E gov security_tut_session_10_lab

581 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
581
On SlideShare
0
From Embeds
0
Number of Embeds
48
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

E gov security_tut_session_10_lab

  1. 1. ‫أكاديمية الحكومة اإللكترونية الفلسطينية‬The Palestinian eGovernment Academy www.egovacademy.psSecurity Tutorial Session 10 LAB PalGov © 2011 1
  2. 2. AboutThis tutorial is part of the PalGov project, funded by the TEMPUS IV program of theCommission of the European Communities, grant agreement 511159-TEMPUS-1-2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.psProject Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, PalestineCoordinator:Dr. Mustafa JarrarBirzeit University, P.O.Box 14- Birzeit, PalestineTelfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
  3. 3. © Copyright NotesEveryone is encouraged to use this material, or part of it, but should properlycite the project (logo and website), and the author of that part.No part of this tutorial may be reproduced or modified in any form or by anymeans, without prior written permission from the project, who have the fullcopyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SAThis license lets others remix, tweak, and build upon your work non-commercially, as long as they credit you and license their new creationsunder the identical terms. PalGov © 2011 3
  4. 4. Tutorial 5: Information SecuritySession 10: WIRELESS LABSession 8 Outline: •WEP •WPA-Personal •WPA-Enterprise PalGov © 2011 4
  5. 5. Tutorial 5: Session 10: WirelessThis session will contribute to the followingILOs:• C: Professional and Practical Skills: PalGov © 2011 5
  6. 6. Personal WLAN Security• MAC Address Filtering• WEP• WPA/WPA2 Personal (WPA-PSK) PalGov © 2011 6
  7. 7. Enterprise WLAN Security• Wireless VLANs• WPA/WPA2 Enterprise (WPA-802.1X)
  8. 8. WPA2 Enterprise• WPA2 Enterprise requires an 802.1x authentication server or RADIUS server.• We will use Ubuntu 11.10 in setting up FreeRADIUS server, currently at version 2.1.• To setup this lab, we need: – Wireless AP supporting WPA2 Enterprise authentication. – RADIUS server for 802.1x authentication. – Wireless device for testing such as Laptop.
  9. 9. Installing FreeRADIUS• To install FreeRADIUS from the command-line run the following command:• sudo apt-get install freeradius• Once the installation is complete the next step is to verify the authentication server is running.• Before doing that edit the file /etc/freeradius/users and add the following line:• testuser Cleartext-Password := “testpassword”• To test the FreeRADIUS server by querying it directly with requests:• radtest testuser testpassword 127.0.0.1 1812 testing123• You should see Access-Accept. If it is Access-Reject then there is a problem. To check the log start FreeRADIUS in debug mode.
  10. 10. Configuring FreeRADIUS• To configure FreeRADIUS for 802.1x authentication, you will need to configure EAP setting. Edit the file /etc/freeradius/eap.conf and modify the following line:• default_eap_type = peap• Configure FreeRADIUS to accept the AP as a client. Edit the file /etc/freeradius/clients.conf. Add the following text to the bottom of the file:• client 192.168.1.1/24 { (IP address of AP)• secret = test (shared password)• shortname = default (the SSID of AP)• }• The last step is to restart the FreeRADIUS server :• sudo /etc/init.d/freeradius restart• To start FreeRADIUS in debug mode, stop it and run:• freeradius -X
  11. 11. Configuring AP• For client testing, you will need to configure the AP to send requests to the IP address of RADIUS server .• Use the testuser and testpassword values in the file /etc/freeradius/users to connect to WLAN from the laptop.
  12. 12. Thanks Eng. Ghannam Aljabary PalGov © 2011 12

×