SlideShare a Scribd company logo

Securing wireless network

Download as PPT, PDF
Syed Ubaid Ali Jafri
Syed Ubaid Ali Jafri

When setting up and maintaining Wi-Fi home networks, consider these tips for maximizing the security of the computers and data on these networks. Securing Wireless Networks by maximizing the security of 802.11 standard and minimizing the Risk on Wireless network

TechnologyBusiness
1 of 21
Security Over Wireless NetworkSecurity Over Wireless Network BY SYED UBAID ALI JAFRI Information Security Expert CEO UJ Consultant & Solution Provider http://www.ujconsultant.com
Securing a Wireless NetworkSecuring a Wireless Network Wireless networks are rapidly becoming pervasive.Wireless networks are rapidly becoming pervasive.  How many of you have web-enabled cell phones?How many of you have web-enabled cell phones?  How many of you have networked PDAs andHow many of you have networked PDAs and Pocket PCs?Pocket PCs?  How many of you have laptops with wirelessHow many of you have laptops with wireless network cards?network cards?  How many of you have wireless networks at work?How many of you have wireless networks at work?     at home?    at home?  How many of you use wireless networks when youHow many of you use wireless networks when you are out and about?are out and about?
Securing a Wireless NetworkSecuring a Wireless Network Of those of you who have wireless devices,Of those of you who have wireless devices, how many of you:how many of you:  protect your wireless device with aprotect your wireless device with a password?password?  encrypt the data in your wireless device?encrypt the data in your wireless device?  employ any type of security with youremploy any type of security with your wireless device?wireless device?  employ security with your wirelessemploy security with your wireless network?network?
Securing a Wireless NetworkSecuring a Wireless Network  Wireless TechnologyWireless Technology  Security Vulnerabilities with Wireless NetworksSecurity Vulnerabilities with Wireless Networks  Wireless Security SolutionsWireless Security Solutions  PrecautionsPrecautions
Securing a Wireless NetworkSecuring a Wireless Network Most wireless networks today use the 802.11 standard forMost wireless networks today use the 802.11 standard for communication. 802.11b became the standard wirelesscommunication. 802.11b became the standard wireless ethernet networking technology for both business andethernet networking technology for both business and home in 2000. The IEEE 802.11 Standard is anhome in 2000. The IEEE 802.11 Standard is an interoperability standard for wireless LAN devices, thatinteroperability standard for wireless LAN devices, that identifies three major distribution systems for wirelessidentifies three major distribution systems for wireless data communication:data communication:  Direct Sequence Spread Spectrum (DSSS) RadioDirect Sequence Spread Spectrum (DSSS) Radio TechnologyTechnology  Frequency Hopping Spread Spectrum (FHSS) RadioFrequency Hopping Spread Spectrum (FHSS) Radio TechnologyTechnology  Infrared TechnologyInfrared Technology
Independent Basic Service SetIndependent Basic Service Set (IBSS) -(IBSS) - computers talk directly to each othercomputers talk directly to each other
[Basic Service Set (BSS)] Network - all traffic passes[Basic Service Set (BSS)] Network - all traffic passes through a wireless access pointthrough a wireless access point
Extended Service SetExtended Service Set (ESS)(ESS) Network -Network - traffic passes through multiple wireless access pointstraffic passes through multiple wireless access points
Over view Simulation of WirelessOver view Simulation of Wireless NetworkNetwork
IEEE 802.11b specificationIEEE 802.11b specification • wireless transmission of approximately 11 Mbps of rawwireless transmission of approximately 11 Mbps of raw datadata • indoor distances from several dozen to several hundredindoor distances from several dozen to several hundred feetfeet • outdoor distances of several to tens of milesoutdoor distances of several to tens of miles • use of the 2.4 GHz band.use of the 2.4 GHz band. • 802.11b appeared in commercial form in mid-1999.802.11b appeared in commercial form in mid-1999. • Wireless Ethernet Compatibility Alliance (WECA)Wireless Ethernet Compatibility Alliance (WECA) certifies equipment as conforming to the 802.11bcertifies equipment as conforming to the 802.11b standard, and allows compliant hardware to be stampedstandard, and allows compliant hardware to be stamped Wi-Fi compatible.Wi-Fi compatible. • wireless NICs transmit in the range of 11, 5.5, 2 and 1wireless NICs transmit in the range of 11, 5.5, 2 and 1 Mbit/s at a frequency of 2.4 GHz.Mbit/s at a frequency of 2.4 GHz. • 802.11b is a half duplex protocol802.11b is a half duplex protocol
IEEE 802.11b specificationIEEE 802.11b specification • Multiple 802.11b access points can operate in the sameMultiple 802.11b access points can operate in the same overlapping area over different channels, which areoverlapping area over different channels, which are subdivisions for the 2.4 GHz band. There are 14 channels,subdivisions for the 2.4 GHz band. There are 14 channels, which are staggered at a few megahertz intervals, fromwhich are staggered at a few megahertz intervals, from 2.4000 to 2.4835 GHz. Only channels 1, 6, and 11 have no2.4000 to 2.4835 GHz. Only channels 1, 6, and 11 have no overlap among them.overlap among them. • cards equipped with the Wired Equivalent Privacy (WEP)cards equipped with the Wired Equivalent Privacy (WEP) data encryption, based on the 64 bit RC4 encryptiondata encryption, based on the 64 bit RC4 encryption algorithm as defined in the IEEE 802.11b standard onalgorithm as defined in the IEEE 802.11b standard on wireless LANs. In addition, there are more expensivewireless LANs. In addition, there are more expensive cards that are able to use 128 bit encryption. All yourcards that are able to use 128 bit encryption. All your nodes must be at the same encryption level with the samenodes must be at the same encryption level with the same key to operate.key to operate.
