This document discusses wireless network security. It begins by defining wireless networking and standards like 802.11 and 802.16. It then discusses threats to wireless networks like malicious association, ad hoc networks, and identity theft. Early security standards like WEP are explained, along with their weaknesses. Later standards that aimed to improve security are covered, such as 802.1x, 802.11i, and protocols like CCMP. The document concludes with thoughts on securing wireless transmissions through encryption and signal hiding, and securing wireless networks through encryption, antivirus software, and limiting access.
We all use Wifi today. You know how much money it saves for your smart-phone data usage band-width. Connecting all your computers and gadgets with cables is not just history, even if you attempt it would be impractical!
Wifi being so pervasive, also brings along tremendous security implications. Come join us to look into details of Wifi security. How to secure your wifi network? How certain wifi encryption technologies can be hacked? We would prove that with live demos!
Join us to reflect on the security aspect of this technology, discuss about it and leave with more confidence about how 'secure' your WiFi access is?
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources
An open, unencrypted wireless network can 'sniff' or capture and record the traffic, gain unauthorized access to internal network resources as well as to the internet, and then use the information and resources to perform disruptive or illegal acts.Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security. Wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks.The risks to users of wireless technology have increased as the service has become more popular.As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources.
A presentation which on Wireless Network Security. It contains Introduction to wireless networking, security threats and risks, best practices on using wireless networks.
It is the powerpoint slide.It is all about WPA 3.It will make wifi more secure.This is the future of wireless security.Know how the man in the middle attack and krack attack works.Know also about RC4 encryption.
Slides from the Wi-Fi For Beginners Podcast. These are the slides from module three of a series of podcasts looking at basics wireless LAN (WiFi) networking. In this module, we take a look at wireless access points (APs) and their role in a WLAN. You can find the podcast at WiFiForBeginners.com and on iTunes
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
We all use Wifi today. You know how much money it saves for your smart-phone data usage band-width. Connecting all your computers and gadgets with cables is not just history, even if you attempt it would be impractical!
Wifi being so pervasive, also brings along tremendous security implications. Come join us to look into details of Wifi security. How to secure your wifi network? How certain wifi encryption technologies can be hacked? We would prove that with live demos!
Join us to reflect on the security aspect of this technology, discuss about it and leave with more confidence about how 'secure' your WiFi access is?
How To Learn The Network Security
Slide berikut merupakan slide yang berisikan dasar-dasar bagi kita dalam memahami konsep keamanan jaringan komputer, baik dari sisi inftrastruktur, teknologi dan paradigma bagi pengguna.
Materi yang diberikan sudah disusun oleh Pakar yang merupakan Trainer CEH dan memang berkompeten dibidang keamanan jaringan.
Slide ini saya dapatkan dari beliau saat mengikut training Certified Computer Security Officer (CCSO) dan Certified Computer Security Analyst (CCSA) dari beliau.
Semoga bermanfaat sebagai acuan bagi kita untuk belajar tentang keamanan jaringan komputer.
Terimakasih
Network security consists of the provisions and policies adopted by a network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources
An open, unencrypted wireless network can 'sniff' or capture and record the traffic, gain unauthorized access to internal network resources as well as to the internet, and then use the information and resources to perform disruptive or illegal acts.Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security. Wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks.The risks to users of wireless technology have increased as the service has become more popular.As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources.
A presentation which on Wireless Network Security. It contains Introduction to wireless networking, security threats and risks, best practices on using wireless networks.
It is the powerpoint slide.It is all about WPA 3.It will make wifi more secure.This is the future of wireless security.Know how the man in the middle attack and krack attack works.Know also about RC4 encryption.
