• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Wireless security

Wireless security



Wi-Fi Security

Wi-Fi Security



Total Views
Views on SlideShare
Embed Views



1 Embed 1

https://www.linkedin.com 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Wireless security Wireless security Presentation Transcript

    • D3pak Kumar CEH, CHFI Info-Sec Consultant
    •  DO NOT USE WEP (WEP is trivially broken)  DO NOT USE A DICTIONARY BASED WORD FOR YOUR WPA/WPA2 PSK  DO USE WPA2 (BEST) or WPA (NEXT BEST) WITH A NON-DICTIONARY PSK  Note: Use AES encryption where you can, it's the strongest available.
    •  Hide your Wireless access point from casual WARDRIVERS  Proficient WARDRIVER to determine the SSID it makes him/her work that little bit harder
    •  Ensure you configure your MAC filters  Access only those devices with the MAC addresses you specify  CONS: MAC addresses can be spoofed fairly trivially in both Windows and Linux.
    •  Essential to keep you Access Points firmware up to date  Vulnerabilities are discovered daily and it could just happen that your Access Point is compromised through a newly discovered exploit
    •  Ensure all of you Access Points security features have been enabled  Many Access Points security settings default to non-enabled for functionality purposes
    •  Set strong non-dictionary based word to ensure no attackers are able to reconfigure settings.  Password Alphanumeric, special char : abc123#!@
    •  Management of the access point should be carried out via HTTPS (which is encrypted) in preference to HTTP (which passes traffic in clear text) to prevent your Access Point management username and password from being compromised
    •  Ensure that logging is enabled (it is too often disabled by default) on your Access Point and check those logs regularly  an indication of whether or not you have an unwelcome or anonymous visitor
    •  Prefer to statically configure settings on the client  Prefer to use a IP range that is not easily guessed (i.e. not 192.168.0.X or 192.168.1.X etc.)
    •  Going away for the weekend or on holiday, turn off that Access Point.  Disabling wireless client machines when not is use is equally important
    •  D H C P  Dynamic Host Configuration Protocol (in this instance) is used to issue wireless clients with their IP address, subnet mask, default gateway and DNS server settings (Basically all the configuration settings that clients require to access the Internet).  PRIVATE ADDRESS RANGE  Private IP addresses provide a basic form of security, it is not possible for the outside world (Internet) to establish a connection directly to a host using these addresses:  through  through  through
    •  PSK  PRE-SHARED KEY also known as a PASSWORD or PASSPHRASE  S S I D  A Service Set Identifier (SSID) is essentially a wireless network name that identifies a wireless network, it must be configured on all wireless devices what which to use the network.  W a r D r i v e r  An activity consisting of driving around with a laptop in one's vehicle, detecting Wireless networks. It is similar to using a scanner for radio. Software for Wardriving is freely available on the internet. Netstumbler, Kismet...