The document discusses security issues with 802.11b wireless LANs. It identifies 7 categories of risks: insertion attacks, interception of traffic, jamming, client-to-client attacks, brute force password attacks, encryption attacks, and misconfigurations. Default access point settings like SSIDs and passwords leave them vulnerable if not changed. Proper configuration of wireless access points, firewalls, intrusion detection, and encryption are recommended to secure a wireless network.
It is a PPT on Wireless LAN Security,made by ARPIT BHATIA(student of Sri Guru Nanak Public School, Adarsh Nagar) for Informatics Practices project.It has all necessary information with pictures about the wireless LAN. This PPT is made only for Educational Purpose.
"Security & Privacy in WLAN - A Primer and Case Study"
The objective of this paper is to illustrate a primer on Wireless Local Area Network (WLAN) security issues along with an experiment on WLAN penetration test in a live network.
It is a PPT on Wireless LAN Security,made by ARPIT BHATIA(student of Sri Guru Nanak Public School, Adarsh Nagar) for Informatics Practices project.It has all necessary information with pictures about the wireless LAN. This PPT is made only for Educational Purpose.
"Security & Privacy in WLAN - A Primer and Case Study"
The objective of this paper is to illustrate a primer on Wireless Local Area Network (WLAN) security issues along with an experiment on WLAN penetration test in a live network.
An open, unencrypted wireless network can 'sniff' or capture and record the traffic, gain unauthorized access to internal network resources as well as to the internet, and then use the information and resources to perform disruptive or illegal acts.Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security. Wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks.The risks to users of wireless technology have increased as the service has become more popular.As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources.
A presentation which on Wireless Network Security. It contains Introduction to wireless networking, security threats and risks, best practices on using wireless networks.
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
These slides include discussion on important Wi-Fi security issues and the solutions available to address them. Enterprises which need to secure their networks from Wi-Fi threats in order to protect their information assets, prevent unauthorized use of their network, enforce no-Wi-Fi zones, and meet regulatory compliance for themselves and their clients will benefit from this discussion.
Security Delivery Platform: Best practicesMihajlo Prerad
Security Delivery Platform: Best practices
The traditional Security model was one that operated under simple assumptions. Those assumptions led to deployment models which in todays’ world of cyber security have been proven to be quite vulnerable and inadequate to growing amount and diversity of threats.
A Security Delivery Platform addresses the above considerations and provides a powerful solution for deploying a diverse set of security solutions, as well as scaling each security solution beyond traditional deployments. Such platform delivers visibility into the lateral movement of malware, accelerate the detection of ex-filtration activity, and could significantly reduce the overhead, complexity and costs associated with such security deployments.
In today’s world of industrialized and well-organized cyber threats, it is no longer sufficient to focus on the security applications exclusively. Focusing on how those solutions get deployed together and how they get consistent access to relevant data is a critical piece of the solution. A Security Delivery Platform in this sense is a foundational building block of any cyber security strategy.
When setting up and maintaining Wi-Fi home networks, consider these tips for maximizing the security of the computers and data on these networks.
Securing Wireless Networks by maximizing the security of 802.11 standard and minimizing the Risk on Wireless network
This presentation describes the WEP issued in the original IEEE 802.11 and points out it's weakness and how can attacks be executed. Also, it summarizes the best practices to introduce security to the Wireless enviroment.
Wireless LAN Security, Policy, and Deployment Best PracticesCisco Mobility
The current state of wireless security, covering wireless device access, preventing rogue threats and addressing wireless attacks. Special focus on device profiling and policy covering how to prevent unauthorized (such as smartphones and tablets) from accessing the network. Learn More: http://www.cisco.com/go/wireless
An open, unencrypted wireless network can 'sniff' or capture and record the traffic, gain unauthorized access to internal network resources as well as to the internet, and then use the information and resources to perform disruptive or illegal acts.Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security. Wireless networks relatively easy to break into, and even use wireless technology to hack into wired networks.The risks to users of wireless technology have increased as the service has become more popular.As a result, it is very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources.