IEEE 802.11b specificationIEEE 802.11b specification  Any network adapter coming within range of anotherAny network adapter coming within range of another 802.11b network adapter or access point can instantly802.11b network adapter or access point can instantly connect and join the network unless WEP – wirelessconnect and join the network unless WEP – wireless encryption protocol – is enabled. WEP is secure enoughencryption protocol – is enabled. WEP is secure enough for most homes and business’ but don’t think it can’t befor most homes and business’ but don’t think it can’t be hacked. There are several flaws in WEP making ithacked. There are several flaws in WEP making it unusable for high security applications. At this point, itunusable for high security applications. At this point, it takes some serious hacking abilities to bust into a WEPtakes some serious hacking abilities to bust into a WEP enabled network so home users should not worry.enabled network so home users should not worry.  Full strength 802.11b signal will get you about 3.5-4.5Full strength 802.11b signal will get you about 3.5-4.5 Mbps without WEP enabled. With WEP enabled, expectMbps without WEP enabled. With WEP enabled, expect 2.5-3.5 Mbps. As you put walls and distance between your2.5-3.5 Mbps. As you put walls and distance between your wireless adapter and your access point, your speed willwireless adapter and your access point, your speed will drop. Don’t expect to put more than a few walls betweendrop. Don’t expect to put more than a few walls between you and your access point.you and your access point.
IEEE 802.11a specificationIEEE 802.11a specification  Within the last year, devices that comply with theWithin the last year, devices that comply with the 802.1a standard (54 Mbps over the 5 GHz band)802.1a standard (54 Mbps over the 5 GHz band) have been released. 802.11a also has 12 channelshave been released. 802.11a also has 12 channels (eight in the low part of the band and four in the(eight in the low part of the band and four in the upper) which do not overlap, allowing denserupper) which do not overlap, allowing denser installations. 802.11a's range is apparently less,installations. 802.11a's range is apparently less, but it can often transmit at higher speeds atbut it can often transmit at higher speeds at similar distances compared to 802.11b.similar distances compared to 802.11b.  802.11a devices use the same Wired Equivalent802.11a devices use the same Wired Equivalent Privacy (WEP) security. Some vendors, such asPrivacy (WEP) security. Some vendors, such as Orinoco and Proxim, have included configurableOrinoco and Proxim, have included configurable (albeit non-standard) high-encryption capabilities(albeit non-standard) high-encryption capabilities into their access points to prevent simple WEPinto their access points to prevent simple WEP cracking.cracking.
IEEE 802.11g… specificationIEEE 802.11g… specification  802.11g devices (54 Mbps over 2.4 GHz) will be802.11g devices (54 Mbps over 2.4 GHz) will be released in mid-2003. 802.11g features backwardsreleased in mid-2003. 802.11g features backwards compatibility with 802.11b, and offers threecompatibility with 802.11b, and offers three additional encodings (one mandatory, twoadditional encodings (one mandatory, two optional) that boost its speed.optional) that boost its speed.  Several related IEEE protocols address security,Several related IEEE protocols address security, quality of service, and adaptive signal usequality of service, and adaptive signal use (802.11e, h, and i, among others). : 802.11i will(802.11e, h, and i, among others). : 802.11i will offer additional security for 802.11. This standardoffer additional security for 802.11. This standard will replace WEP and build on IEEE 802.1X.will replace WEP and build on IEEE 802.1X.  IEEE 802.1x is a standard for passing EAP over aIEEE 802.1x is a standard for passing EAP over a wired or wireless LANwired or wireless LAN
Security VulnerabilitiesSecurity Vulnerabilities  packet sniffing - war drivers; higain antennapacket sniffing - war drivers; higain antenna  War Driver Map of LAWar Driver Map of LA  Antenna on the Cheap (er, Chip) - Pringle's can antennaAntenna on the Cheap (er, Chip) - Pringle's can antenna  Coffee Can AntennaCoffee Can Antenna  resource stealing - using a valid station's MAC addressresource stealing - using a valid station's MAC address  traffic redirection - modifying ARP tablestraffic redirection - modifying ARP tables  rogue networks and station redirection [networkrogue networks and station redirection [network administrators also rely on manufacturers' default Serviceadministrators also rely on manufacturers' default Service Set IDentifiers (SSIDs)]Set IDentifiers (SSIDs)] The Gartner Group estimates that at least 20 percent ofThe Gartner Group estimates that at least 20 percent of enterprises have rogue wireless LANs attached to theirenterprises have rogue wireless LANs attached to their networks.networks.  DoS (any radio source including 2.4 Ghz cordless phones)DoS (any radio source including 2.4 Ghz cordless phones)
