The document provides an overview of wireless network security, focusing on IEEE 802.11 standards, security vulnerabilities, and recommended solutions. It details different Wi-Fi standards and emphasizes the importance of encryption, filtering, and network precautions to enhance security. Finally, it discusses potential threats such as packet sniffing and suggests best practices for securing wireless networks.

1. Securing a Wireless Network

2. Wireless Network SecurityPresented by :Aurobindo Nayak Regd.No.>0701288307

3. AGENDA:Wireless network overviewIEEE SpecificationsSecurity considerationsSecurity vulnerabilitiesSolutions and precautionsQuestions and comments

4. Wi-Fi is an abbreviation for Wireless Fidelity and a catch all phrase for the several different standards and recommendations that comprise wireless networking. Wi-Fi enables the user to deploy a computer network without needing to run cable throughout the facility.What is Wi-Fi:

5. Standards:IEEE 802.11.b –2.4GHz – 11MbpsIEEE 802.11.a – 5GHz – 54 MbpsIEEE 802.11g – 2.4Ghz – Hybrid 11/54Mbps

6. IEEE 802.11.a 5GHz – 54MbpsInternational standard for wireless networking that operates in the 5 GHz frequency range (5.725 GHz to 5.850 GHz) with a maximum 54 Mbps data transfer rate. The 5 GHz frequency band is not as crowded as the 2.4 GHz frequency, because the 802.11a specification offers more radio channels than the 802.11b. These additional channels can help avoid radio and microwave interference. Cost of 802.11a equipment is approximately twice that of 802.11b and current deployment is limited.

7. IEEE 802.11.b 2.4GHz – 11MbpsInternational standard for wireless networking that operates in the 2.4 GHz frequency range (2.4 GHz to 2.4835 GHz) and provides a throughput of up to 11 Mbps with a range of just over 300 feet indoors. This is a very commonly used frequency. Microwave ovens, cordless phones, medical and scientific equipment, as well as Bluetooth devices, all work within the 2.4 GHz frequency band. 802.11b enables transfers of up to 11 Mbps. Comparable to 10BaseT in speeds, 802.11b is the most common wireless standard deployed today. In comparison T1 speeds are 1.54Mbps and DSL is normally in the 640Kbps range.

8. Securing a Wireless Network: Most wireless networks today use the 802.11 standard for communication. 802.11b became the standard wireless ethernet networking technology for both business and home in 2000. The IEEE 802.11 Standard is an interoperability standard for wireless LAN devices, that identifies three major distribution systems for wireless data communication: Direct Sequence Spread Spectrum (DSSS) Radio TechnologyFrequency Hopping Spread Spectrum (FHSS) Radio TechnologyInfrared Technology

9. Independent Basic Service Set (IBSS)

10. [Basic Service Set (BSS)] Network

11. Extended Service Set (ESS) Network

12. Security (Encryption, Content Filtering, Privacy, etc.)Encryption:Encryption on the pubic network can be used but would create administrative overhead. Encryption keys would have to be changed regularly and anyone using their own laptop would have to be given the key.

13. Encryption works best in a network that does not allow people to use their own laptops.Content Filtering & Proxy Servers:Web content filtering that has generally been software on the desktop would have to be handled by a server if people are allowed to use their own laptops.

14. Proxy servers allow you to control what information people have access to. This is a good practice anyway, allowing you to control at a global level what information travels over your network. It also allows you to track usage.Security Vulnerabilities:packet sniffing - war drivers; hi-gain antenna

15. War driver mapping

16. Antenna on the Cheap (er, Chip) - Pringle's can’s antenna

17. traffic redirection - modifying ARP tables

18. resource stealing - using a valid station's MAC address

19. rogue networks and station redirection [network administrators also rely on manufacturers' default Service Set IDentifiers (SSIDs)

20. DoS (any radio source including 2.4 Ghz cordless phones)WEP uses the RC4 encryption algorithm, known as a stream cipher. A stream cipher expands a short key into infinite pseudo-random key stream. The sender XORs the key stream with the plaintext to produce cipher text. The receiver has a copy of the same key, and uses it to generate identical key stream. XORing the key stream with the cipher text yields the original plaintext.

21. If an attacker flips a bit in the cipher text, then upon decryption, the corresponding bit in the plaintext will be flipped. Also, if an eavesdropper intercepts two cipher texts encrypted with the same key stream, it is possible to obtain the XOR of the two plaintexts. Once one of the plaintexts becomes known, it is trivial to recover all of the others.

22. IEEE 802.1X: This standard, supported by Windows XP, defines a framework for MAC-level authentication. Susceptible to session-hijacking and man-in-the-middle attacks. Security Solutions:Advanced Encryption Standard (AES) encryption [IEEE 802.11i]

23. "Key-hopping" technology that can change the encryption key as often as every few seconds.

24. EAP-TTLS (Extensible Authentication Protocol (EAP) -Tunneled Transport Layer Security)

25. Enhanced Security Network (ESN) - Extended Service Set with : enhanced authentication mechanism for both STAs and APs based on 802.11x enhanced data encapsulation using AES dynamic, association-specific cryptographic keys key management

26. Wireless Protocol Analyzers:check for unknown MAC (Media Access Control) addresses and alert the network manager

27. log attempts to gain unauthorized access to the network

28. filter access attempts based on the type of network card

29. conduct site survey of traffic usage

30. find dead zones in the wireless networkWireless Security PrecautionsChange default names Add passwords to all devices Disable broadcasting on network hubs Don't give the network a name that identifies your company Move wireless hubs away from windows Use the built-in encryption Disable the features you don't use Put a firewall between the wireless network and other company computers Encrypt data Regularly test wireless network security

31. Questions? Comments?