A presentation which on Wireless Network Security. It contains Introduction to wireless networking, security threats and risks, best practices on using wireless networks.
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
These slides include discussion on important Wi-Fi security issues and the solutions available to address them. Enterprises which need to secure their networks from Wi-Fi threats in order to protect their information assets, prevent unauthorized use of their network, enforce no-Wi-Fi zones, and meet regulatory compliance for themselves and their clients will benefit from this discussion.
Security Delivery Platform: Best practicesMihajlo Prerad
Security Delivery Platform: Best practices
The traditional Security model was one that operated under simple assumptions. Those assumptions led to deployment models which in todays’ world of cyber security have been proven to be quite vulnerable and inadequate to growing amount and diversity of threats.
A Security Delivery Platform addresses the above considerations and provides a powerful solution for deploying a diverse set of security solutions, as well as scaling each security solution beyond traditional deployments. Such platform delivers visibility into the lateral movement of malware, accelerate the detection of ex-filtration activity, and could significantly reduce the overhead, complexity and costs associated with such security deployments.
In today’s world of industrialized and well-organized cyber threats, it is no longer sufficient to focus on the security applications exclusively. Focusing on how those solutions get deployed together and how they get consistent access to relevant data is a critical piece of the solution. A Security Delivery Platform in this sense is a foundational building block of any cyber security strategy.
When setting up and maintaining Wi-Fi home networks, consider these tips for maximizing the security of the computers and data on these networks.
Securing Wireless Networks by maximizing the security of 802.11 standard and minimizing the Risk on Wireless network
This presentation describes the WEP issued in the original IEEE 802.11 and points out it's weakness and how can attacks be executed. Also, it summarizes the best practices to introduce security to the Wireless enviroment.
Wireless LAN Security, Policy, and Deployment Best PracticesCisco Mobility
The current state of wireless security, covering wireless device access, preventing rogue threats and addressing wireless attacks. Special focus on device profiling and policy covering how to prevent unauthorized (such as smartphones and tablets) from accessing the network. Learn More: http://www.cisco.com/go/wireless
Ever feel confined when you’re plugged in and stuck at a desktop? Well with the invention of broadband wireless Internet the accessibility and mobility is boundless. The presentation will look at the differences between wireless and plugged-in Internet, as well as how this Wireless connection has impacted urban spaces and our social life. [Click the image]
Comparative Analysis of Power System Stabilizer using Artificial Intelligence...ijsrd.com
Power system stabilizers (PSSs) are used to enhance the damping during low frequency oscillations. The paper presents study of power system stabilizer using fuzzy logic and neural network to enhance stability of single machine infinite bus system. In this paper basic problem of conventional power system stabilizer for stability enhancement is defined which is traditionally used. Artificial intelligence techniques provide one alternative for stability enhancement and speed deviation (Δw). The proposed method using Artificial intelligence techniques achieves better improvement than conventional power system stabilizer. Fuzzy logic rules were developed for triangular membership function of input and output variables. Neuro controller is implemented and it is compared with reference model. The system is simulated in SIMULINK environment and the performances of conventional, Fuzzy based and Neural network based power system stabilizers are compared.
Power Quality Enhancement in Power Distribution system using Artificial intel...sundar balan
Dynamic voltage Restorer
Artificial intelligence based Dynamic voltage restorer
DVR
Artificial neural network based DVR dynamic voltage restorer
Harmonics voltage harmonics voltage sag voltage swell
Power Quality Enhancement in Power Distribution system using Artificial intelligence based Dynamic Voltage Restorer
IRIS BIOMETRIC RECOGNITION SYSTEM EMPLOYING CANNY OPERATORcsitconf
Biometrics has become important in security applications. In comparison with many other
biometric features, iris recognition has very high recognition accuracy because it depends on
iris which is located in a place that still stable throughout human life and the probability to find
two identical iris's is close to zero. The identification system consists of several stages including
segmentation stage which is the most serious and critical one. The current segmentation
methods still have limitation in localizing the iris due to circular shape consideration of the
pupil. In this research, Daugman method is done to investigate the segmentation techniques.
