SlideShare a Scribd company logo

Wireless security

Aurobindo Nayak
Aurobindo Nayak

all u ever wanted to know about about wireless networking and jamming into others networks

Technology
1 of 52
Download to read offline
Out of Thin Air!Out of Thin Air! An introduction to wireless security at home, on the road and on campus University of Kansas Medical Center June 6, 2007
Wireless Networking at Home Daniel Van Meter, Systems Security Specialist
What is Wireless Networking? Wireless or Wi-Fi technology is another way of connecting your computer to a network without using wires. Wireless networks utilize radio waves and/or microwaves to maintain communication channels between computers. This gives people the freedom to connect computers anywhere in your home or office network. Wireless networking works similarly to how cordless phones work, through radio signals to transmit data from one point A to point B. A basic wireless design typically consists of a wireless router that provides access to the Internet and/or network and a system that connects via a wireless adapter.
Typical home wireless network Home wireless networks typically consist of at least one Wireless Access Point/Router and one or more computers that connect to the wireless router. The Access Point/Router is the device that systems connect to for access to the internet or to another computer sharing the signal. Home wireless networks typically consist of at least one Wireless Access Point/Router and one or more computers that connect to the wireless router. The Access Point/Router is the device that systems connect to for access to the internet or to another computer sharing the signal.
Wireless Hardware Wireless Router with 4 port switch Here we see a typical wireless router with 4 available ports to plug computers directly into, the wireless antenna and one WAN port. Wireless Network Adapters Computers need an adapter that is compatible with the router in order to connect. Most newer laptops and PDAs already contain a wireless adapter. There are many different kinds of adapters. PCMIA, PCI, USB, and Firewire are a few shown below.
A, B…..G? Current Wireless Standards 802.11A Supports bandwidth up to 54 Mbps. It has a very limited range and has more difficulty penetrating walls and other obstructions. These devices should considered outdated and is not typically found in common retail stores. 802.11B Supports bandwidth up to 11 Mbps. It has a much better range than 802.11a and is not as easily obstructed by walls or other objects. Devices that use this protocol can suffer from more interference from other electronic devices such as microwaves. These devices are quickly becoming scarce at retail stores as they are replaced by the newer 802.11G devices. 802.11G Supports up to 54 Mbps and has a range that will cover most average homes. These devices are still typically common in retail stores but are quickly being replaced by the newer technologies such as 802.11N. 802.11.N One of the newest types of wireless devices found in retail stores. Supports up to 600 Mbps and can cover an extremely large home or small business.
Before you head for the store Prior to purchasing a wireless network there a few things that you can look for to ensure that the equipment will provide an adequate amount of security. • Gather as much information about your wireless hardware’s security as possible. Advanced firewall protection, strong encryption protocols, web filtering, and MAC filtering are just a few items you should look for in a wireless router. • Ensure you have access to phone ,email, or knowledgebase support from the manufacturer. • Check the documentation that comes with the router/network adapter. Verify that configuration and securing of the router is simple and easily understood.
That was easy! Wireless networks have become extremely easy to setup these days. Many people find that they can simply plug the hardware in and in just a few minutes they can be surfing the web or transferring files to other computers with no wires attached. But perhaps it was TOO easy…. Many people you setup the wireless fail to setup appropriate security measures on their wireless once they are connected. If you simply plugged in your network adapter, found and connected your laptop or PDA to your network, there’s nothing to prevent your neighbor or someone else from connecting just as easily as you did!
Recommendations for Securing Your Wireless Network at Home 1. Change the router’s default passwords. 2. Change the SSID name and disable SSID broadcast. 3. Setup MAC filters to limit which computers can connect. 4. Turn on WPA or WPA2 encryption. 5. Review your wireless logs. 6. Watch for upgrades from the manufacturer. 7. Practice good computer security.
Step 1. Change the router’s default passwords. Most wireless router manufacturers provide Web pages that allow owners to enter their network address and account information. These Web tools are protected with a login screen (username and password) so that only the rightful owner can do this. Right out of the box, however, they are usually configured with a default password that is too simple and very well-known to hackers on the Internet. Change these settings immediately.
Step 2. Change the SSID name and disable SSID broadcast. Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally "Linksys." When someone finds a default SSID, they see it is a poorly configured network and are much more likely to want to snoop around. In Wi-Fi networking, the access point or router typically broadcasts the network name (SSID) over the air at regular intervals. In the home, this feature may be unnecessary, and it increases the likelihood an unwelcome person will try to log in to your home network.
