Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Guide to Operating System Security Chapter 8 Wireless Security

advertisement 
Guide to Operating
System Security
Chapter 8
Wireless Security
Objectives






Explain wireless networking and why it is used
Describe IEEE 802.11 radio wave networking
Explain Bluetooth networking
Describe attacks on wireless networks
Discuss wireless security measures
Configure security for wireless interfaces in
workstation operating systems
Guide to Operating System Security
2
Introduction to Wireless
Networking





Enables communications where a wired
network is impractical
Reduces installation costs
Provides “anywhere” access
Enables easier small and home office
networking
Enables data access to fit the application
Guide to Operating System Security
3
Attacks on Wireless Networks


Many opportunities, particularly through
sniffer software
Difficult or impossible to detect
Guide to Operating System Security
4
Wireless Network Support
Organizations


Wireless LAN Association (WLANA)
WINLAB
Guide to Operating System Security
5
Why Use a Wireless Network
Instead of a Wired Network?

A wired network can be difficult or impossible
to install in some situations
Guide to Operating System Security
6
Radio Wave Technologies




Network applications use high frequencies
measured in hertz
Line-of-sight transmission
Spread spectrum technology
Popular technologies


IEEE 802.11 standard
Bluetooth
Guide to Operating System Security
7
Radio Wave Technologies
Guide to Operating System Security
8
Radio Wave Technologies

Advantages





Relatively inexpensive
Easy to install
Provide anywhere access
Offer an alternative for hard-to-cable areas
Disadvantages


Do not have speeds to match 100Mbps
communications
Frequencies may experience interference
Guide to Operating System Security
9
IEEE 802.11 Radio Wave
Networking (Continued)




Advantages in terms of compatibility and
reliability
Devices are not proprietary
Encompasses fixed and mobile stations
Recognizes indoor and outdoor
communications
Guide to Operating System Security
10
IEEE 802.11 Radio Wave
Networking (Continued)

Kinds of communication


Discrete units (asynchronous)
Governed by time restrictions
Guide to Operating System Security
11
How IEEE 802.11 Wireless
Networks Function







Components
Access methods
Handling of data errors
Transmission speeds
Authentication
Topologies
Multiple-cell wireless LANs
Guide to Operating System Security
12
Wireless Components

Wireless NIC (WNIC)



Functions as a transmitter/receiver (transceiver)
Access point
Antennas


Directional antenna
Omnidirectional antenna
Guide to Operating System Security
13
Directional Antenna
Guide to Operating System Security
14
Omnidirectional Antenna
Guide to Operating System Security
15
Wireless Networking Access
Methods


Priority-based access
Carrier Sense Multiple Access with Collision
Avoidance (CSMA/CA)
Guide to Operating System Security
16
Handling Data Errors

Automatic repeat request (ARQ) characteristic

Helps reduce communication errors created by
sources of interference
Guide to Operating System Security
17
Transmission Speeds
Guide to Operating System Security
18
Infrared Wireless Networking



802.11R standard
Can be broadcast in a single direction or in all
directions
Transmits in range of 100 GHz to 1000 THz
Guide to Operating System Security
19
Infrared Wireless Networking

Security factors



Difficult to intercept without someone knowing
Not susceptible to interference from RFI and EMI
Disadvantages (but also make it more secure)


Data transmission rates only reach up to 16 Mbps
(directional) and can be less than 1 Mbps
(omnidirectional)
Does not go through walls
Guide to Operating System Security
20
Diffused Infrared Wireless
Communication
Guide to Operating System Security
21
Using Authentication to
Disconnect

Prevents two communicating stations from
being inadvertently disconnected by a
nonauthorized station
Guide to Operating System Security
22
802.11 Network Topologies

Independent basic service set (IBSS) topology



Consists of two or more wireless stations that can
be in communication
Does not use an access point
Extended service set (ESS) topology

Uses one or more access points to provide a larger
service area than an IBSS topology
Guide to Operating System Security
23
IBSS Wireless Topology
Guide to Operating System Security
24
ESS Wireless Topology
Guide to Operating System Security
25
Multiple-Cell Wireless LANs


ESS wireless topology that employs two or
more access points
Inter-Access Point Protocol (IAPP)

Roaming protocol that enables a mobile station to
move from one cell to another without losing
connection
Guide to Operating System Security
26
Bluetooth Radio Wave
Networking