Eyelid detection is another step that has been included in this study as a part of segmentation
stage to localize the iris accurately and remove unwanted area that might be included. The
obtained iris region is encoded using haar wavelets to construct the iris code, which contains
the most discriminating feature in the iris pattern. Hamming distance is used for comparison of
iris templates in the recognition stage. The dataset which is used for the study is UBIRIS
database. A comparative study of different edge detector operator is performed. It is observed
that canny operator is best suited to extract most of the edges to generate the iris code for
comparison. Recognition rate of 89% and rejection rate of 95% is achieved.
SECURING IEEE 802.11G WLAN USING OPENVPN AND ITS IMPACT ANALYSISIJNSA Journal
Like most advances, wireless LAN poses both opportunities and risks. The evolution of wireless networking in recent years has raised many serious security issues. These security issues are of great concern for this technology as it is being subjected to numerous attacks. Because of the free-space radio transmission in wireless networks, eavesdropping becomes easy and consequently a security breach may result in unauthorized access, information theft, interference and service degradation. Virtual Private Networks (VPNs) have emerged as an important solution to security threats surrounding the use of public networks for private communications. While VPNs for wired line networks have matured in both research and commercial environments, the design and deployment of VPNs for WLAN is still an evolving field. This paper presents an approach to secure IEEE 802.11g WLAN using OpenVPN, a transport layer VPN solution and its impact on performance of IEEE 802.11g WLAN.
Two industry trends are converging - 802.11ac and the need for personalizing user’s mobile experiences to deliver anytime, anywhere access without wreaking havoc on network operations and cost controls. This paper discuss two approaches for efficient WLAN design. Both let you integrate 802.11ac into your WLAN and help lay the foundation for future, high-speed technologies.
Wireless networks are accessible to anyone within the router’s transmission radius. This makes them vulnerable to attacks. Hotspots are available in public places such as airports, restaurants, parks, etc.
In this module, we will introduce you to common techniques used to exploit weaknesses in wireless network security implementations. We will also look at some of the countermeasures you can put in place to protect against such attacks.
You have persuaded XelPharms CIO that wireless networking would be.pdfarpittradersjdr
You have persuaded XelPharm\'s CIO that wireless networking would benefit many of the
company\'s employees. However, he requests that you plan the
network carefully and begin with a pilot network before migrating hundreds of clients to use
wireless technology. You decide to begin with a pilot network
in the distribution facility. The distribution facility is 200 feet long by 120 feet wide. It houses
45 employees during each shift, all on the same floor. What is
your first step in planning the pilot network? As part of your later planning, draw the network,
including the quantity and optimal placement of access points. What pitfalls, some unique to this
environment, are you careful to avoid? What wireless standard do you recommend and why?
Solution
There are many factors that need to consider before developing wireless network like cost,
bandwidth, use and devices that need to deploy in network following are some points that need
to consider for planning network
There are a number of reasons for a company to implement wireless networking. Wi-fi makes it
much easier for workers to connect to the LAN from their laptops in conference rooms, break
rooms, and other areas that may not have wired Ethernet jacks (or may not have enough for the
number of people present).
A wireless network also provides a way for you to allow visitors to access the Internet with their
laptops or handhelds (for example, to check their e-mail).Rolling out a wireless LAN within your
organization, however, is more complicated than just plugging in a wireless access point (WAP).
You need to address a number of factors in the planning stage to ensure both accessibility and
security.
Steps to pilot network:-
1) Establish a pilot that will test and confirm how wireless can work within your business
campus and needs.
2) Tie in Internet access and a robust data security system.
3) Install wireless access points, and equip notebook PCs for wireless use (e.g., provide PC cards
or upgrade to PCs with integrated wireless connectivity built in).
4) Train and turn your participants loose with their wireless notebook PCs. 5 After the pilot,
build on what you learn to broaden your wireless LAN (WLAN) to cover other areas and users.
Here are some of the things you should consider as you prepare to go wireless :-
The first step in planning your wi-fi deployment is to determine who will be using your wireless
network. This can affect network design. If the wireless network is primarily to give visitors
Internet access, you will want to isolate it from your wired LAN, perhaps by placing it in a
DMZ. If the wireless LAN is for the use of your workers, you will need to give them access to
resources on the wired corporate network without compromising the security of the main LAN.
