals through the air Theoretical range: 100 m Real range: several km Depending on obstacles and their density, transmission power, receiver sensitivity and the use of high gain antennas 2
Classification of Wi Fi Network Attacks (I) Denial of Service attacks (DoS) Difficult to avoid because they affect the technology functionality High impact on critical environments Affect on availability Communication interception Access to unencrypted data Undetectable Affects confidentiality 3
Classification of Wi Fi Network Attacks (II) Traffic injection to the wireless network Modifying the network's behaviour without having actual access to it Affects integrity Access to the wireless network Unauthorized connection to the wireless network Complete access Affects integrity 4
Wi Fi Network Security Wi Fi access points and controllers Goals Communication encryption Protecting data confidentiality Authentication and access control Identifying who can connect to the network Default settings Open or without security mechanisms Weak security mechanisms (WEP) 5
Wi Fi Network Security Mechanisms (I) WEP (Wired Equivalent Privacy) Old and insecure authentication and encryption mechanism Incorrect use of RC4 in its design Password required False security An attacker can obtain the password in less than a minute Use not recommended 6
Wi Fi Network Security Mechanisms (II) WPA (Wireless Protected Access) Temporary authentication and encryption mechanism used during the migration from WEP to WPA2 in wireless networks Based initially on TKIP (Temporal Key Integrity Protocol) Evolution of WEP (RC4) with upgrades It can be used with AES Use not recommended 7
Wi Fi Network Security Mechanisms (III) WPA2 (Wireless Protected Access 2) Personal or PSK Authentication and encryption mechanism Encryption: AES (Advanced Encryption Standard) Authentication: PSK (Pre Shared Key) Password shared by the access point and the Wi Fi clients The password should be long enough (over 20 characters) and hard to guess Recommended for personal and small businesses' wireless networks 8
Wi Fi Network Security Mechanisms (IV) WPA2 (Wireless Protected Access 2) Enterprise Authentication and encryption mechanism Encryption: AES (Advanced Encryption Standard) Authentication: 802.1X/EAP Random passwords (RADIUS server) Many types of EAP protocols: user name and password, digital certificates, smart cards... Recommended for businesses or corporate wireless networks 9
Wi Fi Network Security Mechanisms (V) Wireless Intrusion Detection System (WIDS) Detection and reaction to attacks on the wireless network Additional mechanisms: Reducing the intensity and range of the signal MAC address filtering Hiding the name of the Wi Fi network Not recommended: causes client vulnerability 10
Wi Fi Client Security (I) Desktop computers, laptops, mobile phones, smartphones, tablets and any other portable device Attacks to the Operating System and the Wi Fi card drivers Happen by having the Wi Fi switched on Even when not connected to a wireless network Avoid by keeping both updated 11
Wi Fi Client Security (II) Preferred Network List (PNL) Wi Fi clients try to connect to these networks when they are available Evil twin attack The victim displays its preferred networks The attacker creates a bogus network with the name of one in the PNL The victim connects to the attacker's network 12
Wi Fi Client Security (III) When do Wi Fi clients display their PNL? They shouldn't display it when updated Some are vulnerable and display them If the Wi Fi network is hidden A hidden network will not show itself when the device checks for available networks in the current location The client has to ask specifically for the hidden network in order to connect to it In this process, its presence in the PNL is revealed 13
Wi Fi Client Security (IV) Public wireless networks or hotspots Open networks or with weak security mechanisms (WEP) Café, library, hotel, airport, etc. Wireless network shared with all the users Including a possible attacker, allowing attacks among users Traffic can be intercepted by anyone Even if encryption based on WPA2 AES is used, because the password is the same for all users 14
Security Tips for Wi Fi Networks and Wi Fi Networks Clients Shorten the range of the signal Don't set the Wi Fi network as hidden Use WPA2 AES Personal (PSK) or Enterprise (802.1x EAP) Wi Fi Clients Update the OS and the Wi Fi driver Switch off the Wi Fi when not in use Avoid connection to insecure wireless networks, like hotspots or those based on WEP Keep the Preferred Network List (PNL) updated 15
Contact: info@intypedia.com