Protecting Your Wireless Network University of Tasmania School Of Computing 2007
Lecturer (Launceston) <ul><li>Dr. Daniel Rolf </li></ul><ul><ul><li>School of Computing, Launceston </li></ul></ul><ul><ul...
Tonight <ul><li>This is for  </li></ul><ul><ul><li>Home users </li></ul></ul><ul><ul><li>Those with limited or no technica...
Agenda <ul><li>Background </li></ul><ul><li>Issues </li></ul><ul><li>Typical Configuration Options </li></ul><ul><ul><li>W...
A Wireless Network What does the Access Point do? Internet Each Computer is uniquely identified by its own IP Address and ...
Wireless Range <ul><li>If you measure the radio signal 1meter from the antenna as 100% then </li></ul><ul><ul><li>At 10m y...
Somewhere… http://www.larsen-b.com/Article/212.html
Wireless Products and Users <ul><li>A home user can not be expected to have any IT expertise </li></ul><ul><li>Installing ...
A Popular Product <ul><li>NETGEAR </li></ul><ul><ul><li>108Mbps Wireless Firewall Router </li></ul></ul><ul><ul><ul><li>WG...
The Installation Guide <ul><li>How to connect the router </li></ul><ul><li>How to Log in to the router </li></ul><ul><ul><...
And now for the demo…
NETGEAR WGT624 Security <ul><li>These are the advertised security features </li></ul><ul><ul><li>Double Firewall </li></ul...
The Pass Phrase <ul><li>8-63 characters long </li></ul>10 20 30 Length in  characters Possible time to crack minutes years...
Do’s <ul><li>Change the default settings </li></ul><ul><ul><li>use your own SSID </li></ul></ul><ul><ul><ul><li>Makes your...
Do’s <ul><li>Manage the access point over a wired network port </li></ul><ul><li>Look a the access point logs from time to...
Don’t <ul><li>Use a default for anything without serious consideration </li></ul><ul><ul><li>(and then still don’t) </li><...
Choosing & Managing your Passwords <ul><li>Authentication passwords (secret) </li></ul><ul><ul><li>Generally shorter </li>...
Choosing & Managing your Passwords <ul><li>It is common to find people choosing authentication passwords based on their pe...
Choosing & Managing your Passwords <ul><li>Tip #1 choose your WPA password using a very different method from the one you ...
Choosing & Managing your Passwords <ul><li>Tip #2 find a method that will produce a 20 character password that you can </l...
Choosing & Managing your Passwords <ul><li>Hints </li></ul><ul><ul><li>Use lines from poems and other texts </li></ul></ul...
Choosing & Managing your Passwords <ul><li>Hints </li></ul><ul><ul><li>Add some capitals and replace o with 0  & I with 1 ...
Choosing & Managing your Passwords <ul><li>Finally </li></ul><ul><ul><li>Remember your WPA password will be shared </li></...
More Information <ul><li>Securing your Wireless Network </li></ul><ul><ul><li>http://www.practicallynetworked.com/support/...
Upcoming SlideShare
Loading in …5
×

ProtectingYourWirele..

294 views
251 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
294
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Each LAN card has a ‘burned in address’ – the MAC address. This is added to the hardware by the manufacturer. This address is Globally unique and is controlled by global standards. However, it is possible to modify this address in some instances. It is the MAC address that identifies a computer on a local network and it is used when sending any data. The IP address is used across the internet to identify the computer and the network the computer is on. Both the MAC and IP addresses are required (at least) to identify the sender and receiver of a message.
  • ProtectingYourWirele..