If both outsiders and employees need wireless, you may want to establish two separate WLANs
to meet the needs of each.
The next step is to look at what type of traffic will flow over the WLAN. This analysis is
necessa.
The definitive guide for evaluating enterprise WLAN networksAerohive Networks
It is crucial to thoroughly understand the systems management capabilities of any WLAN being considered, since this will be the largest ongoing expense of the overall deployment. The vendor should list and clearly describe every element of the central management system required. Learn how to evaluate properly by reading Aerohive's 2014 WLAN Definitive Guide.
Research Inventy : International Journal of Engineering and Scienceinventy
Research Inventy : International Journal of Engineering and Science is published by the group of young academic and industrial researchers with 12 Issues per year. It is an online as well as print version open access journal that provides rapid publication (monthly) of articles in all areas of the subject such as: civil, mechanical, chemical, electronic and computer engineering as well as production and information technology. The Journal welcomes the submission of manuscripts that meet the general criteria of significance and scientific excellence. Papers will be published by rapid process within 20 days after acceptance and peer review process takes only 7 days. All articles published in Research Inventy will be peer-reviewed.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
1. An ISS Technical White Paper
Wireless LAN Security
802.11b and Corporate Networks
6303 Barfield Road · Atlanta, GA 30328 Tel: 404.236.2600 · Fax: 404.236.2626
2. WWireWireless Lan Security 802.11b Wireless LAN Security
Introduction
Although a variety of wireless network technologies have or will soon reach the general business
market, wireless LANs based on the 802.11 standard are the most likely candidate to become
widely prevalent in corporate environments. Current 802.11b products operate at 2.4GHz, and
deliver up to 11Mbps of bandwidth – comparable to a standard Ethernet wired LAN in
performance. An upcoming version called 802.11a moves to a higher frequency range, and
promises significantly faster speeds. It is expected to have security concerns similar to 802.11b.
This low cost, combined with strong performance and ease of deployment, mean that many
departments and individuals already use 802.11b, at home or at work – even if IT staff and
security management administrators do not yet recognize wireless LANs as an approved
technology. This paper addresses the security concerns raised by both current and upcoming
802.11 network technologies.
Wireless LAN Business Drivers
Without doubt, wireless LANs have a high gee-whiz factor. They provide always-on network
connectivity, but don’t require a network cable. Office workers can roam from meeting to meeting
throughout a building, constantly connected to the same network resources enjoyed by wired,
desk-bound coworkers. Home or remote workers can set up networks without worrying about how
to run wires through houses that never were designed to support network infrastructure.
Wireless LANS may actually prove less expensive to support than traditional networks for
employees that need to connect to corporate resources in multiple office locations. Large hotel
chains, airlines, convention centers, Internet cafes, etc., see wireless LANs as an additional
revenue opportunity for providing Internet connectivity to their customers. Wireless is a more
affordable and logistically acceptable alternative to wired LANs for these organizations. For
example, an airline can provide for-fee wireless network access for travelers in frequent flyer
lounges – or anywhere else in the airport.
Market maturity and technology advances will lower the cost and accelerate widespread adoption
of wireless LANs. End-user spending, the primary cost metric, will drop from about $250 in 2001
to around $180 in 2004 (Gartner Group). By 2005, 50 percent of Fortune 1000 companies will
have extensively deployed wireless LAN technology based on evolved 802.11 standards (0.7
probability). By 2010, the majority of Fortune 2000 companies will have deployed wireless LANs
to support standard, wired network technology LANs (0.6 probability).
Reality Check
For the foreseeable future wireless technology will complement wired connectivity in enterprise
environments. Even new buildings will continue to incorporate wired LANs. The primary reason is
that wired networking remains less expensive than wireless. In addition, wired networks offer
greater bandwidth, allowing for future applications beyond the capabilities of today’s wireless
systems.
