null Pune meet - Wireless Security

© ClubHack http://clubhack.com

Wireless Security

The breaking and fixing


History


Types of Security

• OPEN : No security configured X– Obviously not advised– Data is in the air in plain text and anyone can read it

• WEP : Wired Equivalent privacy X– Was broken years ago and takes 15 min to break in– Very week and not recommended– Accepts only hexadecimal password


Types of Security…

• WPA: Wi-Fi Protected Access √– Much better than WEP– Accept long password and with all possible

combinations– Easy to setup, as easy as WEP– Available in all the common wi-fi routers– A must for all home users– Will take a looong time to break in


Types of Security…

• WPA2: Advance Wi-Fi Protected Access √√– Better than WPA– Takes little more pain to setup– Advised in corporate environments– Strong encryption and authentication support


Wireless Security Standards


Description of WEP Protocol• WEP relies on a shared secret key (64 bit/128 bit) which is

shared between the sender (client) and the receiver (Access Point).

• Secret Key - to encrypt packets before they are transmitted

• Integrity Check - to ensure packets are not modified in transit.

• The standard does not discuss how shared key is established. In practice, most installations use a single key which is shared between all mobile stations and access points. 7


CHAP Authentication

Supplicant Authenticator

username

challenge

response

Accept/reject

How WEP works

IV

RC4key

IV encrypted packet

original unencrypted packet checksum

WEP Cracking Demo


Immediate Solution

• WPA– Easy to configure– Every home router has this– No special hardware or software required– Boost security level to a comfortable level


How to configure WPA

• Open the configuration of your wi-fi device• Go to wireless setting• Under security option, select any one

– WPA– WPA-PSK– WPA-Personal– WPA2-Personal

• Set a complex password• Change the login password of the wireless

router.• Done


Example : Linksys


Example : Netgear


Example : ZyXEL


Look for this


Further Advised

• Change the router login password frequently– Atleast once a month

• Change the wireless WPA password also– Atleast once a month

• Avoid temptation to connect to open wireless just looking for free internet.


What’s next (added security)

• We can configure DHCP more tightly.– Lets not keep an open pool where any one

can connect– Example

– I have 3 machines in my home (desktop/laptop/phone)– I’ll create a IP pool of 3 IPs only– I’ll do DHCP reservation using the MAC of these 3 IP– Effectively I’m not allowing any outsider machine to

connect


What’s next (added security) …

• We can configure MAC binding.– Allow only MY machines to connect– Many access points support MAC binding– Any other machine will not be able to connect

to my Wi-Fi


Not only terrorism, what else

• Connected to open network??– Attacker can read your mails– Attacker can see your password (even gmail)– Attacker can see your credit card numbers– Attacker can access confidential information

on your computer– Attacker can chat with your girlfriend posing

as you.


So…

• 6 easy steps to counter 95% of attack on your wi-fi

• Secure your wi-fi today.


Q & 42 ?

Rohit SrivastwaFounder, [email protected]

member

Technology

null Pune meet - Wireless Security