Step 3. Setup MAC Filters. All network communication devices have unique hard coded numbers assigned to them. This number is called the “MAC” address. If your router is capable of MAC filtering you should only allow devices that you expect to appear connect to your wireless network and deny all others.
Step 4. Turn on WPA / WEP Encryption. Understanding WEP vs. WPA2 WEP (wired equivalent privacy) was the encryption scheme included with the first generation of wireless networking equipment. It was found to contain some serious flaws which make it relatively easy to crack, or break into within a matter of minutes. However, even WEP is better than nothing and will keep casual snoopers and novice hackers out of your wireless network. Using encryption with a longer key length will provide stronger security, but with a slight performance impact. WPA (WIFI protected access) is a much stronger security protocol than WEP and should be used instead of WEP if your wireless router and network adapters will support it. Some routers may refer to this as WPA- PSK. You should always consider using the router’s strongest encryption mechanism. All Wi-Fi equipment supports some form of "encryption“, which scrambles the information sent over the wireless network so that it can’t be easily read. WEP or WPA are the most common encryption schemes found on home wireless systems. For most routers, you will provide a passphrase that your router uses to generate several keys. Make sure your passphrase is unique, not a dictionary word and at least 10 characters long – the longer, the better!
Step 5. Review wireless Logs. Most routers will keep track of what systems have been successful or have failed to connect to your router. Reviewing your logs can help identify a possible intruder or misconfiguration in your routers security.
Step 6. Watch for firmware upgrades for devices. Network hardware is run by software called firmware. Just like computers, flaws may be found in the software that would allow people to bypass security mechanisms built into your router or network adapter. You should regularly check your wireless manufacturer’s website for updates and apply when appropriate.
Step 7. Practice good computer security. Don’t rely only on your router/access point to protect your computers inside your wireless network. Even the most secure wireless network typically won’t stop a determined hacker. • Enable System Firewalls • Use accounts protected with a strong password • Apply security patches to your OS in a timely manner • Ensure you have antivirus up to date on your system • Avoid using open shares on your computers to share files • Be on the lookout for malicious websites, spyware/adware, phishing and scams Windows Users http://www.microsoft.com/protect/default.mspx Mac http://www.apple.com/macosx/features/security/
How can I confirm my setup is secure? When connecting to your wireless network. Look for “Security-enabled wireless connection”. If your home network connection is listed as “Unsecured”, you may be a sitting duck to individuals free-loading off your internet connection or snooping around on your computer.
Demonstration Hacking an Unsecured Home Wireless Network
Wireless Networking “On the Road” Kyle Crane, Network Security Specialist
Free Wireless On The Road • Many businesses now provide some form of free wireless internet access. • Airports • Cafés • McDonalds • Starbucks • Panera Bread • Even some gas stations??
Can I connect? Generally (but not always) the network will have a name that matches the business. If in doubt, ASK! • There are examples of places that have open access but never intended to provide that to the public. • The laws on access to networks are strict and don’t fit well to the grey areas in wireless access but may well be applied to you anyway.
How to Find an Open Wireless Network with Windows XP – Windows normally provides notification of wireless networks in range and lists the names. – You can then select the network you wish to connect with and click “Select”
How to Find an Open Wireless Network with Mac OS X – MAC OS X provides a similar notice when the Airport icon is available and the airport is on. – Click the Airport icon and select the network from the list to connect to it.
It Looks Open…but Should You Connect? How do I know the terms of access? – Many locations use a type of portal to gain access. You must read and agree to the terms before you are allowed on the net. Those terms are binding. If you are not presented with any terms or acceptance screen? – Be wary. You don’t have to know the networks terms of use to be held to them. It doesn’t have to make sense it’s just the law.
Wireless on the Road: The good… • Convenient • It’s always nice to be able to stay connected on the road. • It is becoming more widespread and almost expected in hotels and other travel locations. • More freedom when working on the road • Allows a teleworker the freedom to get out of the house. • Allows for easier use of vacation even if critical actions need to occur while you are away.
Wireless on the Road: The bad… • Legal grey areas – Some businesses can be vague about what the terms are to use the access. • Often times can be poor quality – Many locations implement wireless poorly and the signal is weak in the intended areas. – This makes it much easier for a hacker to setup a fake wireless router and fool you into thinking you are connecting to a legitimate wireless network. • You have no idea who your neighbors are – Open wireless is by nature uncontrolled and any one with any intentions can be there with you. – Are you sure that “McDonalds” is really McDonalds?