Security VulnerabilitiesSecurity Vulnerabilities  Wired Equivalent Privacy (WEP) algorithm used toWired Equivalent Privacy (WEP) algorithm used to protect wireless communication from eavesdropping.protect wireless communication from eavesdropping. secondary function of WEP is to prevent unauthorizedsecondary function of WEP is to prevent unauthorized access to a wireless network.access to a wireless network.  WEP relies on a secret key that is shared between aWEP relies on a secret key that is shared between a mobile station and an access point. The secret key is usedmobile station and an access point. The secret key is used to encrypt packets before they are transmitted, and anto encrypt packets before they are transmitted, and an integrity check is used to ensure that packets are notintegrity check is used to ensure that packets are not modified in transit. Most installations use a single keymodified in transit. Most installations use a single key that is shared between all mobile stations and accessthat is shared between all mobile stations and access points. More sophisticated key management techniquespoints. More sophisticated key management techniques can be used to help defend from attacks.can be used to help defend from attacks.
Security VulnerabilitiesSecurity Vulnerabilities  WEP uses the RC4 encryption algorithm, known as aWEP uses the RC4 encryption algorithm, known as a stream cipher. A stream cipher expands a short key intostream cipher. A stream cipher expands a short key into infinite pseudo-random key stream. The sender XORs theinfinite pseudo-random key stream. The sender XORs the key stream with the plaintext to produce ciphertext. Thekey stream with the plaintext to produce ciphertext. The receiver has a copy of the same key, and uses it toreceiver has a copy of the same key, and uses it to generate identical key stream. XORing the key streamgenerate identical key stream. XORing the key stream with the ciphertext yields the original plaintext.with the ciphertext yields the original plaintext.  If an attacker flips a bit in the ciphertext, then uponIf an attacker flips a bit in the ciphertext, then upon decryption, the corresponding bit in the plaintext will bedecryption, the corresponding bit in the plaintext will be flipped. Also, if an eavesdropper intercepts twoflipped. Also, if an eavesdropper intercepts two ciphertexts encrypted with the same key stream, it isciphertexts encrypted with the same key stream, it is possible to obtain the XOR of the two plaintexts. Oncepossible to obtain the XOR of the two plaintexts. Once one of the plaintexts becomes known, it is trivial toone of the plaintexts becomes known, it is trivial to recover all of the others.recover all of the others.
Security SolutionsSecurity Solutions  Wired Equivalent Privacy (WEP) and WEP2Wired Equivalent Privacy (WEP) and WEP2  Media access control (MAC) addresses: configuringMedia access control (MAC) addresses: configuring access points to permit only particular MAC addressesaccess points to permit only particular MAC addresses onto the network. Easy to implement, but fairly easy toonto the network. Easy to implement, but fairly easy to defeat.defeat.  IEEE 802.1X: This standard, supported by Windows XP,IEEE 802.1X: This standard, supported by Windows XP, defines a framework for MAC-level authentication.defines a framework for MAC-level authentication. Susceptible to session-hijacking and man-in-the-middleSusceptible to session-hijacking and man-in-the-middle attacks.attacks.  VPNs: using a VPN to encrypt data on wireless networks.VPNs: using a VPN to encrypt data on wireless networks. VPNs require a lot of management and clientVPNs require a lot of management and client configuration.configuration.  User authenticationUser authentication  The Temporal Key Integrity Protocol (TKIP) [IEEEThe Temporal Key Integrity Protocol (TKIP) [IEEE 802.11i]802.11i]
Security SolutionsSecurity Solutions  Advanced Encryption Standard (AES) encryption [IEEEAdvanced Encryption Standard (AES) encryption [IEEE 802.11i]802.11i]  "Key-hopping" technology that can change the"Key-hopping" technology that can change the encryption key as often as every few seconds.encryption key as often as every few seconds.  EAP-TTLS (Extensible Authentication Protocol (EAP) -EAP-TTLS (Extensible Authentication Protocol (EAP) - Tunneled Transport Layer Security)Tunneled Transport Layer Security)  Enhanced Security Network (ESN) - Extended ServiceEnhanced Security Network (ESN) - Extended Service Set withSet with  enhanced authentication mechanism for both STAs and APsenhanced authentication mechanism for both STAs and APs based on 802.11xbased on 802.11x  key managementkey management  dynamic, association-specific cryptographic keysdynamic, association-specific cryptographic keys  enhanced data encapsulation using AESenhanced data encapsulation using AES
Security SolutionsSecurity Solutions  Wireless Protocol Analyzers. They can:Wireless Protocol Analyzers. They can:  check for unknown MAC (Media Accesscheck for unknown MAC (Media Access Control) addresses and alert the networkControl) addresses and alert the network managermanager  log attempts to gain unauthorized access to thelog attempts to gain unauthorized access to the networknetwork  filter access attempts based on the type offilter access attempts based on the type of network cardnetwork card  conduct site survey of traffic usageconduct site survey of traffic usage  find dead zones in the wireless networkfind dead zones in the wireless network
Wireless Security PrecautionsWireless Security Precautions  Change default namesChange default names  Add passwords to all devicesAdd passwords to all devices  Disable broadcasting on network hubsDisable broadcasting on network hubs  Don't give the network a name that identifies yourDon't give the network a name that identifies your companycompany  Move wireless hubs away from windowsMove wireless hubs away from windows  Use the built-in encryptionUse the built-in encryption  Disable the features you don't useDisable the features you don't use  Put a firewall between the wireless network and otherPut a firewall between the wireless network and other company computerscompany computers  Encrypt dataEncrypt data  Regularly test wireless network securityRegularly test wireless network security