Slides from the Wi-Fi For Beginners Podcast. These are the slides from module three of a series of podcasts looking at basics wireless LAN (WiFi) networking. In this module, we take a look at wireless access points (APs) and their role in a WLAN. You can find the podcast at WiFiForBeginners.com and on iTunes
Security+ Guide to Network Security Fundamentals, 3rd Edition, by Mark Ciampa
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
CNIT 120: Network Security
http://samsclass.info/120/120_S09.shtml#lecture
Policy: http://samsclass.info/policy_use.htm
Many thanks to Sam Bowne for allowing to publish these presentations.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Seminar Paper on Security Issues of 802.11b based on IEEE Whitepaper by Boland, H. and Mousavi, H., Carleton University, Ottawa, Ont., Canada, IEEE Canadian Conference on Electrical and Computer Engineering, 2-5 May 2004
1 EAP and 802.1X are usually associated with aRADIUS server2To.pdfarjunenterprises1978
1: EAP and 802.1X are usually associated with a
RADIUS server
2:To set up an extra access point to detect intruders is called using a _______.
fly paper
3:Disabling an SSID broadcast is a common option in some wireless 802.11 NICs.802.11 b
Access Point
Solution
solution to question 1-
EAP and 802.1X are usually associated with a WEP
Wired Equivalent Privacy (WEP), which is part of the original 802.11 standard, should provide
confidentiality. Unfortunately WEP is poorly designed and easily cracked. There is no
authentication mechanism, only a weak form of access control.
As a response to WEP broken security, IEEE has come up with a new wireless security standard
named 802.11i. 802.1X plays a major role in this new standard.
The new security standard, 802.11i, which was ratified in June 2004, fixes all WEP weaknesses.
It is divided into three main categories:
The industry didn\'t have time to wait until the 802.11i standard was completed. They wanted the
WEP issues fixed now! Wi-Fi Alliance felt the pressure, took a \"snapshot\" of the standard , and
called it Wi-Fi Protected Access (WPA). One requirement was that existing 802.11 equipment
could be used with WPA, so WPA is basically TKIP + 802.1X.
Extensible Authentication Protocol (EAP) is just the transport protocol optimized for
authentication, not the authentication method itself
SOLUTION TO QUESTION2-To set up an extra access point to detect intruders is called using
a HONEYPOT
A honeypot is a computer system that is set up to act as a decoy to lure cyberattackers, and to
detect, deflect or study attempts to gain unauthorized access to information systems.
SOLUTION TO QUESTION 3-
One of the most common security recommendations regarding wireless networks is that you
should disable SSID broadcasting
Temporary Key Integrity Protocol (TKIP) is a short-term solution that fixes all WEP
weaknesses. TKIP can be used with old 802.11 equipment (after a driver/firmware upgrade) and
provides integrity and confidentiality.
Counter Mode with CBC-MAC Protocol (CCMP) is a new protocol, designed from ground up. It
uses AES as its cryptographic algorithm, and, since this is more CPU intensive than RC4 (used
in WEP and TKIP), new 802.11 hardware may be required. Some drivers can implement CCMP
in software. CCMP provides integrity and confidentiality.
802.1X Port-Based Network Access Control: Either when using TKIP or CCMP, 802.1X is used
for authentication..
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Dr. Amarjeet Singh
The growing volume of attacks on the Internet has
increased the demand for more robust systems and
sophisticated tools for vulnerability analysis, intrusion
detection, forensic investigations, and possible responses.
Current hacker tools and technologies warrant reengineering
to address cyber crime and homeland security. The being
aware of the flaws on a network is necessary to secure the
information infrastructure by gathering network topology,
intelligence, internal/external vulnerability analysis, and
penetration testing. This paper has as main objective to
minimize damages and preventing the attackers from
exploiting weaknesses and vulnerabilities in the 4 ways
handshake (WIFI).
We equally present a detail study on various attacks and
some solutions to avoid or prevent such attacks in WLAN.
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxEduSkills OECD
Andreas Schleicher presents at the OECD webinar ‘Digital devices in schools: detrimental distraction or secret to success?’ on 27 May 2024. The presentation was based on findings from PISA 2022 results and the webinar helped launch the PISA in Focus ‘Managing screen time: How to protect and equip students against distraction’ https://www.oecd-ilibrary.org/education/managing-screen-time_7c225af4-en and the OECD Education Policy Perspective ‘Students, digital devices and success’ can be found here - https://oe.cd/il/5yV
The Indian economy is classified into different sectors to simplify the analysis and understanding of economic activities. For Class 10, it's essential to grasp the sectors of the Indian economy, understand their characteristics, and recognize their importance. This guide will provide detailed notes on the Sectors of the Indian Economy Class 10, using specific long-tail keywords to enhance comprehension.
