Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Solving the Security Risks of WLAN Tuukka Karvonen 24.7.2016

advertisement 
Solving the Security Risks of
WLAN
Tuukka Karvonen
24.7.2016
Outline
•
•
•
•
•
•
•
General Guidelines
Radio Interface
Access Point Configuration
Client Configuration
TKIP
Honey pot – Fake AP
Links
General Guidelines
• Know the risks: War-Driving, Insertion
Attacks, Monitoring, SNMP services, weak
WEP algorithm, etc.
• The default configuration of the devices
usually lacks security
• Clients and access points should be
configured well
• Organizations need a wireless security
policy, which everyone should follow
Radio Interface
• Provide coverage only for the areas where
it is needed
– Adjust transmitting power
– use directional antennas
• Unintentional and intentional jamming is
possible -> have an alternative, if it’s
important to have your connection working
Access Point Configuration
• Turn of the broadcasting of SSID and don’t
use the default one
• Provide DHCP only if needed
• Require Wired Equivalent Privacy and
strengthen it with IEEE 802.1X and TKIP
– Original WEP algorithm is weak, so keys need
to be changed frequently
Client Configuration
• Disable unnecessary services (i.e.
Windows file sharing)
• Install Personal Firewall
• Use higher level security (IPsec, VPNs,
SSL, SSH etc.)
• Use WEP and if possible strengthen it
Temporal Key Integrity Protocol
(TKIP)
• Devices using WEP can be upgraded to TKIP
with firmware patches
• Uses temporal key, which is changed every
10000 packets with help of 802.1X
• Combines the temporal key with the client's
MAC address before adding a initialization
vector -> every device has own encryption key
• Inserts message integrity code into each packet
to avoid forgeries
Honey Pot – Fake AP
• Confuses war drivers
• Hides the real access point by generating
thousands of counterfeit 802.11b access
points
– Sends Beacon frames with random SSID:s
and MAC addresses
• Advanced version would also need to
create real traffic
• http://www.blackalchemy.to/project/fakeap/
Links
• Information
– http://www.iss.net/wireless/WLAN_FAQ.php
– http://www.80211-planet.com/
• Access point maps
– http://www.wifimaps.com/
– http://www.netstumbler.com/
• Tools:
– http://freshmeat.net/projects/airsnort/
– http://www.netstumbler.com/
– Wireless Scanner http://www.iss.net/download/
Related documents
Solving the Security Risks of WLAN Tuukka Karvonen 24.7.2016
Solving the Security Risks of WLAN Tuukka Karvonen 24.7.2016
Introduction Wired Equivalent Privacy (WEP) key is shared by all the... management. We are going to crack the WEP enabled Wi-Fi...
Introduction Wired Equivalent Privacy (WEP) key is shared by all the... management. We are going to crack the WEP enabled Wi-Fi...
1 2
1 2
CRYPTOGRAPHY & COMPUTER SECURITY
CRYPTOGRAPHY & COMPUTER SECURITY
802.11b and the Joy of WarCycling in Dublin David Malone 12 November 2002
802.11b and the Joy of WarCycling in Dublin David Malone 12 November 2002
Dr David Xiao - Personal Home Pages (at UEL)
Dr David Xiao - Personal Home Pages (at UEL)
Wireless Networking & Security
Wireless Networking & Security
Authentication Verifies user has permission to access network 1. Open authentication
Authentication Verifies user has permission to access network 1. Open authentication
Wireless Networking (WiFi) update IRMA-BCS meeting 21st October 2003 - 4.30pm
Wireless Networking (WiFi) update IRMA-BCS meeting 21st October 2003 - 4.30pm
Tutorial 7 - Prince Sultan University
Tutorial 7 - Prince Sultan University
IRJET- Analysis of Security Vulnerabilities in Wired Equivalent Privacy (WEP)
IRJET- Analysis of Security Vulnerabilities in Wired Equivalent Privacy (WEP)
Download
advertisement