Recommended

5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_kRama Krishna M
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level securityChetan Kumar S
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 

Recommended

5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_kRama Krishna M
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level securityChetan Kumar S
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSystem ID Warehouse
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityAgris Ameriks
 
Wireless hacking and security
Wireless hacking and securityWireless hacking and security
Wireless hacking and securityAdel Zalok
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityShital Kat
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityShahid Beheshti University
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Wlan security
Wlan securityWlan security
Wlan securityUpasona Roy
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Wlan security
Wlan securityWlan security
Wlan securitySajan Sahu
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityAyoma Wijethunga
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan SecuritySANDEEPONSLIDESHARE
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingarushi bhatnagar
 
Hp Fortify Mobile Application Security
Hp Fortify Mobile Application SecurityHp Fortify Mobile Application Security
Hp Fortify Mobile Application SecurityEd Wong
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer CrimesMar Soriano
 

More Related Content

What's hot

Wireless network security
Wireless network security Wireless network security
Wireless network security Aurobindo Nayak
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSystem ID Warehouse
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Wireless hacking and security
Wireless hacking and securityWireless hacking and security
Wireless hacking and securityAdel Zalok
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityAyoma Wijethunga
 

What's hot (20)

Wireless network security
Wireless network security Wireless network security
Wireless network security
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Wireless hacking and security
Wireless hacking and securityWireless hacking and security
Wireless hacking and security
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Wireless security
Wireless securityWireless security
Wireless security
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan Security
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 

Viewers also liked

Hp Fortify Mobile Application Security
Hp Fortify Mobile Application SecurityHp Fortify Mobile Application Security
Hp Fortify Mobile Application SecurityEd Wong
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer CrimesMar Soriano
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application SecurityIshan Girdhar
 
Wireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best PracticesWireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best PracticesCisco Mobility
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
PPT on Bluetooth Based Wireless Sensor Networks
PPT on Bluetooth Based Wireless Sensor NetworksPPT on Bluetooth Based Wireless Sensor Networks
PPT on Bluetooth Based Wireless Sensor NetworksSiya Agarwal
 

Viewers also liked (11)

Hp Fortify Mobile Application Security
Hp Fortify Mobile Application SecurityHp Fortify Mobile Application Security
Hp Fortify Mobile Application Security
 
Chapter 3 Computer Crimes
Chapter 3 Computer CrimesChapter 3 Computer Crimes
Chapter 3 Computer Crimes
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Computer crime
Computer crime Computer crime
Computer crime
 
Cisco project ideas
Cisco project ideasCisco project ideas
Cisco project ideas
 
Types Of Computer Crime
Types Of Computer CrimeTypes Of Computer Crime
Types Of Computer Crime
 
Wireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best PracticesWireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best Practices
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Web Security
Web SecurityWeb Security
Web Security
 
PPT on Bluetooth Based Wireless Sensor Networks
PPT on Bluetooth Based Wireless Sensor NetworksPPT on Bluetooth Based Wireless Sensor Networks
PPT on Bluetooth Based Wireless Sensor Networks
 

Similar to Securing wireless network

Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Wail Hassan
 
W I R E L E S S F I D E L I T Y
W I R E L E S S F I D E L I T YW I R E L E S S F I D E L I T Y
W I R E L E S S F I D E L I T Ygou145
 
Wi-Fi Architecture
Wi-Fi ArchitectureWi-Fi Architecture
Wi-Fi ArchitectureArnab Ghosal
 
wi-fi technology
wi-fi technology wi-fi technology
wi-fi technologysai kumar R
 
wirelessnetworks-ppt-140909071911-phpapp02.pdf
wirelessnetworks-ppt-140909071911-phpapp02.pdfwirelessnetworks-ppt-140909071911-phpapp02.pdf
wirelessnetworks-ppt-140909071911-phpapp02.pdfkouyepwanko
 
Wireless networksppt
Wireless networkspptWireless networksppt
Wireless networkspptdxmuthu
 
Wireless networksppt
Wireless networkspptWireless networksppt
Wireless networkspptpmuthumca51
 
Wireless technology - Wi-Fi
Wireless technology - Wi-FiWireless technology - Wi-Fi
Wireless technology - Wi-FiBhushan Jadhav
 

Similar to Securing wireless network (20)

Wi fi
Wi fiWi fi
Wi fi
 
Wi-Fi Technology
Wi-Fi TechnologyWi-Fi Technology
Wi-Fi Technology
 
Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)
 
Wi-Fi
Wi-FiWi-Fi
Wi-Fi
 
W I R E L E S S F I D E L I T Y
W I R E L E S S F I D E L I T YW I R E L E S S F I D E L I T Y
W I R E L E S S F I D E L I T Y
 
Wi-Fi Architecture
Wi-Fi ArchitectureWi-Fi Architecture
Wi-Fi Architecture
 
Wireless
WirelessWireless
Wireless
 
wifi himanshu
wifi himanshuwifi himanshu
wifi himanshu
 
wi-fi technology
wi-fi technology wi-fi technology
wi-fi technology
 
WLAN AND IEEE STANDARDS
WLAN AND IEEE STANDARDSWLAN AND IEEE STANDARDS
WLAN AND IEEE STANDARDS
 
wirelessnetworks-ppt-140909071911-phpapp02.pdf
wirelessnetworks-ppt-140909071911-phpapp02.pdfwirelessnetworks-ppt-140909071911-phpapp02.pdf
wirelessnetworks-ppt-140909071911-phpapp02.pdf
 