For more information, visit-www.vavaclasses.com
We all have good and bad thoughts from time to time and situation to situation. We are bombarded daily with spiraling thoughts(both negative and positive) creating all-consuming feel , making us difficult to manage with associated suffering. Good thoughts are like our Mob Signal (Positive thought) amidst noise(negative thought) in the atmosphere. Negative thoughts like noise outweigh positive thoughts. These thoughts often create unwanted confusion, trouble, stress and frustration in our mind as well as chaos in our physical world. Negative thoughts are also known as “distorted thinking”.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
How to Create Map Views in the Odoo 17 ERPCeline George
The map views are useful for providing a geographical representation of data. They allow users to visualize and analyze the data in a more intuitive manner.
The Art Pastor's Guide to Sabbath | Steve ThomasonSteve Thomason
What is the purpose of the Sabbath Law in the Torah. It is interesting to compare how the context of the law shifts from Exodus to Deuteronomy. Who gets to rest, and why?
2. Contents:
What is Wireless Networking
What is Wireless Security
Threats to Wireless Networks
Parking Lot attack
Security in WLAN 802.11
Thoughts on Wireless Security
Conclusion
3. Wireless Networking?
A wireless network is a computer network that uses wireless data
connections between network nodes.
It provides the flexibility and freedom that wired networks lack.
The main standards in the wireless world are:
802.11, which describes the Wireless LAN architecture,
802.16 which describes the Wireless MAN architecture.
4. Wireless Security ?
Access Point(AP):
Allows wireless communication device, such ascomputers to
connect to a wireless network
Service set Identifier(SSID):
SSIDallows wireless clients to communicate with an
appropriate access point. Only clients with correct SSIDcan
communicate with the AP
5. Wireless Security(contd.)?
Reasons why wireless networks are more vulnerable to attacks then a wired network are:
Channel: Involves broadcast communications, which is far more susceptible to
eavesdropping and jamming than wired networks
Mobility: Wireless devices are far more portable and mobile than wired devices.
Accessibility: Wireless devices, such assensors and robots, may be left unattended
in remote and/or hostile locations.
7. Following are the threats to Wireless Networks:
Malicious Association:
A wireless device is configured to appear to be a legitimate access point, and then the operator
penetrates the wired network through a legitimate wireless access point.
Ad hoc Network:
These are peer-to-peer networks between wireless computers with no access point
between them. Such networks can pose a security threat due to a lack of a central point of control.
Identify theft (MAC Spoofing):
This occurs when an attacker is able to eavesdrop on network traffic and identify the MAC
address of a computer with network privileges.
8. PARKING LOT ATTACK
Wireless Signals are intercepted outside an organization, or
even through the floors in multi-storey buildings.
“Parking lot” signifies that the attacker sit in the
organization's parking lot and try to access internal hosts via
the wireless network.
9. SECURITYIN WLAN802.11
802.11 Standard
802.11 Authentication
Wired Equivalent Privacy(WEP)
WEP Weakness
802.1x: EAPover LAN
802.11i Standard
10. 802.11 Standard
The 802.11 IEEEstandard was standardized in 1997.
It consists of three layers: Physical layer, MAC (Medium Access Control) layer, and
LLC(Logical Link Control) layer
The first version of the standard supported only 2 Mbps bandwidth, which
motivated the developing teams to come up with other standards to support upto
54Mbps
12. 802.11 Authentication:
Two types of authentications used: Open System Authentication, Shared Key Authentication.
Open System Authentication:
Default authentication protocol for the 802.11 standard.
Consists of a simple authentication request containing the station ID and an authentication
response containing success or failure data
Upon successful authentication, both stations are considered mutually authenticated.
14. SHAREDKEYAUTHENTICATIONFLAW
Shared key authentication can easily be exploited through a passive attack by
eavesdropping.
WEPuses RC4stream cipher as its encryption algorithm.
If both the plaintext and the cipher text are known, the keystream can be
recovered by simply XORing.
As a result, the attacker can be authenticated to the access point.