Wireless on the Road: The Downright Ugly… Really nasty stuff: • Large open WiFi networks are just like being on the Internet • There can be hundreds of people with unknown intent who are all on the same physical network as you, just as though they were inside your house. • Your system is wide open to anything if not using a firewall. • Detection and identification of the offender are harder than it would be on the net • Automated tools are emerging to take advantage of systems on wireless networks • While not necessarily simple today, they will improve with time. • Moving towards automatic discovery and exploitation of systems.
Recommendations for Using Wireless on the Road • Disable automatic connections even to preferred networks. – This prevents scanners from gathering the list of wireless networks that windows will automatically connect to. • Keep Antivirus products installed and up to date. This is pretty general advice but it holds here too. • Enable the windows firewall whenever you are working with public wireless. – All but the most determined attacker will be seriously frustrated in attempts to attack a firewall enabled system. It raises the bar.
Recommendations for Using Wireless on the Road • Turn off or disable your wireless card when not in use. • Ensure your system is patched and up to date. • Use the auto update features of your OS to reduce the number of possible exploits available to an attacker. • Don’t access personal or sensitive information while on a public wireless network (e.g., banking sites.)
Demonstration Fake hotspot access points
Wireless Networking at KUMC Dallas Ivanko, WAN Engineer
Are you using Wireless on Campus? • How many people here use wireless on campus? • How many people use wireless for palm or pocket PC devices? • How many people use wireless for Tablet or PC devices?
SSIDs on University Campus • University-Wireless • unsecured, broadcasted, “guest” • KUMC-Wireless • secured, non-broadcasted, staff/faculty/special permission only
University-Wireless SSID Most broadcasted SSIDs are used in hot spots such as coffee shops, hotels, and etc. Here at KUMC we have one SSID that is broadcasted – the “University-Wireless” SSID. This allows devices to connect to the wireless network easily; however, this method is less secure than other types of “encrypted” wireless connectivity.
KUMC-Wireless SSID Did you know there are 2 SSIDs on campus? We already mentioned the less secure “University-Wireless” SSID, but did you know that there is a more secure SSID named “KUMC-Wireless”? The KUMC-Wireless SSID uses WPA encryption to secure the traffic from Access Point to wireless devices.
KUMC-Wireless and WPA • Daniel mentioned WEP and WPA earlier. • WPA offers a more secure connection and rather than having a static key provides a method of key rotation where the Access Point and wireless device change keys at certain intervals. • The key exchange method used on the “KUMC- Wireless” SSID is known as Temporal Key Integrity Protocol (TKIP) and is extremely hard to hack.
Wireless Security on Campus We strive to provide the most secure environment possible using the KUMC-Wireless SSID. The method of communication between wireless devices and Access Points should be considered carefully. Basic web traffic and synchronization with other encryption methods between server and client are a good choice to be used on the less secure SSID University- Wireless. If communication between devices requires a more secure connection then choose the KUMC- Wireless SSID and have a customer support representative help you connect to our network.
A Secure Connection – KUMC-Wireless Let’s get started. Right click on Network Neighborhood or choose Network and Internet Connections from the Control Panel.
Wireless Network Properties Right click on “Wireless Network Connection” and then choose Properties.
Adding a Wireless Network Click “ADD” and then place in the SSID, Authentication and Encryption method.
Changing Authentication Method Choose the Authentication TAB and choose PEAP as the EAP Type.
Authentication Type Properties • Choose Properties (right below the PEAP option). • Uncheck “Validate server certificate”. (we’re using an internal certificate.
Changing EAP-MSCHAP Authentication Click the configure button to the right of (EAP- MSCHAP V2) Uncheck Automatically use my Windows logon name and password.
Click OK OK OK OK OK OK……. Click OK on all boxes to get back to the desktop / Wireless Network Properties
Click on Ballon – Enter credentials In the system tray, you’ll notice a balloon that pops up asking for credential information. Click on the balloon and fill in the User Name and Password Fields only. Click OK and you’re done!
Pushing the Limits: Wireless and the Law Sherry Callahan, Director of Information Security
So many unsecured networks!
Look, but don’t “touch”! • Wardriving, warflying or war-anything is NOT illegal. • Capturing traffic is also not illegal but, in some states, intent is the key. • Just because a wireless network is unsecured , it’s not an invitation to use them. • If you connect to a wireless network without permission, you are committing a felony under Kansas or Missouri law.
Additional Resources How to Access KUMC’s Wireless Network http://www2.kumc.edu/ir/wireless/facwireless.html In-depth on-line class on Wireless Basics http://wireless-basics.classes.cnet.com/lesson-1/
Questions?