Wi fi technology & wap
Wi fi technology & wap Wi fi technology & wap
Wi fi technology & wap
 
wi-fi
wi-fiwi-fi
wi-fi
 
Wireless networksppt
Wireless networkspptWireless networksppt
Wireless networksppt
 
Wireless networksppt
Wireless networkspptWireless networksppt
Wireless networksppt
 
Wifi Technology ppt
Wifi Technology pptWifi Technology ppt
Wifi Technology ppt
 
Characteristics of the 6 wireless protocols
Characteristics of the 6 wireless protocolsCharacteristics of the 6 wireless protocols
Characteristics of the 6 wireless protocols
 
wireless networks.pptx
wireless networks.pptxwireless networks.pptx
wireless networks.pptx
 
Capitulo 5
Capitulo 5Capitulo 5
Capitulo 5
 
Wireless technology - Wi-Fi
Wireless technology - Wi-FiWireless technology - Wi-Fi
Wireless technology - Wi-Fi
 

More from Syed Ubaid Ali Jafri

Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabSyed Ubaid Ali Jafri
 
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...Syed Ubaid Ali Jafri
 
Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015Syed Ubaid Ali Jafri
 
Android 2.0 - 4.0 HTML Vulnerable
Android 2.0 - 4.0 HTML Vulnerable Android 2.0 - 4.0 HTML Vulnerable
Android 2.0 - 4.0 HTML Vulnerable Syed Ubaid Ali Jafri
 
Data Hiding (An Approach towards Stegnography)
Data Hiding (An Approach towards Stegnography) Data Hiding (An Approach towards Stegnography)
Data Hiding (An Approach towards Stegnography) Syed Ubaid Ali Jafri
 
Final Year Projects (Computer Science 2013) - Syed Ubaid Ali Jafri
Final Year Projects (Computer Science 2013) - Syed Ubaid Ali JafriFinal Year Projects (Computer Science 2013) - Syed Ubaid Ali Jafri
Final Year Projects (Computer Science 2013) - Syed Ubaid Ali JafriSyed Ubaid Ali Jafri
 
Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7
Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7
Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7Syed Ubaid Ali Jafri
 
Syed Ubaid Ali Jafri - Cryptography Techniques
Syed Ubaid Ali Jafri - Cryptography TechniquesSyed Ubaid Ali Jafri - Cryptography Techniques
Syed Ubaid Ali Jafri - Cryptography TechniquesSyed Ubaid Ali Jafri
 
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for AssociatesSyed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for AssociatesSyed Ubaid Ali Jafri
 
Syed Ubaid Ali Jafri Lecture on Information Technology
Syed Ubaid Ali Jafri Lecture on Information Technology Syed Ubaid Ali Jafri Lecture on Information Technology
Syed Ubaid Ali Jafri Lecture on Information Technology Syed Ubaid Ali Jafri
 

More from Syed Ubaid Ali Jafri (18)

Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing Lab
 
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
 
Review of network diagram
Review of network diagramReview of network diagram
Review of network diagram
 
Review of network diagram
Review of network diagramReview of network diagram
Review of network diagram
 
OSI Layered based attacks
OSI Layered based attacksOSI Layered based attacks
OSI Layered based attacks
 
Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015Final Year Projects Computer Science (Information security) -2015
Final Year Projects Computer Science (Information security) -2015
 
Data calling from web to C#
Data calling from web to C#Data calling from web to C#
Data calling from web to C#
 
Android 2.0 - 4.0 HTML Vulnerable
Android 2.0 - 4.0 HTML Vulnerable Android 2.0 - 4.0 HTML Vulnerable
Android 2.0 - 4.0 HTML Vulnerable
 
Data Hiding (An Approach towards Stegnography)
Data Hiding (An Approach towards Stegnography) Data Hiding (An Approach towards Stegnography)
Data Hiding (An Approach towards Stegnography)
 
Final Year Projects (Computer Science 2013) - Syed Ubaid Ali Jafri
Final Year Projects (Computer Science 2013) - Syed Ubaid Ali JafriFinal Year Projects (Computer Science 2013) - Syed Ubaid Ali Jafri
Final Year Projects (Computer Science 2013) - Syed Ubaid Ali Jafri
 
Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7
Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7
Syed Ubaid Ali Jafri - Secure IIS Configuration Windows 7
 
Syed Ubaid Ali Jafri - Cryptography Techniques
Syed Ubaid Ali Jafri - Cryptography TechniquesSyed Ubaid Ali Jafri - Cryptography Techniques
Syed Ubaid Ali Jafri - Cryptography Techniques
 
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for AssociatesSyed Ubaid Ali Jafri - Black Box Penetration testing for Associates
Syed Ubaid Ali Jafri - Black Box Penetration testing for Associates
 
Syed Ubaid Ali Jafri Lecture on Information Technology
Syed Ubaid Ali Jafri Lecture on Information Technology Syed Ubaid Ali Jafri Lecture on Information Technology
Syed Ubaid Ali Jafri Lecture on Information Technology
 
Storage area network
Storage area networkStorage area network
Storage area network
 
IP Security over VPN
IP Security over VPNIP Security over VPN
IP Security over VPN
 
Network security over ethernet
Network security over ethernetNetwork security over ethernet
Network security over ethernet
 
