Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Solving the Security Risks of WLAN Tuukka Karvonen 24.7.2016

advertisement 
Solving the Security Risks of
WLAN
Tuukka Karvonen
24.7.2016
Outline
•
•
•
•
•
•
•
General Guidelines
Radio Interface
Access Point Configuration
Client Configuration
TKIP
Honey pot – Fake AP
Links
General Guidelines
• Know the risks: War-Driving, Insertion
Attacks, Monitoring, SNMP services, weak
WEP algorithm, etc.
• The default configuration of the devices
usually lacks security
• Clients and access points should be
configured well
• Organizations need a wireless security
policy, which everyone should follow
Radio Interface
• Provide coverage only to the areas where it is
needed
– Adjust transmitting power
– use directional antennas
• Unintentional and intentional jamming is
possible -> have an alternative, if it’s important
to have your connection working
• Notice, it is fully legal for anybody to disturb your
WLAN on the license-free ISM band
Access Point Configuration
• Turn of the broadcasting of SSID and don’t
use the default one
• Provide DHCP (Dynamic Host
Configuration Protocol) only if needed
• Require Wired Equivalent Privacy and
strengthen it with IEEE 802.1X and TKIP
– Original WEP algorithm is weak, so keys need
to be changed frequently
Client Configuration
• Disable unnecessary services (i.e.
Windows file sharing)
• Install Personal Firewall
• Use higher level security (IPsec, VPNs,
SSL, SSH etc.)
• Use WEP and if possible strengthen it
Temporal Key Integrity Protocol
(TKIP)
• Devices using WEP can be upgraded to TKIP
with firmware patches
• Uses temporal key, which is changed every
10000 packets with help of 802.1X
• Combines the temporal key with the client's
MAC address before adding a initialization
vector -> every device has own encryption key
• Inserts message integrity code into each packet
to avoid forgeries
Honey Pot – Fake AP
• Confuses war drivers
• Hides the real access point by generating
thousands of counterfeit 802.11b access
points
– Sends Beacon frames with random SSID:s
and MAC addresses
• Advanced version would also need to
create real traffic
• http://www.blackalchemy.to/project/fakeap/
Links
• Information
– http://www.iss.net/wireless/WLAN_FAQ.php
– http://www.80211-planet.com/
• Access point maps
– http://www.wifimaps.com/
– http://www.netstumbler.com/
• Tools:
– http://freshmeat.net/projects/airsnort/
– http://www.netstumbler.com/
– Wireless Scanner http://www.iss.net/download/
Related documents
Solving the Security Risks of WLAN Tuukka Karvonen 24.7.2016
Solving the Security Risks of WLAN Tuukka Karvonen 24.7.2016
Introduction Wired Equivalent Privacy (WEP) key is shared by all the... management. We are going to crack the WEP enabled Wi-Fi...
Introduction Wired Equivalent Privacy (WEP) key is shared by all the... management. We are going to crack the WEP enabled Wi-Fi...
Dr David Xiao - Personal Home Pages (at UEL)
Dr David Xiao - Personal Home Pages (at UEL)
Quality of Service for Voice IP in Wireless Local Area... Wadheh Hafidh AL Manthari Abstract
Quality of Service for Voice IP in Wireless Local Area... Wadheh Hafidh AL Manthari Abstract
1 2
1 2
CRYPTOGRAPHY & COMPUTER SECURITY
CRYPTOGRAPHY & COMPUTER SECURITY
802.11b and the Joy of WarCycling in Dublin David Malone 12 November 2002
802.11b and the Joy of WarCycling in Dublin David Malone 12 November 2002
Wireless Networking & Security
Wireless Networking & Security
IRJET- Analysis of Security Vulnerabilities in Wired Equivalent Privacy (WEP)
IRJET- Analysis of Security Vulnerabilities in Wired Equivalent Privacy (WEP)
Download
advertisement