    1. 1. Protecting Your Wireless Network University of Tasmania School Of Computing 2007
    2. 2. Lecturer (Launceston) <ul><li>Dr. Daniel Rolf </li></ul><ul><ul><li>School of Computing, Launceston </li></ul></ul><ul><ul><ul><li>Phone: 6324 3450 </li></ul></ul></ul><ul><ul><ul><li>Email: [email_address] </li></ul></ul></ul>
    3. 3. Tonight <ul><li>This is for </li></ul><ul><ul><li>Home users </li></ul></ul><ul><ul><li>Those with limited or no technical expertise </li></ul></ul><ul><ul><li>Simple networks with no extra hardware </li></ul></ul><ul><ul><ul><li>e.g. no RADIUS/VPN servers etc </li></ul></ul></ul><ul><ul><li>Those who want some background and straightforward advice </li></ul></ul>
    4. 4. Agenda <ul><li>Background </li></ul><ul><li>Issues </li></ul><ul><li>Typical Configuration Options </li></ul><ul><ul><li>What do they mean </li></ul></ul><ul><li>What you should do </li></ul>
    5. 5. A Wireless Network What does the Access Point do? Internet Each Computer is uniquely identified by its own IP Address and MAC Address IP: Internet Protocol MAC: Medium Access Control
    6. 6. Wireless Range <ul><li>If you measure the radio signal 1meter from the antenna as 100% then </li></ul><ul><ul><li>At 10m you will measure 1% </li></ul></ul><ul><ul><li>At 100m you will measure 0.01% </li></ul></ul><ul><ul><li>At 1km you will measure 0.0001% </li></ul></ul><ul><li>It never goes away! </li></ul><ul><ul><li>just disappears into the background… </li></ul></ul>
    7. 7. Somewhere… http://www.larsen-b.com/Article/212.html
    8. 8. Wireless Products and Users <ul><li>A home user can not be expected to have any IT expertise </li></ul><ul><li>Installing wireless equipment is made as simple as possible </li></ul><ul><li>Advertising highlights the good points </li></ul>
    9. 9. A Popular Product <ul><li>NETGEAR </li></ul><ul><ul><li>108Mbps Wireless Firewall Router </li></ul></ul><ul><ul><ul><li>WGT624 v2 </li></ul></ul></ul>Cable or DSL modem Wireless Router PC Telephone Socket
    10. 10. The Installation Guide <ul><li>How to connect the router </li></ul><ul><li>How to Log in to the router </li></ul><ul><ul><li>http://192.168.0.1 </li></ul></ul><ul><li>Run a setup wizard to connect to the Internet </li></ul><ul><li>Setup basic wireless connectivity </li></ul><ul><ul><li>Default features </li></ul></ul><ul><ul><ul><li>Network Name(SSID): NETGEAR </li></ul></ul></ul><ul><ul><ul><li>WEP Security: disabled </li></ul></ul></ul>
    11. 11. And now for the demo…
    12. 12. NETGEAR WGT624 Security <ul><li>These are the advertised security features </li></ul><ul><ul><li>Double Firewall </li></ul></ul><ul><ul><ul><li>Network Address Translation (NAT) </li></ul></ul></ul><ul><ul><ul><li>Stateful Packet Inspection (SPI) </li></ul></ul></ul><ul><ul><li>Denial of Service (DoS) attack prevention </li></ul></ul><ul><ul><li>Intrusion Detection and Prevention </li></ul></ul><ul><ul><li>Wired Equivalent Privacy (WEP) 64 and 128 bit </li></ul></ul><ul><ul><li>Wi-Fi Protected Access (Pre Shared Key) </li></ul></ul><ul><ul><li>Wireless Access Control (SSID) </li></ul></ul><ul><ul><ul><li>To identify authorized wireless network devices </li></ul></ul></ul><ul><ul><li>Multiple VPN tunnels </li></ul></ul><ul><ul><ul><li>Pass Through, 2 IPSec, and multiple L2TP and PPTP </li></ul></ul></ul><ul><ul><li>Exposed Host (DMZ) </li></ul></ul><ul><ul><li>MAC address authentication </li></ul></ul>
    13. 13. The Pass Phrase <ul><li>8-63 characters long </li></ul>10 20 30 Length in characters Possible time to crack minutes years lots of years
    14. 14. Do’s <ul><li>Change the default settings </li></ul><ul><ul><li>use your own SSID </li></ul></ul><ul><ul><ul><li>Makes your network less of an obvious attraction </li></ul></ul></ul><ul><ul><li>change the administrator password on the AP </li></ul></ul><ul><li>Enable and use the security features on the access point </li></ul><ul><ul><li>make use of the firewall and filtering offered on the access point </li></ul></ul><ul><ul><ul><li>if they are not there then look at getting specific products </li></ul></ul></ul><ul><li>Use good passwords/pass-phrases </li></ul><ul><ul><li>for WPA </li></ul></ul><ul><ul><li>for any shared directories on your computer </li></ul></ul><ul><li>Enable MAC filtering (for the technically minded) </li></ul><ul><ul><li>allow only the computers you know/want on your network </li></ul></ul><ul><ul><ul><li>this is a hurdle that can be bypassed (takes effort) </li></ul></ul></ul>
