Search

Wireless Security

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1

    1 Favorite

    Wireless Security - Presentation Transcript

    1. Wireless security The Competa Plane <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 1
    2. Wireless security See if it Flies .... <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 2
    3. Wireless security Me • Rudi van Drunen • Senior Consultant & CTO Competa IT • Design, Deliver and Maintain Complex IT Infrastructure • CTO XlexiT Technology B.V. <XlexiT> • Wireless / Embedded / Networking • Tech Guru Wireless Leiden • Largest wireless community network in NL ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 3
    4. Wireless security This Talk • Attacks • What to do about it, Applied to wireless • RF level • Protocol level • Encryption <XlexiT> • Authentication • Application level ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 4
    5. Wireless security Hierarchy Attacks Passive Active <XlexiT> Eavesdropping Denial Replay of Service Traffic analysis Masquerade Message Modification ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 5
    6. Wireless security Passive • Eavesdropping • Need signal • Decrypt if needed <XlexiT> • Traffic Analysis • Get data from signal and traffic ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 6
    7. Wireless security Active (1) • Denial of Service • Radio Level (microwave method) • <XlexiT> Flooding AP with packets • Disconnect messages ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 7
    8. Wireless security Active (2) • Replay • Listen to the traffic, get SSID, MAC • replay and associate, masquerade <XlexiT> • Message modification • Rogue Accesspoint ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 8
    9. Wireless security 802.11 alphabet soup • 802.11a 5 GHz WLAN • 802.11b 2.4 GHz WLAN • 802.11c Bridging between APs • 802.11d Global frequency harmonization • 802.11e MAC level enhancements for QoS • <XlexiT> 802.11f Inter Access Point Protocol for Roaming • 802.11g High Rate 2.4 GHz WLAN • 802.11h ETSI requirements of Dynamic Frequency Selection and Transmitter Power Control • 802.11i Security Enhancements • 802.11n Super Fast WLAN (mimo) ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 9
    10. Wireless security Wireless • RF Level ... • <XlexiT> cf. ethernet level..... ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 10
    11. Wireless security leaky building ... <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 11
    12. Wireless security Antennae <XlexiT> Omnidirectional Directional ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 12
    13. Wireless security Shaping coverage <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 13
    14. Wireless security Site Survey <XlexiT> - Outside-in - Use Antennas (remember:Leaky building) - Check RF interference ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 14
    15. Wireless security Protocol Level • Encryption • WEP, WPA, WPA2 • Key management • Authorization - Authentication <XlexiT> • 802.1x, RADIUS • EAP Methods • Cooking it up: WPA2 with EAP-TLS ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 15
    16. Wireless security WEP <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 16
    17. Wireless security Next please ... • 802.11i • WPA • Transient Security Network (TSN) • TSN = TKIP + WPA(1) + Radius <XlexiT> • Temporal keys, Message Integrity Check • WPA2 • Robust Security Network (RSN) • RSN = CCMP + WPA(2) + Radius ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 17
    18. Wireless security WPA • 802.11i framework • Try to fix the flaws introduced in WEP • TKIP, MIC, tsc • Keep backwards compatible <XlexiT> • (HW level (should be firmware update)) • Add authentication layer (802.1x) ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 18
    19. Wireless security WPA <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 19
    20. Wireless security WPA2 <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 20
    21. Wireless security Key managment • Pairwise Keys • Between EACH client and AP different pair • Computed / Distributed @association time • Unicast <XlexiT> • Group Keys • Same key between AP and every client • Broadcast (and multicast) ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 21
    22. Wireless security Key Hierachy • Pairwise master key (PMK) • From Auth server (or pre-shared) • Generated during authentication (tls/ssl) • WPA: Radius server sends PMK to AP • From PMK AP derives Temporal keys <XlexiT> • Pairwise Transient Keys • Data Encryption ,Integrity keys ; EAPOL keys • These keys are used in encryption engines ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 22
    23. Wireless security Authentication • 802.1x • Not part of 802.11 suite <XlexiT> • Can also be used on wired networks. ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 23
    24. Wireless security Authentication: Radius • Component in 802.1x • Other Applications in Wireless • MAC Address authentication <XlexiT> • NOT SECURE ! • Captive Portal • nocat, m0n0wall (www.m0n0.ch/wall) ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 24
    25. Wireless security 802.1x + RADIUS <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 25
    26. Wireless security Cooking it up • EAP-TLS enterprise in time • Authentication mechanism • Key distribution mechanism • Other fun things wpa <XlexiT> • WPA @home ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 26
    27. Wireless security EAP-TLS <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 27
    28. Wireless security EAP-TLS <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 28
    29. Wireless security Fun things WPA • Key caching • Returning authenticated client • send (PM)Key name in associate request • AP start 4-way handshake <XlexiT> • AP verifies PMKey • Pre-authentication • Makes Roaming seamless and faster ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 29
    30. Wireless security WPA@home • No Radius server • Primary Master Key as Shared Secret • Key generation from password (rfc 2898) • good passwords: https://www.grc.com/passwords <XlexiT> • AP and Client have same PMK • 4 way handshake between AP - Client • Client / AP derive temporal keys for encryption ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 30
    31. Wireless security WPA-PSK Overview <XlexiT> ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 31
    32. Wireless security Application Level • VPN (ipsec, OpenVPN) • Some Setup required • SSL connections • <XlexiT> You thought everything did ssl, right ?! • Captive portals • Hotspot model ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 32
    33. Wireless security Questions ?! <XlexiT> R.van.Drunen@competa.com ver. 1.3 © 2008 R.van.Drunen@competa.com Slide 33

    + rudivdrudivd, 2 years ago

    custom

    895 views, 1 favs, 0 embeds more stats

    Rudi van Drunen Presentation on wireless security N more

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 895
      • 895 on SlideShare
      • 0 from embeds
    • Comments 0
    • Favorites 1
    • Downloads 133
    Most viewed embeds

    more

    All embeds

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    -->
    Search
    RSS Feed
    What's new?

    © 2009 SlideShare Inc. All Rights Reserved