Although it may cost 10 times more to retrofit a building for wired networking (initial construction
being by far the preferred time to set up network infrastructure), wiring is only a very small fraction
of the cost of the overall capital outlay for an enterprise network. For that reason, many
corporations are only just testing wireless technology. This limited acceptance at the corporate
level means few access points with a limited number of users in real world production
environments, or evaluation test beds sequestered in a lab. In response, business units and
individuals will deploy wireless access points on their own. These unauthorized networks almost
certainly lack adequate attention to information security, and present a serious concern for
protecting online business assets.
Finally, the 802.11b standard shares unlicensed frequencies with other devices, including
Bluetooth wireless personal area networks (PANs), cordless phones, and baby monitors. These
technologies can, and do, interfere with each other. 802.11b also fails to delineate roaming
An ISS Technical White Paper Page 1
3. WWireWireless Lan Security 802.11b Wireless LAN Security
(moving from one cell to another), leaving each vendor to implement a different solution. Future
proposals in 802.11 promise to address these shortcomings, but no shipping products are on the
immediate horizon.
Wireless Security In The Enterprise
802.11b’s low cost of entry is what makes it so attractive. However, inexpensive equipment also
makes it easier for attackers to mount an attack. “Rogue” access points and unauthorized, poorly
secured networks compound the odds of a security breach.
The following diagram depicts an intranet or internal network that is properly configured to handle
wireless traffic, with two firewalls in place, plus intrusion detection and response sensors to
monitor traffic on the wireless segment. One firewall controls access to and from the Internet. The
other controls access to and from the wireless access point. The access point itself is the bridge
that connects mobile clients to the internal network.
The access point has a dedicated IP address for remote management via SNMP (Simple
Network Management Protocol). The wireless clients themselves – usually laptops or desktops
and handhelds – may also use SNMP agents to allow remote management. As a result, each of
these devices contains a sensor to ensure that each unit is properly configured, and that these
configurations have not been improperly altered. The network itself is regularly monitored to
identify access points in operation, and verify that they are authorized and properly configured.
While this paper focuses on the risk issues from a corporate network perspective, these same
issues apply to home networks, telecommuters using wireless, and “public use” networks such as
those being set up by Microsoft to allow wireless Internet access at select Starbucks locations.
Remote users are now able to access internal corporate resources from multiple types of foreign
networks. Even organizations without internal wireless networks must take wireless into account
as part of their overall security practices.
Known Risks
Although attacks against 802.11b and other wireless technologies will undoubtedly increase in
number and sophistication over time, most current 802.11b risks fall into seven basic categories:
§ Insertion attacks
§ Interception and unauthorized monitoring of wireless traffic
§ Jamming
An ISS Technical White Paper Page 2
4. WWireWireless Lan Security 802.11b Wireless LAN Security
§ Client-to-Client attacks
§ Brute force attacks against access point passwords
§ Encryption attacks
§ Misconfigurations
Note that these classifications can apply to any wireless technology, not just 802.11b.
Understanding how they work and using this information to prevent their success is a good
stepping stone for any wireless solution.
Insertion Attacks
Insertion attacks are based on deploying unauthorized devices or creating new wireless networks
without going through security process and review.
§ Unauthorized Clients – An attacker tries to connect a wireless client, typically a laptop or PDA,
to an access point without authorization. Access points can be configured to require a
password for client access. If there is no password, an intruder can connect to the internal
network simply by enabling a wireless client to communicate with the access point. Note,
however, that some access points use the same password for all client access, requiring all
users to adopt a new password every time the password needs to be changed.
§ Unauthorized or Renegade Access Points – An organization may not be aware that internal
employees have deployed wireless capabilities on their network. This lack of awareness could
lead to the previously described attack, with unauthorized clients gaining access to corporate
resources through a rogue access point. Organizations need to implement policy to ensure
secure configuration of access points, plus an ongoing process in which the network is scanned
for the presence of unauthorized devices.
Interception and Monitoring of Wireless Traffic
As in wired networks, it is possible to intercept and monitor network traffic across a wireless LAN.