Recommended

Network security
Network securityNetwork security
Network securitySimranpreet Singh
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
LAN Security
LAN Security LAN Security
LAN Security Syed Ubaid Ali Jafri
 
Network security
Network securityNetwork security
Network securityNkosinathi Lungu
 
Network security
Network securityNetwork security
Network securityNandini Raj
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingarushi bhatnagar
 
Networkingconcepts
NetworkingconceptsNetworkingconcepts
Networkingconceptsvasanthimuniasamy
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 

Recommended

Network security
Network securityNetwork security
Network securitySimranpreet Singh
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
LAN Security
LAN Security LAN Security
LAN Security Syed Ubaid Ali Jafri
 
Network security
Network securityNetwork security
Network securityNkosinathi Lungu
 
Network security
Network securityNetwork security
Network securityNandini Raj
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingarushi bhatnagar
 
Networkingconcepts
NetworkingconceptsNetworkingconcepts
Networkingconceptsvasanthimuniasamy
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
E mail forensics
E mail forensicsE mail forensics
E mail forensicssaddamhusain hadimani
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxAnshumaanTiwari2
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffersKunal Thakur
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
IDS, IPS, IDPS
IDS, IPS, IDPSIDS, IPS, IDPS
IDS, IPS, IDPSMinhaz A V
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentationNitesh Dubey
 
What is Ping
What is PingWhat is Ping
What is PingDisha Dudhal
 
Security Threats at OSI layers
Security Threats at OSI layersSecurity Threats at OSI layers
Security Threats at OSI layersDepartment of Computer Science
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemOECLIB Odisha Electronics Control Library
 
Cyber security
Cyber securityCyber security
Cyber securityKomal Samdariya
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacksprimeteacher32
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemRoshan Ranabhat
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)Gaurav Dalvi
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemSweta Sharma
 
Network security
Network securityNetwork security
Network securitymena kaheel
 
Internet security
Internet securityInternet security
Internet securityMohamed El-malki
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityAurobindo Nayak
 
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015CODE BLUE
 

More Related Content

What's hot

Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxAnshumaanTiwari2
 
IDS, IPS, IDPS
IDS, IPS, IDPSIDS, IPS, IDPS
IDS, IPS, IDPSMinhaz A V
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentationNitesh Dubey
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemRoshan Ranabhat
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)Gaurav Dalvi
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemSweta Sharma
 
Network security
Network securityNetwork security
Network securitymena kaheel
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 

What's hot (20)

Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensic
 
E mail forensics
E mail forensicsE mail forensics
E mail forensics
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
IDS, IPS, IDPS
IDS, IPS, IDPSIDS, IPS, IDPS
IDS, IPS, IDPS
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentation
 
What is Ping
What is PingWhat is Ping
What is Ping
 
Security Threats at OSI layers
Security Threats at OSI layersSecurity Threats at OSI layers
Security Threats at OSI layers
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Cyber security
Cyber securityCyber security
Cyber security
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacks
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
 
Seminar (network security)
Seminar (network security)Seminar (network security)
Seminar (network security)
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Network security
Network securityNetwork security
Network security
 
Internet security
Internet securityInternet security
Internet security
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 

Viewers also liked

Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015CODE BLUE
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
security in wireless sensor networks
security in wireless sensor networkssecurity in wireless sensor networks
security in wireless sensor networksVishnu Kudumula
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentationBijay Bhandari
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Viewers also liked (8)

Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
Wireless security testing with attack by Keiichi Horiai - CODE BLUE 2015
 
C3 and digital citizenship
C3 and digital citizenshipC3 and digital citizenship
C3 and digital citizenship
 
Cyber Ethics
Cyber EthicsCyber Ethics
Cyber Ethics
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
 
security in wireless sensor networks
security in wireless sensor networkssecurity in wireless sensor networks
security in wireless sensor networks
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Similar to Wireless security

10 Wireless Home Network Security Tips
10 Wireless Home Network Security Tips10 Wireless Home Network Security Tips
10 Wireless Home Network Security TipsPECB
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfSeanHussey8
 
How to hack wireless internet connections
How to hack wireless internet connectionsHow to hack wireless internet connections
How to hack wireless internet connectionsNitin kumar Gupta
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanZaibi Gondal
 
How To Hack Wireless Internet Connections
How To Hack Wireless Internet ConnectionsHow To Hack Wireless Internet Connections
How To Hack Wireless Internet Connectionsguest85e156e
 
Setting up a home network
Setting up a home networkSetting up a home network
Setting up a home networkclcewing
 
The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005Bill Drew
 
Understanding your Home network and keeping it secure
Understanding your Home network and keeping it secureUnderstanding your Home network and keeping it secure
Understanding your Home network and keeping it secureclcewing
 
Howtohackwirelessinternetconnections 100105124156-phpapp01
Howtohackwirelessinternetconnections 100105124156-phpapp01Howtohackwirelessinternetconnections 100105124156-phpapp01
Howtohackwirelessinternetconnections 100105124156-phpapp01Alf Tero
 
Wireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesWireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesYogesh Kumar
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesMichael Boman
 
You have persuaded XelPharms CIO that wireless networking would be.pdf
You have persuaded XelPharms CIO that wireless networking would be.pdfYou have persuaded XelPharms CIO that wireless networking would be.pdf
You have persuaded XelPharms CIO that wireless networking would be.pdfarpittradersjdr
 

Similar to Wireless security (20)

10 Wireless Home Network Security Tips
10 Wireless Home Network Security Tips10 Wireless Home Network Security Tips
10 Wireless Home Network Security Tips
 
5 steps
5 steps5 steps
5 steps
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
 
How to hack wireless internet connections
How to hack wireless internet connectionsHow to hack wireless internet connections
How to hack wireless internet connections
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib Zeeshan
 
How To Hack Wireless Internet Connections
How To Hack Wireless Internet ConnectionsHow To Hack Wireless Internet Connections
How To Hack Wireless Internet Connections
 
Technical Report
Technical ReportTechnical Report
Technical Report
 
Wireless security
Wireless securityWireless security
Wireless security
 
Setting up a home network
Setting up a home networkSetting up a home network
Setting up a home network
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Hack wireless internet connections or wifi
Hack wireless internet connections or wifiHack wireless internet connections or wifi
Hack wireless internet connections or wifi
 
Wireless
WirelessWireless
Wireless
 
Wi Fi
Wi FiWi Fi
Wi Fi
 
The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005
 
Understanding your Home network and keeping it secure
Understanding your Home network and keeping it secureUnderstanding your Home network and keeping it secure
Understanding your Home network and keeping it secure
 
Howtohackwirelessinternetconnections 100105124156-phpapp01
Howtohackwirelessinternetconnections 100105124156-phpapp01Howtohackwirelessinternetconnections 100105124156-phpapp01
Howtohackwirelessinternetconnections 100105124156-phpapp01
 
Wireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+VulnerabilitiesWireless+LAN+Technology+and+Security+Vulnerabilities
Wireless+LAN+Technology+and+Security+Vulnerabilities
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best Practices
 
You have persuaded XelPharms CIO that wireless networking would be.pdf
You have persuaded XelPharms CIO that wireless networking would be.pdfYou have persuaded XelPharms CIO that wireless networking would be.pdf
You have persuaded XelPharms CIO that wireless networking would be.pdf
 
Wifi
WifiWifi
Wifi
 

More from Aurobindo Nayak

Introduction to blockchain & cryptocurrencies
Introduction to blockchain & cryptocurrenciesIntroduction to blockchain & cryptocurrencies
Introduction to blockchain & cryptocurrenciesAurobindo Nayak
 
Research points on ripple net
Research points on ripple netResearch points on ripple net
Research points on ripple netAurobindo Nayak
 
Blockchain in Trade Finance
Blockchain in Trade FinanceBlockchain in Trade Finance
Blockchain in Trade FinanceAurobindo Nayak
 
Requirement Gathering & Rapid Prototyping
Requirement Gathering & Rapid PrototypingRequirement Gathering & Rapid Prototyping
Requirement Gathering & Rapid PrototypingAurobindo Nayak
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 

More from Aurobindo Nayak (13)

Introduction to blockchain & cryptocurrencies
Introduction to blockchain & cryptocurrenciesIntroduction to blockchain & cryptocurrencies
Introduction to blockchain & cryptocurrencies
 
Research points on ripple net
Research points on ripple netResearch points on ripple net
Research points on ripple net
 
Blockchain in Trade Finance
Blockchain in Trade FinanceBlockchain in Trade Finance
Blockchain in Trade Finance
 
Blockchain in FinTech
Blockchain in FinTechBlockchain in FinTech
Blockchain in FinTech
 
Requirement Gathering & Rapid Prototyping
Requirement Gathering & Rapid PrototypingRequirement Gathering & Rapid Prototyping
Requirement Gathering & Rapid Prototyping
 
E-Examination
E-ExaminationE-Examination
E-Examination
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
SOFTWARE TESTING
SOFTWARE TESTINGSOFTWARE TESTING
SOFTWARE TESTING
 
BRAIN FINGERPRINTING
BRAIN FINGERPRINTINGBRAIN FINGERPRINTING
BRAIN FINGERPRINTING
 
Captcha seminar
Captcha seminar Captcha seminar
Captcha seminar
 
Blue brain
Blue brain Blue brain
Blue brain
 
Arvind's
Arvind'sArvind's
Arvind's
 

Recently uploaded

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Recently uploaded (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Wireless security