LAN Security
LAN Security LAN Security
LAN Security
 

Recently uploaded

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 

Recently uploaded (20)

What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 

Securing wireless network

  • 1. Security Over Wireless NetworkSecurity Over Wireless Network BY SYED UBAID ALI JAFRI Information Security Expert CEO UJ Consultant & Solution Provider http://www.ujconsultant.com
  • 2. Securing a Wireless NetworkSecuring a Wireless Network Wireless networks are rapidly becoming pervasive.Wireless networks are rapidly becoming pervasive.  How many of you have web-enabled cell phones?How many of you have web-enabled cell phones?  How many of you have networked PDAs andHow many of you have networked PDAs and Pocket PCs?Pocket PCs?  How many of you have laptops with wirelessHow many of you have laptops with wireless network cards?network cards?  How many of you have wireless networks at work?How many of you have wireless networks at work?     at home?    at home?  How many of you use wireless networks when youHow many of you use wireless networks when you are out and about?are out and about?
  • 3. Securing a Wireless NetworkSecuring a Wireless Network Of those of you who have wireless devices,Of those of you who have wireless devices, how many of you:how many of you:  protect your wireless device with aprotect your wireless device with a password?password?  encrypt the data in your wireless device?encrypt the data in your wireless device?  employ any type of security with youremploy any type of security with your wireless device?wireless device?  employ security with your wirelessemploy security with your wireless network?network?
  • 4. Securing a Wireless NetworkSecuring a Wireless Network  Wireless TechnologyWireless Technology  Security Vulnerabilities with Wireless NetworksSecurity Vulnerabilities with Wireless Networks  Wireless Security SolutionsWireless Security Solutions  PrecautionsPrecautions
  • 5. Securing a Wireless NetworkSecuring a Wireless Network Most wireless networks today use the 802.11 standard forMost wireless networks today use the 802.11 standard for communication. 802.11b became the standard wirelesscommunication. 802.11b became the standard wireless ethernet networking technology for both business andethernet networking technology for both business and home in 2000. The IEEE 802.11 Standard is anhome in 2000. The IEEE 802.11 Standard is an interoperability standard for wireless LAN devices, thatinteroperability standard for wireless LAN devices, that identifies three major distribution systems for wirelessidentifies three major distribution systems for wireless data communication:data communication:  Direct Sequence Spread Spectrum (DSSS) RadioDirect Sequence Spread Spectrum (DSSS) Radio TechnologyTechnology  Frequency Hopping Spread Spectrum (FHSS) RadioFrequency Hopping Spread Spectrum (FHSS) Radio TechnologyTechnology  Infrared TechnologyInfrared Technology
  • 6. Independent Basic Service SetIndependent Basic Service Set (IBSS) -(IBSS) - computers talk directly to each othercomputers talk directly to each other
  • 7. [Basic Service Set (BSS)] Network - all traffic passes[Basic Service Set (BSS)] Network - all traffic passes through a wireless access pointthrough a wireless access point
  • 8. Extended Service SetExtended Service Set (ESS)(ESS) Network -Network - traffic passes through multiple wireless access pointstraffic passes through multiple wireless access points
  • 9. Over view Simulation of WirelessOver view Simulation of Wireless NetworkNetwork
  • 10. IEEE 802.11b specificationIEEE 802.11b specification • wireless transmission of approximately 11 Mbps of rawwireless transmission of approximately 11 Mbps of raw datadata • indoor distances from several dozen to several hundredindoor distances from several dozen to several hundred feetfeet • outdoor distances of several to tens of milesoutdoor distances of several to tens of miles • use of the 2.4 GHz band.use of the 2.4 GHz band. • 802.11b appeared in commercial form in mid-1999.802.11b appeared in commercial form in mid-1999. • Wireless Ethernet Compatibility Alliance (WECA)Wireless Ethernet Compatibility Alliance (WECA) certifies equipment as conforming to the 802.11bcertifies equipment as conforming to the 802.11b standard, and allows compliant hardware to be stampedstandard, and allows compliant hardware to be stamped Wi-Fi compatible.Wi-Fi compatible. • wireless NICs transmit in the range of 11, 5.5, 2 and 1wireless NICs transmit in the range of 11, 5.5, 2 and 1 Mbit/s at a frequency of 2.4 GHz.Mbit/s at a frequency of 2.4 GHz. • 802.11b is a half duplex protocol802.11b is a half duplex protocol
  • 11. IEEE 802.11b specificationIEEE 802.11b specification • Multiple 802.11b access points can operate in the sameMultiple 802.11b access points can operate in the same overlapping area over different channels, which areoverlapping area over different channels, which are subdivisions for the 2.4 GHz band. There are 14 channels,subdivisions for the 2.4 GHz band. There are 14 channels, which are staggered at a few megahertz intervals, fromwhich are staggered at a few megahertz intervals, from 2.4000 to 2.4835 GHz. Only channels 1, 6, and 11 have no2.4000 to 2.4835 GHz. Only channels 1, 6, and 11 have no overlap among them.overlap among them. • cards equipped with the Wired Equivalent Privacy (WEP)cards equipped with the Wired Equivalent Privacy (WEP) data encryption, based on the 64 bit RC4 encryptiondata encryption, based on the 64 bit RC4 encryption algorithm as defined in the IEEE 802.11b standard onalgorithm as defined in the IEEE 802.11b standard on wireless LANs. In addition, there are more expensivewireless LANs. In addition, there are more expensive cards that are able to use 128 bit encryption. All yourcards that are able to use 128 bit encryption. All your nodes must be at the same encryption level with the samenodes must be at the same encryption level with the same key to operate.key to operate.
