Wireless Security Attack and Defense - PowerPoint PPT Presentation

About This Presentation
Title:

Wireless Security Attack and Defense

Description:

Stock Allocation (Higher Growth, Lower Valuation) Investment Process. Top-Down (Asset, Style, Sector) Bottom-Up (Industry, Stock, Trading) ... – PowerPoint PPT presentation

Number of Views:143
Avg rating:3.0/5.0
Slides: 21
Provided by: MischelKw
Category:

less

Transcript and Presenter's Notes

Title: Wireless Security Attack and Defense


1
Wireless SecurityAttack and Defense
  • Mischel Kwon, Director Wireless Information
    Assurance
  • Office of the CIO, E-Gov
  • USDOJ

2
Agenda
  • Wirelesswhat is it?
  • Wireless - it is a new world
  • 802.11
  • Whose WAP are you using
  • War walking
  • Securing wireless at work
  • Securing 802.11 at home
  • Bluetooth
  • IrDA
  • EvDO
  • Summary

3
Wireless
4
Yesterday and Today
  • Last Year
  • The NO Wireless Policy
  • WEP
  • Captive Portals
  • This Year
  • Face it you have wireless Policy
  • WPA2 Authentication
  • VPN
  • Firewall/Policy Enforcement
  • Bluetooth in everything
  • Fake Access Points
  • WiMax
  • EvDO

5
Whose WAP are you Connected To Anyway?
Who are you connected to?
6
War Driving
  • Equipment (the rig)
  • Laptop --- 1399
  • Wireless card --- 67
  • Antenna --- 10 (homebrew)
  • Scanning Software ---Free
  • GPS (optional)

7
Equipment
  • Antennas
  • Omni-directional
  • Mast mount
  • Semi-directional
  • Yagi
  • Highly-Directional
  • Grid
  • Parabolic
  • Home Brew Antennas

8
Equipment
  • Laptops
  • Windows
  • Linux
  • Mac OS X
  • Handhelds
  • HP iPaq
  • Sharp Zaurus

9
Equipment
  • Scanning Software
  • Net Stumbler
  • www.netstumber.com
  • Airopeek
  • www.wildpackets.com
  • Wellenreiter
  • www.remote-exploit.org
  • KISMET
  • www.kismetwireless.net
  • AirSnort
  • airsnort.shmoo.org

10
Wi-Finders
http//www.kensington.com/html/3720.html
11
Securing Wireless at Work
  • The Security Policy
  • Authentication
  • Authorization
  • VPN
  • DMZ
  • Wireless on their own VLAN
  • Hardened wireless gateway
  • Device policy enforcement
  • Passwords on devices
  • Auto erase on devices when password
    authentication fails a set number of times
  • Disable, remove, scratch IrDA ports not needed
  • Physical examination of site regularly
  • Wireless Audits
  • IDS

12
Secure 802.11 at Home
  • WEP
  • RC4
  • 64 bit
  • 128 bit more secure (bit slower speed)
  • Pass phrase
  • WPA
  • Pre-shared keys
  • TKIP
  • Temporal Key Integrity Protocol. TKIP utilizes a
    stronger encryption method and incorporates
    Message Integrity Code (MIC) to provide
    additional protection. Still RC4.
  • AES
  • Advanced Encryption System, which utilizes a
    symmetric 128-Bit block data encryption.
  • Pre-shared keys with Radius
  • RADIUS uses an external RADIUS server to perform
    user authentication.

13
More Home Security
  • Mac Filtering
  • SSID
  • VPN
  • Best Practiceswhat not to do on your wireless
    segment
  • DMZ
  • Firewalls

14
Bluetooth
  • Cars
  • Phones
  • PDAs
  • Not on my laptop
  • Printers
  • Earpieces
  • Keyboard, mice
  • Coke Machines
  • EKG

15
Blue Sniffing and
  • Smurf
  • MeetingPoint
  • BTScanner
  • BlueSweep
  • BlueWatch (not free)
  • Blue Jack

16
The Blue Attack
  • Hooking up?
  • Open Microphone
  • Dialing for dollars
  • Contacts, Notes, Email

17
Securing Bluetooth
  • PIN
  • Dont be promiscuous
  • Turn it off

18
IrDA
  • Laptop
  • Phone
  • Blackberry
  • PDA
  • Keyboards/Mice
  • Is yours enabled?
  • Easy transfer
  • Banana sticker

19
EvDO
  • Evolution Data Only, Evolution Data Optimized
  • High speed
  • Always on
  • 2.4 mbps bandwidth
  • Supported by some cell phones
  • PCMCIA cards

20
Recommended References
  • NIST 800-48
  • Wireless Security Implementation Guide, Defense
    Information Systems Agency
  • Wireless Security Checklist, Defense Information
    Systems Agency
  • Open-Source Security Testing Methodology Manual,
    Institute for Security and Open Methodologies
  • Wi-Foo The Secrets of Wireless Hacking
  • Real 802.11 Security Wi-Fi Protected Access and
    802.11i
  • Wireless Security Ensuring Compliance with
    HIPAA, GLBA, SOX, DoD 8100.2 and Enterprise
    Policy, AirDefense, www.airdefense.com
  • Weaknesses in the Temporal Key Hash of WPA,
    Vebjorn Moen, Havard Raddum, Kjell Hole,
    University of Bergen, Norway
  • Security Flaws in 802.11 Data Link Protocols,
    Nancy Cam-Winget, Russ Housley, David Wagner,
    Jesse Walker
  • Securing a Wireless Network, Jon Allen, Jeff
    Wilson
  • Securing Wireless Data System Architecture
    Challenges, Ravi, Raghunathan, Potlapally,
    Computer and Communications Research Labs NEC
    USA
  • Solving the Puzzling Layers of 802.11 Security,
    Mischel Kwon
  • 802.11 Security, Praphul Chandra
  • NIST Wireless Network Security 802.11, Bluetooth
    and Handheld Devices, Tom Karygiannis, Les Owens
  • Cisco SAFE Wireless LAN Security in Depth
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Wireless Security Attack and Defense" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!