  • 1. Out of Thin Air!Out of Thin Air! An introduction to wireless security at home, on the road and on campus University of Kansas Medical Center June 6, 2007
  • 2. Wireless Networking at Home Daniel Van Meter, Systems Security Specialist
  • 3. What is Wireless Networking? Wireless or Wi-Fi technology is another way of connecting your computer to a network without using wires. Wireless networks utilize radio waves and/or microwaves to maintain communication channels between computers. This gives people the freedom to connect computers anywhere in your home or office network. Wireless networking works similarly to how cordless phones work, through radio signals to transmit data from one point A to point B. A basic wireless design typically consists of a wireless router that provides access to the Internet and/or network and a system that connects via a wireless adapter.
  • 4. Typical home wireless network Home wireless networks typically consist of at least one Wireless Access Point/Router and one or more computers that connect to the wireless router. The Access Point/Router is the device that systems connect to for access to the internet or to another computer sharing the signal. Home wireless networks typically consist of at least one Wireless Access Point/Router and one or more computers that connect to the wireless router. The Access Point/Router is the device that systems connect to for access to the internet or to another computer sharing the signal.
  • 5. Wireless Hardware Wireless Router with 4 port switch Here we see a typical wireless router with 4 available ports to plug computers directly into, the wireless antenna and one WAN port. Wireless Network Adapters Computers need an adapter that is compatible with the router in order to connect. Most newer laptops and PDAs already contain a wireless adapter. There are many different kinds of adapters. PCMIA, PCI, USB, and Firewire are a few shown below.
  • 6. A, B…..G? Current Wireless Standards 802.11A Supports bandwidth up to 54 Mbps. It has a very limited range and has more difficulty penetrating walls and other obstructions. These devices should considered outdated and is not typically found in common retail stores. 802.11B Supports bandwidth up to 11 Mbps. It has a much better range than 802.11a and is not as easily obstructed by walls or other objects. Devices that use this protocol can suffer from more interference from other electronic devices such as microwaves. These devices are quickly becoming scarce at retail stores as they are replaced by the newer 802.11G devices. 802.11G Supports up to 54 Mbps and has a range that will cover most average homes. These devices are still typically common in retail stores but are quickly being replaced by the newer technologies such as 802.11N. 802.11.N One of the newest types of wireless devices found in retail stores. Supports up to 600 Mbps and can cover an extremely large home or small business.
  • 7. Before you head for the store Prior to purchasing a wireless network there a few things that you can look for to ensure that the equipment will provide an adequate amount of security. • Gather as much information about your wireless hardware’s security as possible. Advanced firewall protection, strong encryption protocols, web filtering, and MAC filtering are just a few items you should look for in a wireless router. • Ensure you have access to phone ,email, or knowledgebase support from the manufacturer. • Check the documentation that comes with the router/network adapter. Verify that configuration and securing of the router is simple and easily understood.
  • 8. That was easy! Wireless networks have become extremely easy to setup these days. Many people find that they can simply plug the hardware in and in just a few minutes they can be surfing the web or transferring files to other computers with no wires attached. But perhaps it was TOO easy…. Many people you setup the wireless fail to setup appropriate security measures on their wireless once they are connected. If you simply plugged in your network adapter, found and connected your laptop or PDA to your network, there’s nothing to prevent your neighbor or someone else from connecting just as easily as you did!
  • 9. Recommendations for Securing Your Wireless Network at Home 1. Change the router’s default passwords. 2. Change the SSID name and disable SSID broadcast. 3. Setup MAC filters to limit which computers can connect. 4. Turn on WPA or WPA2 encryption. 5. Review your wireless logs. 6. Watch for upgrades from the manufacturer. 7. Practice good computer security.
  • 10. Step 1. Change the router’s default passwords. Most wireless router manufacturers provide Web pages that allow owners to enter their network address and account information. These Web tools are protected with a login screen (username and password) so that only the rightful owner can do this. Right out of the box, however, they are usually configured with a default password that is too simple and very well-known to hackers on the Internet. Change these settings immediately.
  • 11. Step 2. Change the SSID name and disable SSID broadcast. Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally "Linksys." When someone finds a default SSID, they see it is a poorly configured network and are much more likely to want to snoop around. In Wi-Fi networking, the access point or router typically broadcasts the network name (SSID) over the air at regular intervals. In the home, this feature may be unnecessary, and it increases the likelihood an unwelcome person will try to log in to your home network.
