Security in Wireless Networks

1
Security in Wireless Networks

• by
• Kim K Focht

2
802.11x Security
Unauthorized use of service Too easy to
access (hot spots and networks) Spoofing and
session hijacking Unencrypted networks,
unencrypted traffic Malicious traffic analysis
and eavesdropping
3
Current Internet Threat Level

• AlertCon 1 - Regular vigilance. Ordinary
  activity compromises an unprotected network
  minutes to hours after first being connected to
  the Internet.
• Vulnerabilities
• QuickTime Apple's QuickTime Player is a
  multi-platform multimedia software package. Apple
  QuickTime versions 6.5.2 and earlier are
  vulnerable to an integer overflow. A remote
  attacker could exploit this vulnerability to
  overflow the buffer and execute arbitrary code on
  the system.
• Recommendations
• QuickTime We recommend applying the Security
  Update 2004-10-27, available from the AppleCare
  Knowledge Base Document 61798.Threat Forecast
• http//www.iss.net/

4
Key Wireless Concerns

• Exposure of critical information
• Lost or stolen devices
• Mobile viruses
• E-mail viruses
• Spam

5
Tools for Security

• WEP (Wired Equivalent Privacy)
• Firewalls
• Media Access Control (MAC)
• Ad-hoc vs. Infrastructure
• VPN IPSec

6
WEP Enabled

• Specific to wireless
• 802.11b standard
• Encrypts data
• Uses 64-bit (or 256-bit) shared key algorithm
• Increases protection
• Reduces data rates
• Not enabled by default

7
Firewall

• Invented early 1990s
• Hardware and software versions
• Filters traffic
• Runs on a dedicated device
• Must be correctly configured
• Most attractive target

8
MAC Address Filtering

• Unique
• Assigned by manufacturer
• Stored in NIC cards firmware
• performs additional check
• Deny access to unauthorized clients
• Off by default

• By convention, MAC addresses are usually written
  in one of the following two formats
• MMMMMMSSSSSS
• MM-MM-MM-SS-SS-SS
• The first half of a MAC address contains the ID
  number of the adapter manufacturer. The second
  half of a MAC address represents the serial
  number assigned to the adapter by the
  manufacturer. For example, 00A0C914C829 The
  prefix 00A0C9 indicates the manufacturer is Intel
  Corporation.

9
Ad-hoc vs. Infrastructure

• Ad-hoc
• Peer-to-peer
• Small networks
• Use same SSID and channel number
• Infrastructure
• Access point
• Greater security through wired network

10
VPN IPSec

• IPSec implements VPNs
• Uses public internet
• Lower costs
• Encryption
• Authentication systems
• Many VPNs exist

11
Proactive Approaches

• Honeypots
• - fake networks
• ManTrap
• - detects both host- network-based attacks
• Intrusion Detection
• - monitors traffic on the network
• Network Monitoring
• - ie. Snort

12
Quick tips tricks

• Change default SSID
• Change default password
• Disable broadcasting SSID
• Enable MAC filtering
• Turn off shares
• Put wireless access points in hard to find
  reach spots
• Keep drivers on all wireless equipment updated
• Stay informed

13
References

• Pfleeger, Charles P. Security in Computing
• http//webopedia.com/
• http//www.iss.net/
• http//www.securitydocs.com/library/296
• URL userwww.sfsu.edu/kfocht/WirelessNetworkSecur
  ity.ppt

14
(No Transcript)