The attacker needs to be within range of an access point (approximately 300 feet for 802.11b) for
this attack to work, whereas a wired attacker can be anywhere where there is a functioning
network connection. The advantage for a wireless interception is that a wired attack requires the
placement of a monitoring agent on a compromised system. All a wireless intruder needs is
access to the network data stream.
There are two important considerations to keep in mind with the range of 802.11b access points.
First, directional antennae can dramatically extend either the transmission or reception ranges of
802.11b devices. Therefore, the 300 foot maximum range attributed to 802.11b only applies to
normal, as-designed installations. Enhanced equipment also enhances the risk. Second, access
points transmit their signals in a circular pattern, which means that the 802.11b signal almost
always extends beyond the physical boundaries of the work area it is intended to cover. This
signal can be intercepted outside buildings, or even through floors in multistory buildings. Careful
antenna placement can significantly affect the ability of the 802.11b signal to reach beyond
physical corporate boundaries.
§ Wireless Packet Analysis – A skilled attacker captures wireless traffic using techniques
similar to those employed on wired networks. Many of these tools capture the first part of the
connection session, where the data would typically include the username and password. An
intruder can then masquerade as a legitimate user by using this captured information to hijack
the user session and issue unauthorized commands.
§ Broadcast Monitoring – If an access point is connected to a hub rather than a switch, any
network traffic across that hub can be potentially broadcasted out over the wireless network.
Because the Ethernet hub broadcasts all data packets to all connected devices including the
wireless access point, an attacker can monitor sensitive data going over wireless not even
intended for any wireless clients.
An ISS Technical White Paper Page 3
5. WWireWireless Lan Security 802.11b Wireless LAN Security
§ Access Point Clone (Evil Twin) Traffic Interception – An attacker fools legitimate wireless
clients into connecting to the attacker’s own network by placing an unauthorized access point
with a stronger signal in close proximity to wireless clients. Users attempt to log into the
substitute servers and unknowingly give away passwords and similar sensitive data.
Jamming
Denial of service attacks are also easily applied to wireless networks, where legitimate traffic can
not reach clients or the access point because illegitimate traffic overwhelms the frequencies. An
attacker with the proper equipment and tools can easily flood the 2.4 GHz frequency, corrupting
the signal until the wireless network ceases to function. In addition, cordless phones, baby
monitors and other devices that operate on the 2.4 GHz band can disrupt a wireless network
using this frequency. These denials of service can originate from outside the work area serviced
by the access point, or can inadvertently arrive from other 802.11b devices installed in other work
areas that degrade the overall signal.
Client-to-Client Attacks
Two wireless clients can talk directly to each other, bypassing the access point. Users therefore
need to defend clients not just against an external threat but also against each other.
§ File Sharing and Other TCP/IP Service Attacks – Wireless clients running TCP/IP services
such as a Web server or file sharing are open to the same exploits and misconfigurations as
any user on a wired network.
§ DOS (Denial of Service) – A wireless device floods other wireless client with bogus packets,
creating a denial of service attack. In addition, duplicate IP or MAC addresses, both intentional
and accidental, can cause disruption on the network.
Brute Force Attacks Against Access Point Passwords
Most access points use a single key or password that is shared with all connecting wireless
clients. Brute force dictionary attacks attempt to compromise this key by methodically testing
every possible password. The intruder gains access to the access point once the password is
guessed.
In addition, passwords can be compromised through less aggressive means. A compromised
client can expose the access point. Not changing the keys on a frequent basis or when
employees leave the organization also opens the access point to attack. Managing a large
number of access points and clients only complicates this issue, encouraging lax security
practices.
Attacks against Encryption
802.11b standard uses an encryption system called WEP (Wired Equivalent Privacy). WEP has
known weaknesses (see http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html for more
information), and these issues are not slated to be addressed before 2002. Not many tools are
readily available for exploiting this issue, but sophisticated attackers can certainly build their own.
Misconfiguration
Many access points ship in an unsecured configuration in order to emphasize ease of use and
rapid deployment. Unless administrators understand wireless security risks and properly
configure each unit prior to deployment, these access points will remain at a high risk for attack or
misuse. The following section examines three leading access points, one each from Cisco,
Lucent and 3Com. Although each vendor has its own implementation of 802.11b, the underlying
issues should be broadly applicable to products from other vendors.