  • 12. Step 3. Setup MAC Filters. All network communication devices have unique hard coded numbers assigned to them. This number is called the “MAC” address. If your router is capable of MAC filtering you should only allow devices that you expect to appear connect to your wireless network and deny all others.
  • 13. Step 4. Turn on WPA / WEP Encryption. Understanding WEP vs. WPA2 WEP (wired equivalent privacy) was the encryption scheme included with the first generation of wireless networking equipment. It was found to contain some serious flaws which make it relatively easy to crack, or break into within a matter of minutes. However, even WEP is better than nothing and will keep casual snoopers and novice hackers out of your wireless network. Using encryption with a longer key length will provide stronger security, but with a slight performance impact. WPA (WIFI protected access) is a much stronger security protocol than WEP and should be used instead of WEP if your wireless router and network adapters will support it. Some routers may refer to this as WPA- PSK. You should always consider using the router’s strongest encryption mechanism. All Wi-Fi equipment supports some form of "encryption“, which scrambles the information sent over the wireless network so that it can’t be easily read. WEP or WPA are the most common encryption schemes found on home wireless systems. For most routers, you will provide a passphrase that your router uses to generate several keys. Make sure your passphrase is unique, not a dictionary word and at least 10 characters long – the longer, the better!
  • 14. Step 5. Review wireless Logs. Most routers will keep track of what systems have been successful or have failed to connect to your router. Reviewing your logs can help identify a possible intruder or misconfiguration in your routers security.
  • 15. Step 6. Watch for firmware upgrades for devices. Network hardware is run by software called firmware. Just like computers, flaws may be found in the software that would allow people to bypass security mechanisms built into your router or network adapter. You should regularly check your wireless manufacturer’s website for updates and apply when appropriate.
  • 16. Step 7. Practice good computer security. Don’t rely only on your router/access point to protect your computers inside your wireless network. Even the most secure wireless network typically won’t stop a determined hacker. • Enable System Firewalls • Use accounts protected with a strong password • Apply security patches to your OS in a timely manner • Ensure you have antivirus up to date on your system • Avoid using open shares on your computers to share files • Be on the lookout for malicious websites, spyware/adware, phishing and scams Windows Users http://www.microsoft.com/protect/default.mspx Mac http://www.apple.com/macosx/features/security/
  • 17. How can I confirm my setup is secure? When connecting to your wireless network. Look for “Security-enabled wireless connection”. If your home network connection is listed as “Unsecured”, you may be a sitting duck to individuals free-loading off your internet connection or snooping around on your computer.
  • 18. Demonstration Hacking an Unsecured Home Wireless Network
  • 19. Wireless Networking “On the Road” Kyle Crane, Network Security Specialist
  • 20. Free Wireless On The Road • Many businesses now provide some form of free wireless internet access. • Airports • Cafés • McDonalds • Starbucks • Panera Bread • Even some gas stations??
  • 21. Can I connect? Generally (but not always) the network will have a name that matches the business. If in doubt, ASK! • There are examples of places that have open access but never intended to provide that to the public. • The laws on access to networks are strict and don’t fit well to the grey areas in wireless access but may well be applied to you anyway.
  • 22. How to Find an Open Wireless Network with Windows XP – Windows normally provides notification of wireless networks in range and lists the names. – You can then select the network you wish to connect with and click “Select”
  • 23. How to Find an Open Wireless Network with Mac OS X – MAC OS X provides a similar notice when the Airport icon is available and the airport is on. – Click the Airport icon and select the network from the list to connect to it.
  • 24. It Looks Open…but Should You Connect? How do I know the terms of access? – Many locations use a type of portal to gain access. You must read and agree to the terms before you are allowed on the net. Those terms are binding. If you are not presented with any terms or acceptance screen? – Be wary. You don’t have to know the networks terms of use to be held to them. It doesn’t have to make sense it’s just the law.
  • 25. Wireless on the Road: The good… • Convenient • It’s always nice to be able to stay connected on the road. • It is becoming more widespread and almost expected in hotels and other travel locations. • More freedom when working on the road • Allows a teleworker the freedom to get out of the house. • Allows for easier use of vacation even if critical actions need to occur while you are away.
  • 26. Wireless on the Road: The bad… • Legal grey areas – Some businesses can be vague about what the terms are to use the access. • Often times can be poor quality – Many locations implement wireless poorly and the signal is weak in the intended areas. – This makes it much easier for a hacker to setup a fake wireless router and fool you into thinking you are connecting to a legitimate wireless network. • You have no idea who your neighbors are – Open wireless is by nature uncontrolled and any one with any intentions can be there with you. – Are you sure that “McDonalds” is really McDonalds?