Uses frequency hopping in the 2.4-GHz band
designated by FCC for unlicensed ISM
transmissions
Uses time-division duplexing (TDD) for
packet transmissions
Guide to Operating System Security
27
Anatomy of Attacks on Wireless
Networks




Antenna
Wireless network interface card
GPS
War-driving software
Guide to Operating System Security
28
Rogue Access Point



Wireless access point installed without
knowledge of network administrator
Not configured to have security
Provides an attacker with an unsecured
entryway to packet communications
Guide to Operating System Security
29
Attacks Through Long-Range
Antennas


Increases reach of a signal
Enables network to be monitored from a
greater distance without being observed
Guide to Operating System Security
30
Man-in-the-Middle Attacks


Interception of a message meant for a different
computer
Attacker operates between two communicating
computers in order to:


Listen in on communications
Modify communications
Guide to Operating System Security
31
Pitfalls of Wireless
Communications


Inherently not secure because they are
transported over radio waves
Considerations


Avoid wireless communications for extremely
sensitive information
Configure tightest security available
Guide to Operating System Security
32
Wireless Security Measures






Open system authentication
Shared key authentication
Wired Equivalent Privacy (WEP)
Service set identifier (SSID)
802.1x security
802.1i security
Guide to Operating System Security
33
Open System Authentication



Two stations can authenticate each other
Provides little security, only mutual agreement
to authenticate
Default form of authentication in 802.11
Guide to Operating System Security
34
Shared Key Authentication

Uses symmetrical encryption

Same key for both encryption and decryption
Guide to Operating System Security
35
Wired Equivalent Privacy (WEP)

Same encryption key is used at both stations
that are communicating
Guide to Operating System Security
36
Wired Equivalent Privacy (WEP)
Guide to Operating System Security
37
Service Set Identifier (SSID)

Identification value:




typically up to 32 characters in length
defines a logical network for all devices that
belong to it
Each device is configured to have same SSID
Typically used in ESS, but not IBSS
Guide to Operating System Security
38
802.1x Security

Port-based form of authentication



Does not include encryption


Uncontrolled port
Controlled port
can be set up to work with EAP and its evolving
versions (EAP-TTLS and PEAP)
Use different computers for authentication
server and authenticator
Guide to Operating System Security
39
802.1i Security


Builds on 802.1x standard
Implements Temporal Key Integrity Protocol
(TKIP) for creating random encryption keys
from one master key
Guide to Operating System Security
40
Configuring Security for
Wireless Interfaces

Windows 2000/XP Professional


Red Hat Linux 9.x


Support use of WNICs
Supports use of WNICs (installed through
GNOME desktop Network Device Control tool)
Mac OS X

Built-in compatibility for AirPort WNICs and base
stations (access points)
Guide to Operating System Security
41
Windows 2000 Professional
Wireless Security Techniques



Open system
authentication
Shared key
authentication
WEP (40-bit and
104-bit keys)
Guide to Operating System Security




SSID
802.1x
EAP
Authentication
through RADIUS
42
Windows XP Professional
Wireless Security Techniques



Open system
authentication
Shared key
authentication
WEP (40-bit and
104-bit keys)
Guide to Operating System Security





SSID
802.1x
EAP and EAP-TLS
PEAP
Authentication
through RADIUS
43
Red Hat Linux Wireless Security
Techniques





Open system authentication
Shared key authentication
WEP (40-bit and 104-bit keys)
SSID
802.1x
Guide to Operating System Security
44
Mac OS X Wireless Security
Techniques






Open system authentication
Shared key authentication
WEP (40-bit and 104-bit keys)
SSID
RADIUS authentication
Firewall protection
Guide to Operating System Security
45
Summary


How wireless networks work
Popular approaches to wireless networking




IEEE 802.11
Bluetooth
Types of attacks against wireless networks
Wireless security measures and how to
implement them in client operating systems
Guide to Operating System Security
46
Related documents
Wireless structural health monitoring system(Literature review
Wireless structural health monitoring system(Literature review
wireless - Home and Learn
wireless - Home and Learn
WAEA
WAEA
ZigBee Based Intelligent Helmet for Coal Miners
ZigBee Based Intelligent Helmet for Coal Miners
Dr. Luk R. Arnaut
Dr. Luk R. Arnaut
Download
advertisement