An overview of wireless networks and it’s security implications upon us. How and why to secure a wireless network.
What exactly is Wi-Fi and it’s implications upon us
802.11g is in the final stages of development. The current draft (V5.0) is open for comments
Heavy cost bearings
Most deployments of Wireless utilize 802.11b
computers talk directly to each other
all traffic passes through a wireless access point
traffic passes through multiple wireless access points
Encryption increases privacy, but can be thwarted, either by software, or by gaining access to a PC configured with wireless and writing down the key.
Wireless does not add any additional threat in the way of viruses. Security measures such as firewalls, can reduce the risk.
The Gartner Group estimates that at least 20 percent of enterprises have rogue wireless LANs attached to their networks.
Wired Equivalent Privacy (WEP) and WEP2 . User authentication
Security doesn't stop at the perimeter of the company building.“
What's happening with wireless networks is that it's no more or less secure than anything else. It's just [that] with a wireless LAN [local area network] you need a new page in the rule book.
AGENDA:<br />Wireless network overview<br />IEEE Specifications<br />Security considerations<br />Security vulnerabilities<br />Solutions and precautions<br />Questions and comments<br />
Wi-Fi is an abbreviation for Wireless Fidelity and a catch all phrase for the several different standards and recommendations that comprise wireless networking. <br />Wi-Fi enables the user to deploy a computer network without needing to run cable throughout the facility.<br />What is Wi-Fi: <br />
IEEE 802.11.a 5GHz – 54Mbps<br />International standard for wireless networking that operates in the 5 GHz frequency range (5.725 GHz to 5.850 GHz) with a maximum 54 Mbps data transfer rate. The 5 GHz frequency band is not as crowded as the 2.4 GHz frequency, because the 802.11a specification offers more radio channels than the 802.11b. These additional channels can help avoid radio and microwave interference. <br />Cost of 802.11a equipment is approximately twice that of 802.11b and current deployment is limited.<br />
IEEE 802.11.b 2.4GHz – 11Mbps<br />International standard for wireless networking that operates in the 2.4 GHz frequency range (2.4 GHz to 2.4835 GHz) and provides a throughput of up to 11 Mbps with a range of just over 300 feet indoors. This is a very commonly used frequency. Microwave ovens, cordless phones, medical and scientific equipment, as well as Bluetooth devices, all work within the 2.4 GHz frequency band. <br />802.11b enables transfers of up to 11 Mbps. Comparable to 10BaseT in speeds, 802.11b is the most common wireless standard deployed today. In comparison T1 speeds are 1.54Mbps and DSL is normally in the 640Kbps range.<br />
Securing a Wireless Network: <br />Most wireless networks today use the 802.11 standard for communication. 802.11b became the standard wireless ethernet networking technology for both business and home in 2000. The IEEE 802.11 Standard is an interoperability standard for wireless LAN devices, that identifies three major distribution systems for wireless data communication: <br />Direct Sequence Spread Spectrum (DSSS) Radio Technology<br />Frequency Hopping Spread Spectrum (FHSS) Radio Technology<br />Infrared Technology<br />
Security (Encryption, Content Filtering, Privacy, etc.)<br />Encryption:<br /><ul><li>Encryption on the pubic network can be used but would create administrative overhead. Encryption keys would have to be changed regularly and anyone using their own laptop would have to be given the key.
Encryption works best in a network that does not allow people to use their own laptops.</li></li></ul><li>Content Filtering & Proxy Servers:<br /><ul><li>Web content filtering that has generally been software on the desktop would have to be handled by a server if people are allowed to use their own laptops.
Proxy servers allow you to control what information people have access to. This is a good practice anyway, allowing you to control at a global level what information travels over your network. It also allows you to track usage.</li></li></ul><li>Security Vulnerabilities:<br /><ul><li>packet sniffing - war drivers; hi-gain antenna
resource stealing - using a valid station's MAC address
rogue networks and station redirection [network administrators also rely on manufacturers' default Service Set IDentifiers (SSIDs)
DoS (any radio source including 2.4 Ghz cordless phones)</li></li></ul><li><ul><li>WEP uses the RC4 encryption algorithm, known as a stream cipher. A stream cipher expands a short key into infinite pseudo-random key stream. The sender XORs the key stream with the plaintext to produce cipher text. The receiver has a copy of the same key, and uses it to generate identical key stream. XORing the key stream with the cipher text yields the original plaintext.
If an attacker flips a bit in the cipher text, then upon decryption, the corresponding bit in the plaintext will be flipped. Also, if an eavesdropper intercepts two cipher texts encrypted with the same key stream, it is possible to obtain the XOR of the two plaintexts. Once one of the plaintexts becomes known, it is trivial to recover all of the others.
IEEE 802.1X: This standard, supported by Windows XP, defines a framework for MAC-level authentication. Susceptible to session-hijacking and man-in-the-middle attacks. </li></li></ul><li>Security Solutions:<br /><ul><li>Advanced Encryption Standard (AES) encryption [IEEE 802.11i]
"Key-hopping" technology that can change the encryption key as often as every few seconds.
EAP-TTLS (Extensible Authentication Protocol (EAP) -Tunneled Transport Layer Security)
Enhanced Security Network (ESN) - Extended Service Set with : </li></ul>enhanced authentication mechanism for both STAs and APs based on 802.11x <br />enhanced data encapsulation using AES <br />dynamic, association-specific cryptographic keys <br />key management <br />
Wireless Protocol Analyzers:<br /><ul><li>check for unknown MAC (Media Access Control) addresses and alert the network manager
log attempts to gain unauthorized access to the network
filter access attempts based on the type of network card
find dead zones in the wireless network</li></li></ul><li>Wireless Security Precautions<br />Change default names <br />Add passwords to all devices <br />Disable broadcasting on network hubs <br />Don't give the network a name that identifies your company <br />Move wireless hubs away from windows <br />Use the built-in encryption <br />Disable the features you don't use <br />Put a firewall between the wireless network and other company computers <br />Encrypt data <br />Regularly test wireless network security<br />