Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Evaluating Wireless Networks PCIE IT Roundtable Workshop October 14, 2003
  2. 2. Outline <ul><li>Introduction to wireless networks </li></ul><ul><li>Threats and vulnerabilities </li></ul><ul><li>Evaluating wireless networks </li></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><li>Methodology </li></ul></ul><ul><ul><li>Tools </li></ul></ul><ul><ul><li>Findings </li></ul></ul><ul><ul><li>Recommendations </li></ul></ul><ul><li>Conclusion </li></ul>
  3. 3. Introduction to Wireless Networks <ul><li>Rapid growth computer communications technology </li></ul><ul><li>Agencies increasingly use wireless networks </li></ul><ul><ul><li>Enhanced mobility </li></ul></ul><ul><ul><li>Greater productivity </li></ul></ul><ul><ul><li>Low implementation costs </li></ul></ul><ul><ul><li>Painless installation </li></ul></ul>
  4. 4. Introduction to Wireless Networks (cont.) <ul><li>Use of radio waves instead of cables </li></ul><ul><li>Major standard </li></ul><ul><ul><li>Institute of Electrical and Electronic Engineers (IEEE) 802.11, Wireless Local Area Networks </li></ul></ul><ul><li>Components of a Wi-Fi network </li></ul><ul><ul><li>Access Points (Hot Spot) </li></ul></ul><ul><ul><li>Wireless clients (e.g. laptops, PDAs) </li></ul></ul>
  5. 6. Threats <ul><li>Disclosure of sensitive/confidential data </li></ul><ul><li>Denial of service (DoS) </li></ul><ul><li>Unauthorized access to wireless-enabled resources </li></ul><ul><li>Potential weakening of existing security measures on connected wired networks and systems </li></ul>
  6. 8. Vulnerabilities <ul><li>Wired Equivalent Privacy (WEP) encryption standard extremely weak </li></ul><ul><li>Radio signals susceptible to jamming and interference </li></ul><ul><li>Protocol vulnerabilities allow </li></ul><ul><ul><li>Network sessions to be taken over by an intruder </li></ul></ul><ul><ul><li>Injection of invalid data into network traffic </li></ul></ul><ul><ul><li>Network reconnaissance </li></ul></ul><ul><li>Default configurations create “open” network </li></ul>
  7. 9. Wireless Automatically Enabled <ul><li>“Roam if you want to. Windows XP automatically recognizes the 802.11 wireless network you’re near and connects you to it.” Microsoft Windows XP Retail box </li></ul>
  8. 10. Evaluating Wireless Networks <ul><li>Wireless networks are </li></ul><ul><ul><li>Easy to implement </li></ul></ul><ul><ul><li>Difficult to secure </li></ul></ul><ul><li>Policies often have not been developed </li></ul>
  9. 11. Evaluation Objectives <ul><li>Assess the current Agency position regarding wireless networks </li></ul><ul><li>Examine the use of wireless technology </li></ul><ul><li>Evaluate the security of the wireless network and applications including threats to </li></ul><ul><ul><li>Data integrity </li></ul></ul><ul><ul><li>Confidentiality </li></ul></ul><ul><ul><li>Availability of services and resources </li></ul></ul><ul><li>Determine the level of user awareness of wireless technology </li></ul>
  10. 12. Evaluation Methodology <ul><li>External scanning to illustrate the ease with which unauthorized persons could intercept wireless signals </li></ul><ul><li>Internal scanning and physical inspection to verify the source of signals </li></ul><ul><li>Traffic analysis to see if sensitive data is being transmitted, if transmissions are encrypted, and how vulnerable the networks are to attack </li></ul><ul><li>Review network topologies to assess connectivity to wired networks and determine measures to protect wired networks </li></ul><ul><li>Meet with wireless users and administrators to assess awareness, employee expertise, and strength of security measures </li></ul>
  11. 13. Content Analysis <ul><li>Characterize data on the network </li></ul><ul><li>View potential vulnerabilities </li></ul><ul><li>Determine appropriate network use </li></ul><ul><li>Assist in review of policy conformance </li></ul><ul><li>18 USC 2511(2)(a)(i) allows protectors of systems (non law-enforcement) to look at content of wireless transmissions </li></ul>
  12. 14. Evaluation Tools <ul><li>Hardware </li></ul><ul><ul><li>Laptop </li></ul></ul><ul><ul><li>Wireless network card </li></ul></ul><ul><ul><li>Antenna </li></ul></ul><ul><ul><li>GPS </li></ul></ul><ul><li>Wireless sniffing software </li></ul><ul><li>WEP encryption cracking software </li></ul><ul><li>Mapping software </li></ul>
  13. 15. Findings <ul><li>Wireless networks with inadequate security </li></ul><ul><li>Range of wireless networks exceed physical boundaries of user organizations </li></ul><ul><li>Non-existent or inadequate policies for wireless networks </li></ul><ul><li>No risk assessments were performed prior to wireless implementation </li></ul><ul><li>No logical separation of wireless networks from wired counterparts </li></ul><ul><li>Insufficient employee awareness </li></ul>
  14. 16. Example: Many wireless networks do not use WEP or other encryption to protect network traffic. ▲ = Access points using encryption ▲ = Access points without encryption
  15. 17. Example: The radio signal from a wireless network can spill over from the building where access points are located to neighboring buildings, parking lots and public roads.
  16. 18. Example: These packet traces show highly confidential data that can be captured from a wireless network
  17. 19. General Evaluation Recommendations <ul><li>Develop wireless network policies </li></ul><ul><li>Conduct risk assessments to determine required level of security </li></ul><ul><li>Limit access to wireless networks through the use of wireless security measures (ie. 802.11i or WPA) </li></ul><ul><li>Maintain logical separation between wireless and wired networks </li></ul><ul><li>Perform wireless scans to identify wireless networks and applications (on a regular basis) </li></ul><ul><li>Enforce wireless network policies </li></ul>
  18. 20. Information Sharing <ul><li>Awareness </li></ul><ul><li>Collaborative use of findings </li></ul><ul><li>Confidentiality </li></ul>
  19. 21. Conclusion <ul><li>Wireless network evaluations are easy to conduct using inexpensive or freely available tools. </li></ul><ul><li>Evaluations are very necessary </li></ul><ul><ul><li>Wireless networks are inexpensive, convenient, and simple to use – so people will use them. </li></ul></ul><ul><ul><li>BUT, wireless networks are vulnerable. </li></ul></ul>
  20. 22. Contact for Wireless Network Evaluations <ul><li>Jamil Farshchi </li></ul><ul><li>(202) 358-1897 </li></ul><ul><li>[email_address] </li></ul>