  • 27. Wireless on the Road: The Downright Ugly… Really nasty stuff: • Large open WiFi networks are just like being on the Internet • There can be hundreds of people with unknown intent who are all on the same physical network as you, just as though they were inside your house. • Your system is wide open to anything if not using a firewall. • Detection and identification of the offender are harder than it would be on the net • Automated tools are emerging to take advantage of systems on wireless networks • While not necessarily simple today, they will improve with time. • Moving towards automatic discovery and exploitation of systems.
  • 28. Recommendations for Using Wireless on the Road • Disable automatic connections even to preferred networks. – This prevents scanners from gathering the list of wireless networks that windows will automatically connect to. • Keep Antivirus products installed and up to date. This is pretty general advice but it holds here too. • Enable the windows firewall whenever you are working with public wireless. – All but the most determined attacker will be seriously frustrated in attempts to attack a firewall enabled system. It raises the bar.
  • 29. Recommendations for Using Wireless on the Road • Turn off or disable your wireless card when not in use. • Ensure your system is patched and up to date. • Use the auto update features of your OS to reduce the number of possible exploits available to an attacker. • Don’t access personal or sensitive information while on a public wireless network (e.g., banking sites.)
  • 31. Wireless Networking at KUMC Dallas Ivanko, WAN Engineer
  • 32. Are you using Wireless on Campus? • How many people here use wireless on campus? • How many people use wireless for palm or pocket PC devices? • How many people use wireless for Tablet or PC devices?
  • 33. SSIDs on University Campus • University-Wireless • unsecured, broadcasted, “guest” • KUMC-Wireless • secured, non-broadcasted, staff/faculty/special permission only
  • 34. University-Wireless SSID Most broadcasted SSIDs are used in hot spots such as coffee shops, hotels, and etc. Here at KUMC we have one SSID that is broadcasted – the “University-Wireless” SSID. This allows devices to connect to the wireless network easily; however, this method is less secure than other types of “encrypted” wireless connectivity.
  • 35. KUMC-Wireless SSID Did you know there are 2 SSIDs on campus? We already mentioned the less secure “University-Wireless” SSID, but did you know that there is a more secure SSID named “KUMC-Wireless”? The KUMC-Wireless SSID uses WPA encryption to secure the traffic from Access Point to wireless devices.
  • 36. KUMC-Wireless and WPA • Daniel mentioned WEP and WPA earlier. • WPA offers a more secure connection and rather than having a static key provides a method of key rotation where the Access Point and wireless device change keys at certain intervals. • The key exchange method used on the “KUMC- Wireless” SSID is known as Temporal Key Integrity Protocol (TKIP) and is extremely hard to hack.
  • 37. Wireless Security on Campus We strive to provide the most secure environment possible using the KUMC-Wireless SSID. The method of communication between wireless devices and Access Points should be considered carefully. Basic web traffic and synchronization with other encryption methods between server and client are a good choice to be used on the less secure SSID University- Wireless. If communication between devices requires a more secure connection then choose the KUMC- Wireless SSID and have a customer support representative help you connect to our network.
  • 38. A Secure Connection – KUMC-Wireless Let’s get started. Right click on Network Neighborhood or choose Network and Internet Connections from the Control Panel.
  • 39. Wireless Network Properties Right click on “Wireless Network Connection” and then choose Properties.
  • 40. Adding a Wireless Network Click “ADD” and then place in the SSID, Authentication and Encryption method.
  • 41. Changing Authentication Method Choose the Authentication TAB and choose PEAP as the EAP Type.
  • 42. Authentication Type Properties • Choose Properties (right below the PEAP option). • Uncheck “Validate server certificate”. (we’re using an internal certificate.
  • 43. Changing EAP-MSCHAP Authentication Click the configure button to the right of (EAP- MSCHAP V2) Uncheck Automatically use my Windows logon name and password.
  • 44. Click OK OK OK OK OK OK……. Click OK on all boxes to get back to the desktop / Wireless Network Properties
  • 45. Click on Ballon – Enter credentials In the system tray, you’ll notice a balloon that pops up asking for credential information. Click on the balloon and fill in the User Name and Password Fields only. Click OK and you’re done!
  • 46. Pushing the Limits: Wireless and the Law Sherry Callahan, Director of Information Security
  • 47. So many unsecured networks!
  • 48.
  • 49. Look, but don’t “touch”! • Wardriving, warflying or war-anything is NOT illegal. • Capturing traffic is also not illegal but, in some states, intent is the key. • Just because a wireless network is unsecured , it’s not an invitation to use them. • If you connect to a wireless network without permission, you are committing a felony under Kansas or Missouri law.
  • 50.
  • 51. Additional Resources How to Access KUMC’s Wireless Network http://www2.kumc.edu/ir/wireless/facwireless.html In-depth on-line class on Wireless Basics http://wireless-basics.classes.cnet.com/lesson-1/