Breaking the Kubernetes Kill Chain: Host Path Mount
WIFI Technology
1. Prepared by:
Eng.Mohamed Attia A. Aref
Eng.Mohamed Hafez Hamed
Suez Canal University
Faculty of Engineering
Department of Electrical Engineering
(Communications and Electronics)
2. Presentation Outline
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
3. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
4. The term 'Wi-Fi’
It`s short for "wireless fidelity," however this is not the
case.
Wi-Fi is simply a trademarked term for any "wireless
local area network (WLAN) products that are based on
the (IEEE) 802.11 standards."
5. The Wi-Fi Alliance (WFA)
It`s a global, non-profit industry association of more
than 300 member companies that owns and controls
the Wi-FI CERTIFIED logo, a registered trademark.
6. The Wi-Fi Alliance (WFA)
the Wi-Fi Alliance’s testing and certification programs
help ensure the interoperability of WLAN products
based on the IEEE 802.11 specification.
Any products that are tested and approved as "Wi-Fi
Certified" (a registered trademark) by the Wi-Fi
Alliance are certified as interoperable with each other,
even if they are from different manufacturers
7. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
8. What is Wi-Fi?
Wi-Fi is the basic standard for Wireless Internet access
technology
It`s primarily used to create a Local Area Network (LAN),
which allows users within the network to connect
wirelessly.
It uses high frequency radio signals to transmit and
receive data over distances of a few hundred meters
It operates at frequencies of 2.4 GHz or 5 GHz
It use 802.11 networking standards
9. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
10. Elements of a WI-FI Network
Access Point (AP) - The AP is a wireless LAN
transceiver or “base station” that can connect one or many
wireless devices simultaneously to the Internet.
11. Elements of a WI-FI Network
Wi-Fi cards(Wi-Fi network adapter) - They
accept the wireless signal and relay information. They can
be internal and external. (e.g. PCMCIA Card for Laptop
and PCI Card for Desktop PC)
12. How a Wi-Fi Network Works
• A Wi-Fi hotspot is created by installing an access point (or
several access points )to an internet connection.
• An access point acts as a base station.
• When Wi-Fi enabled device encounters a hotspot the device
can then connect to that network wirelessly.
• A single access point can support up to 30 users and can
function within a range of 100 – 150 feet indoors and up to
300 feet outdoors.
• Many access points can be connected to each other via
Ethernet cables to create a single large network.
13.
14.
15. Do I need any license to use
802.11 device ?
No , 2.4 GHz and 5.0 GHz are public
available frequency !!!
20. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
22. 802.11
IEEE created the first WLAN standard in 1997. They
called it 802.11.
It works in radio signaling frequency - 2.4 GHz
only supported a maximum bandwidth of 2 Mbps - too
slow for most applications.
23. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
26. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
28. Frame Control field
Protocol Version field:
2 bits indicate which version of 802.11 Mac is
contained in the rest of frame
29. Type& Subtype field:
-The Type and Subtype fields together identify the
function of the frame.
- There are three frame types: control, data, and
management.
-Each of the frame types has several defined subtypes.
30. Control
Which are used to control access to the medium (e.g.
ACK,RTS,CTS and Power Save …)
Management
Which are transmitted the same as data frames to exchange
management information (e.g. Beacon, Probe Request ,Probe
Response, Association request , Association response …)
Data
Which are used for data transmission
(e.g. Data, Null Data, Data_CF_Ack , ….)
31. Subtype
description
Subtype value
b7 b6 b5 b4
Type
description
Type value
b3 b2
Association
request
0000 Management 00
Probe request 0100 Management 00
Beacon 1000 Management 00
RTS 1011 Control 01
CTS 1100 Control 01
ACK 1101 Control 01
Null (no data) 0100 Data 10
32. ToDS field:
When bit is set indicate that destination frame is for DS
FromDS field:
When bit is set indicate frame coming from DS
More fragment field:
It is set to 1 in all data or management type frames that have
another fragment of the current to follow. It is set to 0 in all other frames.
33. Retry field:
Any retransmitted frames set this bit to 1 to aid the receiving station
in eliminating duplicate frames.
Power management field:
It is used to indicate the power management mode of the
station(power save/active).
More Data field:
When set means that AP have more buffered data for a
station in Power Save mode
34. WEP field:
When set indicate that in the Frame Body field there are
data needs to processed by WEP(wired equivalent
privacy) algorithm.
