Wireless Network Security - Electronics â€“ Online Distance

Security Awareness

Wireless Network Security

Attacks on Wireless Networks

• Three-step process

– Discovering the wireless network

– Connecting to the network

– Launching assaults

Security Awareness, 3rd Edition 2

Discovering

• Beaconing

– At regular intervals, a wireless router sends a signal

to announce its presence

• Scanning

– Wireless device looks for the incoming beacon

information

• Wireless location mapping

– Also known as war driving

– Finding a beacon from a wireless network and

recording information about it


Discovering (cont’d.)

• Tools needed for war driving

– Mobile computing device

– Wireless NIC adapter

– Antenna

• Omnidirectional antenna

– Global positioning system (GPS) receiver

– Software


Discovering (cont’d.)

Figure 5-8 USB wireless NIC


Course Technology/Cengage Learning

Connecting

• Service Set Identifier (SSID)

– ‘‘Network name’’ and can be any alphanumeric

string from 2 to 32 characters

• Wireless networks are designed to freely distribute

their SSID

• Once a wireless device receives a beacon with the

SSID, it can then attempt to join the network

– Virtually nothing that an attacker must do in order to

connect


3rd

Connecting (cont’d.)

Figure 5-9 Connecting to a wireless network



Connecting (cont’d.)

• Some wireless security sources encourage users

to configure APs to prevent the beacon from

including the SSID

– Does not provide protection


Launching Assaults

• Eavesdropping

– Attackers can easily view the contents of

transmissions from hundreds of feet away

– Even if they have not connected to the wireless

network


Launching Assaults (cont’d.)

• Wired Equivalent Privacy (WEP)

– Ensure that only authorized parties can view

transmitted wireless information

– Encrypts information into ciphertext

– Contains a serious flaw

– Attacker can discover a WEP key in less than one

minute



• Stealing data

– Once connected attacker treated as “trusted user”

– Has access to any shared data

• Injecting malware

– “Trusted user” enters from behind the network’s

firewall

– Can easily inject malware

• Storing illegal content

– Can set up storage on user’s computer and store

content



• Launching denial of service (DoS) attacks

– Denial of service (DoS) attack

• Designed to prevent a device from performing its

intended function

– Wireless DoS attacks

• Designed to deny wireless devices access to the

wireless router itself

– Packet generator

• Create fake packets; flood wireless network with traffic

– Disassociation frames

• Communication from a wireless device that indicates

the device wishes to end the wireless connection



Figure 5-13 DoS attack using disassociation frames




• Impersonating a legitimate network

– Attackers will often impersonate legitimate networks

in restaurants, coffee shops, airports, etc.

– Does not require wireless router

– Ad hoc or peer-to-peer network

– Once the connection is made

• Attacker might be able to directly inject malware into

the user’s computer or steal data


Wireless Network Defenses

• Secure the home wireless network

• Use an unprotected public wireless network in the

most secure manner possible


Securing a Home Wireless Network

• Locking down the wireless router

– Create username and password

– Do not use default password

– Typical settings on the wireless router login security

screen

• Router Password

• Access Server

• Wireless Access Web

• Remote Management



(cont’d.)

Figure 5-15 Wireless router login security screen




(cont’d.)

• Limiting users

– Restrict who can access network by MAC address

• MAC address filter

– Dynamic Host Configuration Protocol (DHCP)

• Wireless routers distribute IP addresses to network

devices

• Properly configuring settings

• DHCP lease


3rd


(cont’d.)

Figure 5-16 MAC address filter




(cont’d.)

• Turning on Wi-Fi protected access 2 (WPA2)

– Personal security model

– Designed for single users or small office settings

– Parts

• Wi-Fi Protected Access (WPA)

• Wi-Fi Protected Access 2 (WPA2)

– To turn on WPA2

• Choose security mode

• Select WPA Algorithm

• Enter shared key



(cont’d.)

Figure 5-18 Security Mode options




(cont’d.)

Figure 5-19 WPA Algorithms setting




(cont’d.)

• Configuring network settings

– Network Address Translation (NAT)

• Hides the IP addresses of network devices from

attackers

• Private addresses

• NAT removes the private IP address from the sender’s

packet and replaces it with an alias IP address

– Port address translation (PAT)

• Each packet is sent to a different port number



(cont’d.)

– Virtual local area networks (VLANs)

• Segment users or network equipment in logical

groupings

• Creates a separate virtual network for each user of the

wireless network

– Demilitarized Zone (DMZ)

• Separate network that sits outside the secure network

perimeter

• Limits outside access to the DMZ network only



(cont’d.)

Figure 5-21 Demilitarized zone (DMZ)




(cont’d.)

– Port forwarding

• More secure than DMZ

• Opens only the ports that need to be available


Using a Public Wireless Network

Securely

• Turning on a personal firewall

– Runs as a program on the user’s local computer

– Operates according to a rule base

– Rule options

• Allow

• Block

• Prompt

– Stateless packet filtering

– Stateful packet filtering

• Provides more protection


Using a Public Wireless Network

Securely (cont’d.)

• Virtual Private Networks (VPNs)

– Uses an unsecured public network as if it were a

secure private network

– Encrypts all data that is transmitted between the

remote device and the network

– Advantages

• Full protection

• Transparency

• Authentication

• Industry standards


Figure 5-22 Virtual private network (VPN)



Documents

Wireless Network Security - Electronics â€“ Online Distance