Your SlideShare is downloading. ×
0
802.11 Wireless Networks

      THREATS & MITIGATION




             Raviraj Doshi
              MIEL- Labs




         ...
Agenda:


802.11 primer

802.11 security mechanisms & flaws

Wi-Fi device driver flaws

Wi-Fi hotspot threats


          ...
What is 802.11?

802.11 is a family of standards set forth by the IEEE
that define the specifications for Wireless Local A...
802.11 standards


802.11a
 Data rate: up to 54Mbps
 Frequency: 5Gz
802.11b
 Data rate: up to 11Mbps
 Frequency: 2.4Gz
802...
802.11 hardware consists of:


Wireless Client Adapters
 PCI Adapter                        •   PCMCIA Adapter




       ...
How 802.11 works

802.11Designed to integrate easily with existing
wired networks

802.11 uses CSMA/CA to access the mediu...
802.11 modes of communication

Infrastructure
 All client adapters associate with the Access point.
 Each client adapter o...
Nature of the medium

Unlike on wired networks, all communications are
essentially broadcasts

This makes passive sniffing...
802.11 inbuilt security

Wired Equivalent Privacy (WEP)
 Uses RC4 Stream cipher for encryption


WiFi Protected Access (WP...
Wired Equivalent Privacy


WEP implementation has many flaws

WEP encryption is easily broken

Client side attacks on WEP ...
Wi-Fi Protected Access

WPA or TKIP is more secure than WEP

WPA-PSK is the easiest to implement

WPA-PSK is susceptible t...
Wi-Fi device driver security

Wi-Fi device drivers may be vulnerable to remote
exploits and DOS

May allow remote code exe...
Wi-Fi Hotspots

Hotspots offer unencrypted connectivity

MITM & sniffing is very easily implemented

Tools like SSL strip ...
Thank you
Upcoming SlideShare
Loading in...5
×

Raviraj Doshi - 802.11 Wireless Networks: Threats and Mitigation - Interop Mumbai 2009

817

Published on

Wireless is the order of the day. From the measly speed of 1 Mbps we are now using speeds up to 100 Mbps on W-LANS and W-WANS. The nature of wireless transmission exposes it to major threats of passive as well as active attacks. After explaining the theoretical aspects of wireless communication, the session will describe some major hacks against wireless networks by showing step-by-step screen videos and trace the vulnerabilities exploited by the hackers. The session will conclude by describing practical approaches for risk mitigation against wireless threats.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
817
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
53
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Raviraj Doshi - 802.11 Wireless Networks: Threats and Mitigation - Interop Mumbai 2009"

  1. 1. 802.11 Wireless Networks THREATS & MITIGATION Raviraj Doshi MIEL- Labs MIEL e-Security Pvt. Ltd.
  2. 2. Agenda: 802.11 primer 802.11 security mechanisms & flaws Wi-Fi device driver flaws Wi-Fi hotspot threats MIEL e-Security Pvt. Ltd.
  3. 3. What is 802.11? 802.11 is a family of standards set forth by the IEEE that define the specifications for Wireless Local Area Networks 802.11 was established in 1997 802.11 covers following OSI layers: The Datalink Layer The Physical Layer MIEL e-Security Pvt. Ltd.
  4. 4. 802.11 standards 802.11a Data rate: up to 54Mbps Frequency: 5Gz 802.11b Data rate: up to 11Mbps Frequency: 2.4Gz 802.11g Data rate: up to 54Mbps Frequency: 2.4Gz 802.11n Data rate: up to 600Mbps Frequency: 2.4 / 5Gz MIEL e-Security Pvt. Ltd.
  5. 5. 802.11 hardware consists of: Wireless Client Adapters PCI Adapter • PCMCIA Adapter • USB Adapter Access Point MIEL e-Security Pvt. Ltd.
  6. 6. How 802.11 works 802.11Designed to integrate easily with existing wired networks 802.11 uses CSMA/CA to access the medium Each device has a unique 48bit MAC address just like 802.3 Ethernet MIEL e-Security Pvt. Ltd.
  7. 7. 802.11 modes of communication Infrastructure All client adapters associate with the Access point. Each client adapter only communicates with the Access Point Ad-Hoc Wireless client adapters communicate with each other directly MIEL e-Security Pvt. Ltd.
  8. 8. Nature of the medium Unlike on wired networks, all communications are essentially broadcasts This makes passive sniffing and MITM easier Therefore encryption of data is key to secure communication MIEL e-Security Pvt. Ltd.
  9. 9. 802.11 inbuilt security Wired Equivalent Privacy (WEP) Uses RC4 Stream cipher for encryption WiFi Protected Access (WPA or TKIP) Uses RC4 Stream cipher for encryption WPA2 Uses AES Block cipher for encryption MIEL e-Security Pvt. Ltd.
  10. 10. Wired Equivalent Privacy WEP implementation has many flaws WEP encryption is easily broken Client side attacks on WEP make it even easier MIEL e-Security Pvt. Ltd.
  11. 11. Wi-Fi Protected Access WPA or TKIP is more secure than WEP WPA-PSK is the easiest to implement WPA-PSK is susceptible to an offline brute-force attack WPA2 uses AES and is so far considered secure MIEL e-Security Pvt. Ltd.
  12. 12. Wi-Fi device driver security Wi-Fi device drivers may be vulnerable to remote exploits and DOS May allow remote code execution at kernel mode One must always use the latest versions of hardware drivers. MIEL e-Security Pvt. Ltd.
  13. 13. Wi-Fi Hotspots Hotspots offer unencrypted connectivity MITM & sniffing is very easily implemented Tools like SSL strip can nullify HTTPS protection Use of VPN or higher layer encryption is recommended MIEL e-Security Pvt. Ltd.
  14. 14. Thank you
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×