  • 12. IEEE 802.11b specificationIEEE 802.11b specification  Any network adapter coming within range of anotherAny network adapter coming within range of another 802.11b network adapter or access point can instantly802.11b network adapter or access point can instantly connect and join the network unless WEP – wirelessconnect and join the network unless WEP – wireless encryption protocol – is enabled. WEP is secure enoughencryption protocol – is enabled. WEP is secure enough for most homes and business’ but don’t think it can’t befor most homes and business’ but don’t think it can’t be hacked. There are several flaws in WEP making ithacked. There are several flaws in WEP making it unusable for high security applications. At this point, itunusable for high security applications. At this point, it takes some serious hacking abilities to bust into a WEPtakes some serious hacking abilities to bust into a WEP enabled network so home users should not worry.enabled network so home users should not worry.  Full strength 802.11b signal will get you about 3.5-4.5Full strength 802.11b signal will get you about 3.5-4.5 Mbps without WEP enabled. With WEP enabled, expectMbps without WEP enabled. With WEP enabled, expect 2.5-3.5 Mbps. As you put walls and distance between your2.5-3.5 Mbps. As you put walls and distance between your wireless adapter and your access point, your speed willwireless adapter and your access point, your speed will drop. Don’t expect to put more than a few walls betweendrop. Don’t expect to put more than a few walls between you and your access point.you and your access point.
  • 13. IEEE 802.11a specificationIEEE 802.11a specification  Within the last year, devices that comply with theWithin the last year, devices that comply with the 802.1a standard (54 Mbps over the 5 GHz band)802.1a standard (54 Mbps over the 5 GHz band) have been released. 802.11a also has 12 channelshave been released. 802.11a also has 12 channels (eight in the low part of the band and four in the(eight in the low part of the band and four in the upper) which do not overlap, allowing denserupper) which do not overlap, allowing denser installations. 802.11a's range is apparently less,installations. 802.11a's range is apparently less, but it can often transmit at higher speeds atbut it can often transmit at higher speeds at similar distances compared to 802.11b.similar distances compared to 802.11b.  802.11a devices use the same Wired Equivalent802.11a devices use the same Wired Equivalent Privacy (WEP) security. Some vendors, such asPrivacy (WEP) security. Some vendors, such as Orinoco and Proxim, have included configurableOrinoco and Proxim, have included configurable (albeit non-standard) high-encryption capabilities(albeit non-standard) high-encryption capabilities into their access points to prevent simple WEPinto their access points to prevent simple WEP cracking.cracking.
  • 14. IEEE 802.11g… specificationIEEE 802.11g… specification  802.11g devices (54 Mbps over 2.4 GHz) will be802.11g devices (54 Mbps over 2.4 GHz) will be released in mid-2003. 802.11g features backwardsreleased in mid-2003. 802.11g features backwards compatibility with 802.11b, and offers threecompatibility with 802.11b, and offers three additional encodings (one mandatory, twoadditional encodings (one mandatory, two optional) that boost its speed.optional) that boost its speed.  Several related IEEE protocols address security,Several related IEEE protocols address security, quality of service, and adaptive signal usequality of service, and adaptive signal use (802.11e, h, and i, among others). : 802.11i will(802.11e, h, and i, among others). : 802.11i will offer additional security for 802.11. This standardoffer additional security for 802.11. This standard will replace WEP and build on IEEE 802.1X.will replace WEP and build on IEEE 802.1X.  IEEE 802.1x is a standard for passing EAP over aIEEE 802.1x is a standard for passing EAP over a wired or wireless LANwired or wireless LAN
  • 15. Security VulnerabilitiesSecurity Vulnerabilities  packet sniffing - war drivers; higain antennapacket sniffing - war drivers; higain antenna  War Driver Map of LAWar Driver Map of LA  Antenna on the Cheap (er, Chip) - Pringle's can antennaAntenna on the Cheap (er, Chip) - Pringle's can antenna  Coffee Can AntennaCoffee Can Antenna  resource stealing - using a valid station's MAC addressresource stealing - using a valid station's MAC address  traffic redirection - modifying ARP tablestraffic redirection - modifying ARP tables  rogue networks and station redirection [networkrogue networks and station redirection [network administrators also rely on manufacturers' default Serviceadministrators also rely on manufacturers' default Service Set IDentifiers (SSIDs)]Set IDentifiers (SSIDs)] The Gartner Group estimates that at least 20 percent ofThe Gartner Group estimates that at least 20 percent of enterprises have rogue wireless LANs attached to theirenterprises have rogue wireless LANs attached to their networks.networks.  DoS (any radio source including 2.4 Ghz cordless phones)DoS (any radio source including 2.4 Ghz cordless phones)