Order(Rsvd) field:
It is set when frames and fragment is being transferred
using the Strictly Ordered service class.
35. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
36. 802.11b
Released in July 1999
• Operates at 2.4GHz radio spectrum
It support four possible data rates: 1 Mbps, 2 Mbps,
5.5 Mbps, and 11 Mbps.
37. 802.11b
• 100 -175 feet range
• Most popular, Least Expensive
Based on DSSS procedure
Compatible with IEEE802.11 DSSS standard
Interference from mobile phones and Bluetooth
devices which can reduce the transmission speed.
38. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
39. 802.11a
802.11a was created at the same time of 802.11b
Operates at 5 GHz to provide higher bandwidth
supports bandwidth of 6 to 54 Mbps
40. 802.11a
50-80 feet range
More expensive
based on an Orthogonal Frequency Division Multiplex
(OFDM) procedure
Not compatible with 802.11b
Due to their relatively high costs the major
applications are in the LAN-to-LAN link area where the
bandwidth requirements are highest
41. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
42. 802.11g
It released in In 2002 and 2003
802.11g attempts to combine the best of both 802.11a and
802.11b
it uses the 2.4 GHz frequency for greater range
802.11g supports data rate up to 54 Mbps
100-150 feet range
802.11g is backwards compatible with 802.11b, meaning
that 802.11g access points will work with 802.11b
wireless network adapters and vice versa.
43. 802.11g 802.11a 802.11b
2.4 GHz 5.8 GHz 2.4 GHz
Operating
Frequency
54Mbps up to 54Mbps 1, 2, 5.5, 11Mbps
Transfer Rate
(theoretical)
20 - 30 Mbps (average) 20 - 36 Mbps (average) 4Mbps (average) Transfer Rate
(throughput)
Complimentary Code
Keying (CCK), OFDM
Orthogonal Frequency
Division Multiplexing
(OFDM)
Direct Sequence Spread
Spectrum (DSSS)
Mechanism
3 (1, 6, 11) 12 (all non-overlapping) 11 (3 non-overlapping)
Channels
Available
175ft. 80ft. 175ft. Maximum
Range
Other 2.4GHz devices,
like cordless phones,
may disrupt connection
Not compatible with
802.11b, 802.11g
Other 2.4GHz devices,
like cordless phones,
may disrupt connection
Compatibility
44. 802.11g 802.11a 802.11b
• fastest maximum speed
• supports more
simultaneous users
• Faster than 802.11b and
better range than
802.11a
• signal range is best and
is not easily obstructed
• fastest maximum speed
• supports more
simultaneous users
• regulated frequencies
prevent signal
interference from other
devices
• provide more bandwidth
• lowest cost
• signal range is best
and is not easily
obstructed
Advantages
• costs more than
802.11b
• appliances may
interfere on the
unregulated signal
frequency
• Less range than 802.11b
• Not as widely
implemented
• highest cost
• shorter range signal that
is more easily obstructed
• slowest maximum
speed
• supports fewer
simultaneous
users
• appliances may
interfere on the
unregulated
frequency band
Disadvantages
Laptop computers Laptop computers,
PDAs, cell phones
Laptop computers,
PDAs, cell phones
Devices
45. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
46. I. Data interception
Is the practice of listening in on the
transmissions of various wireless
network users.
47. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
48. II. Network intrusion(Cracking)
An unsecured wireless network gives
hackers the perfect gateway to an business
or organization's internal network.
the hacker steal or destroy information on
the network instead of free Internet access.
49. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
51. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
52. IV.Denial of service
attacks make the network unusable by
sending out false requests.
The 802.11 standard's network access
method is based on the CSMA/CA protocol
53. CSMA/CA access method
every machine is free to communicate at
any given time
The station that wants to transmit listens to
the network.
IV.Denial of service
54. I. The station transmits a "Ready To Send " message
(containing information on the amount of data that it wishes to
send, and its transmission speed.
III. The receiver (generally an access point) responds with a
"Clear To Send" message (CTS), and then the station starts
sending data.
V. When all the data sent by the station has been received, the
receiver sends an acknowledgement notice (ACK).
CSMA/CA access method
55.
56. A hacker sent packets requesting for a
station to become disassociated from the
network.