An ISS Technical White Paper Page 4
6. WWireWireless Lan Security 802.11b Wireless LAN Security
§ Server Set ID (SSID) – SSID is a configurable identification that allows clients to communicate
with an appropriate access point. With proper configuration, only clients with the correct SSID
can communicate with access points. In effect, SSID acts as a single shared password
between access points and clients. Access points come with default SSIDs. If not changed,
these units are easily compromised. Here are common default passwords:
“tsunami” – Cisco
”101” – 3Com
“RoamAbout Default Network Name” – Lucent/Cabletron
“Compaq” – Compaq
“WLAN” – Addtron
“intel” – Intel
“linksys” – Linksys
“Default SSID”, “Wireless” – Other manufacturers
SSIDs go over the air as clear text if WEP is disabled, allowing the SSID to be captured by
monitoring the network’s traffic. In addition, the Lucent access points can operate in Secure
Access mode. This option requires the SSID of both client and access point to match. By
default this security option is turned off. In non-secure access mode, clients can connect to the
access point using the configured SSID, a blank SSID, or an SSID configured as “any.”
§ Wired Equivalent Privacy (WEP) – WEP can be typically configured as follows:
No encryption
40 bit encryption
128 bit encryption
Most access points ship with WEP turned off. Although 128 bit encryption is more effective than
40 bit encryption, both key strengths are subject to WEP’s known flaws.
§ SNMP Community Passwords – Many wireless access points run SNMP agents. If the
community word is not properly configured, an intruder can read and potentially write sensitive
data on the access point. If SNMP agents are enabled on the wireless clients, the same risk
applies to them as well.
By default, many access points are read accessible by using the community word, “public”.
3Com access points allow write access by using the community word, ”comcomcom”. Cisco
and Lucent/Cabletron require the write community word to be configured by the user or
administrator before the agent is enabled.
§ Configuration Interfaces – Each access point model has its own interface for viewing and
modifying its configuration. Here are the current interface options for these three access points:
Cisco – SNMP, serial, Web, telnet
3Com – SNMP, serial, Web, telnet
Lucent / Cabletron – SNMP, serial (no web/telnet)
3Com access points lack access control to the Web interface for controlling configuration. An
attacker who locates a 3Com access point Web interface can easily get the SSID from the
“system properties” menu display. 3Com access points do require a password on the Web
interface for write privileges. This password is the same as the community word for write
privileges, therefore 3Com access points are at risk if deployed using the default “comcomcom”
as the password.
An ISS Technical White Paper Page 5
7. WWireWireless Lan Security 802.11b Wireless LAN Security
§ Client Side Security Risk – Clients connected to an access point store sensitive information
for authenticating and communicating to the access point. This information can be
compromised if the client is not properly configured. Cisco client software stores the SSID in the
Windows registry, and the WEP key in the firmware, where it is more difficult to access.
Lucent/Cabletron client software stores the SSID in the Windows registry. The WEP key is
stored in the Windows registry, but it is encrypted using an undocumented algorithm. 3Com
client software stores the SSID in the Windows registry. The WEP key is stored in the Windows
registry with no encryption.
§ Installation – By default, all three access points are optimized to help build a useful network as
quickly and as easily as possible. As a result, the default configurations minimize security.
Wireless Information Security Management
Process and technology are always easily confused, and never more so than with wireless
information security management. In fact, the same business processes that establish strong risk
management practices for physical assets and wired networks also work to protect wireless
resources. The following cost-effective guidelines help enable organizations to establish proper
security protections as part of an overall wireless strategy – and will continue to work in spite of
wireless networking’s rapid evolution. The following items are an introduction to this approach.
Wireless Security Policy and Architecture Design – Security policy, procedures and best
practices should include wireless networking as part of an overall security management
architecture to determine what is and is not allowed with wireless technology.