  • 16. Security VulnerabilitiesSecurity Vulnerabilities  Wired Equivalent Privacy (WEP) algorithm used toWired Equivalent Privacy (WEP) algorithm used to protect wireless communication from eavesdropping.protect wireless communication from eavesdropping. secondary function of WEP is to prevent unauthorizedsecondary function of WEP is to prevent unauthorized access to a wireless network.access to a wireless network.  WEP relies on a secret key that is shared between aWEP relies on a secret key that is shared between a mobile station and an access point. The secret key is usedmobile station and an access point. The secret key is used to encrypt packets before they are transmitted, and anto encrypt packets before they are transmitted, and an integrity check is used to ensure that packets are notintegrity check is used to ensure that packets are not modified in transit. Most installations use a single keymodified in transit. Most installations use a single key that is shared between all mobile stations and accessthat is shared between all mobile stations and access points. More sophisticated key management techniquespoints. More sophisticated key management techniques can be used to help defend from attacks.can be used to help defend from attacks.
  • 17. Security VulnerabilitiesSecurity Vulnerabilities  WEP uses the RC4 encryption algorithm, known as aWEP uses the RC4 encryption algorithm, known as a stream cipher. A stream cipher expands a short key intostream cipher. A stream cipher expands a short key into infinite pseudo-random key stream. The sender XORs theinfinite pseudo-random key stream. The sender XORs the key stream with the plaintext to produce ciphertext. Thekey stream with the plaintext to produce ciphertext. The receiver has a copy of the same key, and uses it toreceiver has a copy of the same key, and uses it to generate identical key stream. XORing the key streamgenerate identical key stream. XORing the key stream with the ciphertext yields the original plaintext.with the ciphertext yields the original plaintext.  If an attacker flips a bit in the ciphertext, then uponIf an attacker flips a bit in the ciphertext, then upon decryption, the corresponding bit in the plaintext will bedecryption, the corresponding bit in the plaintext will be flipped. Also, if an eavesdropper intercepts twoflipped. Also, if an eavesdropper intercepts two ciphertexts encrypted with the same key stream, it isciphertexts encrypted with the same key stream, it is possible to obtain the XOR of the two plaintexts. Oncepossible to obtain the XOR of the two plaintexts. Once one of the plaintexts becomes known, it is trivial toone of the plaintexts becomes known, it is trivial to recover all of the others.recover all of the others.
  • 18. Security SolutionsSecurity Solutions  Wired Equivalent Privacy (WEP) and WEP2Wired Equivalent Privacy (WEP) and WEP2  Media access control (MAC) addresses: configuringMedia access control (MAC) addresses: configuring access points to permit only particular MAC addressesaccess points to permit only particular MAC addresses onto the network. Easy to implement, but fairly easy toonto the network. Easy to implement, but fairly easy to defeat.defeat.  IEEE 802.1X: This standard, supported by Windows XP,IEEE 802.1X: This standard, supported by Windows XP, defines a framework for MAC-level authentication.defines a framework for MAC-level authentication. Susceptible to session-hijacking and man-in-the-middleSusceptible to session-hijacking and man-in-the-middle attacks.attacks.  VPNs: using a VPN to encrypt data on wireless networks.VPNs: using a VPN to encrypt data on wireless networks. VPNs require a lot of management and clientVPNs require a lot of management and client configuration.configuration.  User authenticationUser authentication  The Temporal Key Integrity Protocol (TKIP) [IEEEThe Temporal Key Integrity Protocol (TKIP) [IEEE 802.11i]802.11i]
  • 19. Security SolutionsSecurity Solutions  Advanced Encryption Standard (AES) encryption [IEEEAdvanced Encryption Standard (AES) encryption [IEEE 802.11i]802.11i]  "Key-hopping" technology that can change the"Key-hopping" technology that can change the encryption key as often as every few seconds.encryption key as often as every few seconds.  EAP-TTLS (Extensible Authentication Protocol (EAP) -EAP-TTLS (Extensible Authentication Protocol (EAP) - Tunneled Transport Layer Security)Tunneled Transport Layer Security)  Enhanced Security Network (ESN) - Extended ServiceEnhanced Security Network (ESN) - Extended Service Set withSet with  enhanced authentication mechanism for both STAs and APsenhanced authentication mechanism for both STAs and APs based on 802.11xbased on 802.11x  key managementkey management  dynamic, association-specific cryptographic keysdynamic, association-specific cryptographic keys  enhanced data encapsulation using AESenhanced data encapsulation using AES
  • 20. Security SolutionsSecurity Solutions  Wireless Protocol Analyzers. They can:Wireless Protocol Analyzers. They can:  check for unknown MAC (Media Accesscheck for unknown MAC (Media Access Control) addresses and alert the networkControl) addresses and alert the network managermanager  log attempts to gain unauthorized access to thelog attempts to gain unauthorized access to the networknetwork  filter access attempts based on the type offilter access attempts based on the type of network cardnetwork card  conduct site survey of traffic usageconduct site survey of traffic usage  find dead zones in the wireless networkfind dead zones in the wireless network
  • 21. Wireless Security PrecautionsWireless Security Precautions  Change default namesChange default names  Add passwords to all devicesAdd passwords to all devices  Disable broadcasting on network hubsDisable broadcasting on network hubs  Don't give the network a name that identifies yourDon't give the network a name that identifies your companycompany  Move wireless hubs away from windowsMove wireless hubs away from windows  Use the built-in encryptionUse the built-in encryption  Disable the features you don't useDisable the features you don't use  Put a firewall between the wireless network and otherPut a firewall between the wireless network and other company computerscompany computers  Encrypt dataEncrypt data  Regularly test wireless network securityRegularly test wireless network security