    15. 15. Do’s <ul><li>Manage the access point over a wired network port </li></ul><ul><li>Look a the access point logs from time to time </li></ul><ul><ul><li>see who’s there </li></ul></ul><ul><li>Keep the operational range to a minimum </li></ul><ul><ul><li>e.g. Lower the transmit power of the AP to minimise signal propagation if you have the option. </li></ul></ul><ul><li>Switch the access point off if you are not using it for any length of time </li></ul>
    16. 16. Don’t <ul><li>Use a default for anything without serious consideration </li></ul><ul><ul><li>(and then still don’t) </li></ul></ul><ul><li>Use WEP </li></ul><ul><li>Use a Pre Shared Key (PSK) based on a dictionary word </li></ul>
    17. 17. Choosing & Managing your Passwords <ul><li>Authentication passwords (secret) </li></ul><ul><ul><li>Generally shorter </li></ul></ul><ul><ul><li>Often written down and stored securely </li></ul></ul><ul><ul><li>Chosen and changed according to a method known only to the creator </li></ul></ul><ul><li>Access Control passwords (shared) </li></ul><ul><ul><li>Generally longer: pass phrase </li></ul></ul><ul><ul><li>Need different method to choose these </li></ul></ul>
    18. 18. Choosing & Managing your Passwords <ul><li>It is common to find people choosing authentication passwords based on their personal lives </li></ul><ul><ul><li>Tiddles1 </li></ul></ul><ul><ul><li>Fido&Tiddles </li></ul></ul><ul><ul><li>MyFidoDog </li></ul></ul><ul><li>Or personal names, car number plates, birth dates etc </li></ul>Introducing Fido and Tiddles
    19. 19. Choosing & Managing your Passwords <ul><li>Tip #1 choose your WPA password using a very different method from the one you use to chose your authentication password </li></ul><ul><ul><li>Your WPA password will be shared </li></ul></ul><ul><ul><li>You are not the only one controlling the sharing </li></ul></ul>
    20. 20. Choosing & Managing your Passwords <ul><li>Tip #2 find a method that will produce a 20 character password that you can </li></ul><ul><ul><li>remember </li></ul></ul><ul><ul><li>tell someone else easily </li></ul></ul><ul><ul><ul><li>Not &%^$3wd9!fhKK#?…. </li></ul></ul></ul><ul><li>Hints </li></ul><ul><ul><li>Think of the term pass phrase rather than word </li></ul></ul>
    21. 21. Choosing & Managing your Passwords <ul><li>Hints </li></ul><ul><ul><li>Use lines from poems and other texts </li></ul></ul><ul><ul><ul><li>The boy stood on the burning deck </li></ul></ul></ul><ul><ul><ul><li>My teddy bear is rather fat </li></ul></ul></ul><ul><ul><li>Use lines from tunes and songs </li></ul></ul><ul><ul><ul><li>We’re all going on a summer holiday </li></ul></ul></ul><ul><ul><ul><li>By saying something stupid like I </li></ul></ul></ul><ul><ul><li>Use funny phrases </li></ul></ul><ul><ul><ul><li>Configuring this router is making me cross </li></ul></ul></ul><ul><ul><ul><li>I often cook burnt offerings </li></ul></ul></ul>
    22. 22. Choosing & Managing your Passwords <ul><li>Hints </li></ul><ul><ul><li>Add some capitals and replace o with 0 & I with 1 and use some SMS abbreviations </li></ul></ul><ul><ul><ul><li>The b0y stood on Burn1ng deck </li></ul></ul></ul><ul><ul><ul><li>My teddy bear 1s Rather fat </li></ul></ul></ul><ul><ul><ul><li>We’re All go1ng on a summer hol1day </li></ul></ul></ul><ul><ul><ul><li>By saying Something Stupid like 1 </li></ul></ul></ul><ul><ul><ul><li>Configuring th1s ** router is making me X </li></ul></ul></ul><ul><ul><li>Write this down and file in a secure place </li></ul></ul><ul><ul><ul><li>With some physical access control </li></ul></ul></ul>
    23. 23. Choosing & Managing your Passwords <ul><li>Finally </li></ul><ul><ul><li>Remember your WPA password will be shared </li></ul></ul><ul><ul><li>It should give no clues as to how you construct your authentication passwords </li></ul></ul><ul><ul><ul><li>You may trust your daughter but do you trust your daughter’s friend’s boy friend? </li></ul></ul></ul><ul><ul><li>If in doubt change the pass phrase </li></ul></ul><ul><ul><ul><li>Access to your network is the first step to access to your money! </li></ul></ul></ul>
    24. 24. More Information <ul><li>Securing your Wireless Network </li></ul><ul><ul><li>http://www.practicallynetworked.com/support/wireless_secure.htm </li></ul></ul><ul><li>Improving your default Netgear Security </li></ul><ul><ul><li>http://kbserver.netgear.com/kb_web_files/n101379.asp </li></ul></ul>

    ×