In the WEP(Wired Equivalent Privacy) standard both of the authentication modes
were supported. In the new security standards, it is not recommended to use
shared key authentication
15. Wired Equivalent Privacy
It has 2 goals to achieve for Wireless LAN : confidentiality and integrity.
It uses Encryption to provide confidentiality.
It uses CRC(Cyclic Redundancy Check) to provide integrity.
16. WEP Weakness
One of the major reasons behind WEPweaknesses is its key length.
WEPhas a 40-bit key , which can be broken in less than five hours using parallel
attacks with the help of normal computer machines[Brown2003] .
This issue urged vendors to update WEPfrom using 40-bit to 104-bit key; thenew
release is called WEP2.
WEPdoes not support mutual authentication.
CRC(for integrity) lacks the cryptography feature.
17. 802.1x : EAPOver LAN (EAPOL)
The 802.1x standard was designed for port base authentication for 802 networks.
EAP(Extensible authentication Protocol) was designed to support multiple
authentication methods over point to point connections without requiring IP.
It allows any of the encryption schemes to be implemented on top of it.
18. EAPOL (contd.)
802.1x framework define 3 ports or entities:
Supplicant (client want to be authenticated),
Authenticator (AP that connect the supplicant to the wired network),
Authentication Server (performs the authentication process from the supplicant based on
their credentials).
19. 802.11i Standard:
The 802.11i (released June 2004) security standard is supposed to be the final solution to wireless security
issue.
It improves authentication, integrity and data transfer.
After final release the full specification was named as WPA2.
802.11i enhances 802.11 by providing a Robust Security Network (RSN) with two new protocols: the four-
way handshake and the group key handshake.
20. Four-way handshake:
AP–Access Point
STA– Client Station
PTK– Pairwise Transient Key 64 Bytes (generated by
concatenating PMK,APnonce (ANonce), STAnonce (SNonce),
APMAC address, and STAMAC address. The product is then
put through a pseudo-random function.).
GTK– Group Temporal Key 32 Bytes(used to decrypt multicast
and broadcast message)
MIC – Message Integrity Code
21. Group Key Handshake
The Group Temporal Key (GTK)used in the network may need to be updated due to
the expiration of a preset timer.
To handle the updating, 802.11i defines a Group KeyHandshake that consists of a
two-way handshake:
The APsends the new GTKto each STAin the network.
The GTKis encrypted using the KEKassigned to that STA,and protects the data from
tampering, by use of a MIC.
The STAacknowledges the new GTKand replies to theAP
.
22. 802.11i (contd.)
To improve data transfer, 802.11i specifies three protocols: TKIP
, CCMPand WRAP.
TKIP(Temporal Key Integrity Management) was introduced as a "band-aid" solution to
WEP problems.
TKIPprovides per-packet key mixing, a message integrity check and a re-keying
mechanism.
TKIPensures that every data packet is sent with its own unique encryption key.
23. 802.11i (contd.)
WRAP(Wireless Robust Authenticated Protocol) is the LAN implementation of the AES
encryption.
WRAPhas intellectual property issues, where three parties have filed for its patent. This
problem caused IEEEto replace it with CCMP
CCMP(Counter with Cipher Block Chaining Message Authentication Code Protocol) is
considered the optimal solution for secure data transfer under 802.11i.
CCMPusesAESfor encryption.
25. WIRELESSSECURITYMEASURES
We can group wireless security measures into those dealing with:
• Wireless Transmissions(threats involves eavesdropping, altering or inserting
messages,and disruption.)
• Wireless Networks
26. SECURING WIRELESS
TRANSMISSION:
To deal with threats of Wireless Transmission, following two measures can be adopted:
Signal-hiding technique:
Involves turning off service set identifier (SSID)broadcasting by wireless accesspoints
Assigning cryptic names to SSIDs
Reducing signal strength to the lowest level
Encryption:
Encryption of all wireless transmission is effective against eavesdropping to the extent that
the encryption keys are secured.
27. SECURINGWIRELESSNETWORK:
Following techniques can be adopted to secure wireless networks:
Use encryption. Wireless routers are typically equipped with built-in encryption
mechanisms for router-to-router traffic.
Use antivirus and antispyware software, and a firewall.
Turn off identifier broadcasting.
Allow only specific computers to access your wireless network.