Treat Access Points As Untrusted – Access points need to be identified and evaluated on a
regular basis to determine if they need to be quarantined as untrusted devices before wireless
clients can gain access to internal networks. This determination means appropriate placement of
firewalls, virtual private networks (VPN), intrusion detection systems (IDS), and authentication
between access point and intranets or the Internet.
Access Point Configuration Policy – Administrators need to define standard security settings
for any 802.11b access point before it can be deployed. These guidelines should cover SSID,
WEP keys and encryption, and SNMP community words.
Access Point Discovery – Administrators should regularly search outwards from a wired
network to identify unknown access points. Several methods of identifying 802.11b devices exist,
including detection via banner strings on access points with either Web or telnet interfaces.
Wireless network searches can identify unauthorized access points by setting up a 2.4 GHz
monitoring agent that searches for 802.11b packets in the air. These packets may contain IP
addresses that identify which network they are on, indicating that rogue access points are
operating in the area. One important note: this process may pick up access points from other
organizations in densely populated areas.
Access Point Security Assessments – Regular security audits and penetration assessments
quickly identify poorly configured access points, default or easily guessed passwords and
community words, and the presence or absence of encryption. Router ACLs and firewall rules
also help minimize access to the SNMP agents and other interfaces on the access point.
Wireless Client Protection – Wireless clients need to be regularly examined for good security
practices. These procedures should include the presence of some or all of the following:
§ Distributed personal firewalls to lock down access to the client
§ VPNs to supplement encryption and authentication beyond what 802.11b can provide
An ISS Technical White Paper Page 6
8. WWireWireless Lan Security 802.11b Wireless LAN Security
§ Intrusion detection and response to identify and minimize attacks from intruders, viruses,
Trojans and backdoors
§ Desktop assessments to identify and repair security issues on the client device
Managed Security Services for Wireless – Managed Security Services (MSS) helps
organizations establish effective security practices without the overhead of an extensive, in-house
solution. MSS providers handle assessment, design, deployment, management and support
across a broad range of information security disciplines. This 24/7/365 solution works with the
customer to set policy and architecture, plus provides emergency response, if needed. These
services help an organization operating wireless networks to:
§ Deploy firewalls that separate wireless networks from internal networks or the Internet
§ Establish and monitor VPN gateways and VPN wireless clients
§ Maintain an intrusion detection system on the wireless network to identify and respond to
attacks and misuse before critical digital resource are placed at risk.
Internet Security Systems Wireless LAN Solutions
Internet Security Systems products and services provide a robust security management solution
for wireless LANs. These rapidly expanding offerings encompass:
Security Software Products – Internet Security Systems’ security products already protect
wireless LAN environments against known security risks. ISS’ Internet Scanner™ network
vulnerability assessment product probes networks to detect unauthorized or poorly configured
wireless access points, as represented in the diagram below.
The RealSecure™ Protection System, deployed between a wireless access point and the
corporate network, recognizes and reacts to attacks and misuse directed over the wireless LAN
(below). In addition, ISS’ renowned X-Force™ research and development team continually
update these products.
An ISS Technical White Paper Page 7
9. WWireWireless Lan Security 802.11b Wireless LAN Security
Managed Security Services – Internet Security Systems’ Managed Security Services protect
wireless LANS on a 24x7 basis through remote network assessments and tactical deployment of
remotely managed intrusion protection services. As new wireless protections are added to ISS
security products, Managed Security Services will deliver these additional capabilities to our
customers.
Security Architecture Consulting – Internet Security Systems’ Consulting Solutions Group has
in-depth security knowledge, expertise, and proven methodology required that helps
organizations assess, integrate, design, and configure their wireless LANs and surrounding
security infrastructure.
Wireless LAN Security Education – Internet Security Systems’ SecureU™ education services
organization has developed wireless LAN security content to help customers understand the
nuances of wireless LAN security and establish valid defensive techniques to minimize security
risks.
Product Updates – Internet Security Systems’ X-Force research and development team
continually adds product enhancements that deliver new protections against wireless LAN risks.
These X-Press Update™ enhancements quickly and easily integrate into existing product
installations.
An ISS Technical White Paper Page 8