This false requests make the network
unusable
IV.Denial of service
57. So,What Are The Solutions For
Wireless Network Security ?
Are This Solutions Effective?
58. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
60. the wireless access point or router
typically broadcasts the network name
SSID (Service Set Identifier)over the air.
The purpose of the SSID is to broadcast
the availability of the wireless network
and invite devices within range of the
signal to connect.
Disable SSID Broadcast
S.#1
61. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
63. MAC address ?
MAC address
Media Access Control address.
A unique hardware number that identifies
each device on a network. A device can be a
computer, printer,
S.#2
64. Mac Address Filtering
• Give my access point a list of allowed clients by
their Mac Address…
• allows only machines with specific MAC
addresses to access the network.
S.#2
65. Are This Solution Effective?
• The MAC address is the front of every packet
sent, Anyone with packet sniffing (network
monitor) software instantly sees all the
authorized MAC addresses for the wireless
network. They capture even one packet,
they've got the MAC address that they can
spoof.
66. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison
70. Wired Equivalent Privacy (WEP)
Is a security protocol, specified in the IEEE
Wireless Fidelity (Wi-Fi) standard, 802.11b, that
is designed to provide a wireless local area
network (WLAN) with a level of security and
privacy comparable to what is usually expected
of a wired LAN.
WEP uses the stream cipher RC4
S.#3
71. Standard 64-bit WEP uses a 40 bit key which is
concatenated with a 24-bit initialization vector
(IV) to form the RC4 traffic key
RC4 keystream XORed with plaintext
Wired Equivalent Privacy (WEP)
S.#3
74. Are This Solutions Effective?
A WEP connection can be cracked with
readily available software within minutes.
Thus WEP is broken!!!
75. WEP Encryption Continued…
• Most systems that support encryption will
support WEP…
• People still might use it because of the lack of
hardware support for other encryptions
• WEP is better than an open access point
77. • WPA / WPA2 is the other type of encryption
• WPA (Wi-Fi Protected Access)
• WPA uses TKIP (Temporal Key Integrity
Protocol) along with RC4 encryption which
changes the key often enough to make it secure
Wi-Fi Protected Access (WPA)
78. WPA Encryption Continued…
• WPA2 uses AES (Advanced Encryption
Standard)encryption it doesn't use the RC4
encryption
• WPA2 is a more industrial strength form of WPA
encryption it uses AES encryption
• AES is much more hardware and processor
intensive and so relatively newer hardware will
only be able to run WPA2
79. Solutions to “open” WiFi
WPA Encryption Keys…
• With WPA we either have:
• A static, pre-shared key or
• Keys which are being assigned by a centralized
server to receive a key users authenticate
themselves with their own password and
credentials.
80. Solutions to “open” WiFi
WPA Encryption Keys…
• WPA in the home environment:
• It is mostly the case that you’ll be using a single
pre-shared key, which is completely safe as long as
the passphrase that generates the key is safe up to
63 characters long!
81. Solutions to “open” WiFi
WPA Encryption Keys…
Example of a bad passphrase:
2everybody0canhavea0ccesstomywifi7
Example of a good passphrase:
oU[z[@=5UV)L5K- PXg^Sl(X>bD}%M3k
gjLTX(S6]YVd+7;Q^pN?TM)m.)'{x#s%
82. WPA Encryption Continued…
• How to deal with older hardware:
• Older hardware, which is not as strong, will tend
to be using the RC4 encryption
• RC4 has been made safe by changing its keys all
the time using TKIP, the Temporal Key Integrity
Protocol.
• TKIP makes RC4 safe where it wasn't safe before
in WEP legacy-style encryption.
83. So in Summary …
• Newer hardware that is stronger might be capable of
using a different cryptography technology called AES.
• The lowest common denominator will be WPA with a
pre-shared key using TKIP technology encryption, which
drives RC4.
84. Outlines
1. Definitions
2. What is Wi-Fi?
3. Wi-Fi Network
4. Wi-Fi standards
* 802.11
Standard Position
Standard Architecture
Frame Format
* 802.11b
* 802.11a
* 802.11g
5. Security risks
I. Data interception
III. Network intrusion
V. Radio jamming
VII. Denial of service
6. Security Solutions
I. Solution # 1
II. Solution # 2
III. Solution # 3
7. WI-FI&WIMAX comparison