Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Wander With Wireless

advertisement 
Wireless Without Worry
Secure Wireless Networking
Tuesday, May 13, 2003 4:15 – 5:00 pm
Presenter: Philip H. Schlesinger
 MCSE, CCNA
 IT Manager TEL TECH PLUS, INC.
pschlesinger@teltechplus.com

BiCSi Wireless Design Specialty
DACUM Panel Member
Copyright 2003 Tel Tech Plus Inc
Wireless Without Worry
Secure Wireless Networking
Presented by:
TEL TECH PLUS, INC.
Concepts in Voice and Data Communications




Network Cabling
Phone Systems / Voice Mail
IT Services
Repair & Maintenance
For an electronic copy of this presentation,
please visit our web site and click on the
BiCSi link on the main page.
Copyright 2003 Tel Tech Plus Inc
Why Am I Here?
 History of wireless communications
 Cellular vs. wireless LAN
 Security issues affecting both
technologies
Copyright 2003 Tel Tech Plus Inc
In the Beginning . . .
Section 1 History
In the BWC era (Before Wireless
Communications), electronic
communication required a wire
strung between two locations . . .
Copyright 2003 Tel Tech Plus Inc
The People Cried Out :
Section 1 History
Free us from our wired shackles!
And so the G-ds of wireless
communication heard their
pleas and sent forth
a messenger . . .
Copyright 2003 Tel Tech Plus Inc
Marconi’s Technologies
Section 1 History
Copyright 2003 Tel Tech Plus Inc
100 Years Ago . . .
Section 1 History
On January 18, 1903, standing on a sandy
bluff of Cape Cod, Marconi sent greetings
from President Theodore Roosevelt to
British monarch King Edward VII. This
was the first wireless message ever sent
across the ocean without help from a
repeater station.
Copyright 2003 Tel Tech Plus Inc
Events that Furthered Wireless
Section 1 History
 The sinking of the Titanic brought
about 24-hour monitoring of radio
channels on ships
 Radio and television (need I say more?)
 1971: ALOHANET – the first wireless
packet switching network
Copyright 2003 Tel Tech Plus Inc
Benefits of Working Wirelessly
Section 2 Cellular vs. WLAN
•
•
•
•
•
Mobility
Installation Speed and Simplicity
Installation Flexibility
Reduced Cost-of-Ownership
Scalability
Copyright 2003 Tel Tech Plus Inc
Cellular Phone Progression
Section 2 Cellular vs. WLAN
 1G – Analog with no built-in security
 2G – Digital with built-in security (top data
speed 14.4 kbps)
 2.5G/2.75G – Higher speeds (data speeds
range from 56kbps dial-up to 128 kbps
ISDN)
 3G – True broadband speeds (not
economically feasible yet)
 Distance goal: 10 km
Copyright 2003 Tel Tech Plus Inc
Wireless LAN IEEE Speeds
Section 2 Cellular vs. WLAN
 1997 ► 802.11
2.4 GHz, 1-2 Mbps
 1999 ► 802.11b
2.4 GHz, up to 11Mbps
 1999 ► 802.11a
5.0 GHz, up to 54 Mbps
 2003 ► 802.11g
2.4 GHz, up to 54 Mbps
 Distance goal:
150-300 ft LANs,
multiple km WANs
Copyright 2003 Tel Tech Plus Inc
OK, so what ?
Section 3 Security
Need to protect two things when
doing wireless networking:


The Data (can be air-tapped)
The Computers and Network
Hardware (can be attacked)
Copyright 2003 Tel Tech Plus Inc
Need to Protect the Bridge
Section 3 Security
Copyright 2003 Tel Tech Plus Inc
Air Tapping
Section 3a Security – Air-Tapping
 Cellular: little to no potential risk
here as long as signal is digital
 WLAN: Uh-oh
Copyright 2003 Tel Tech Plus Inc
Data Intercepted by Hacking
Section 3a Security – Air-Tapping
To: Accountant
From: CEO
Dear Jane,
Attached you will find my
financials as well as details of
our upcoming project
release.....
ed
ch
tt a
a
.
...
s
ial
nc
a
n
fi
.. .
o
pr
t
jec
e
as
le
re
.. .
Access
Point
Y
O
U
Code Cracked - Data stream
To: Accountant
From: CEO
Dear Jane,
........................
H
A
C
K
E
R
Copyright 2003 Tel Tech Plus Inc
WEP – the first attempt
Section 3a Security – Air-Tapping
 Initial system: Wired Equivalent
Privacy (a.k.a. WEP)
 Problem: Shared non-changing
encryption key combined with a bad
implementation of RC4
 Proof of concept: WEPCrack,
AirSnort, WarLinux
Copyright 2003 Tel Tech Plus Inc
So WEP’s a Joke – Ideas?
Section 3a Security – Air-Tapping
Band aids:
 RADIUS / 802.1x (centralized
authentication)
 TKIP (dynamic encryption)
 Combination of the above two (WPA)
 Various flavors of EAP
Copyright 2003 Tel Tech Plus Inc
More Stable Solutions
Section 3a Security – Air-Tapping
 Disable SSID broadcast
 MAC address filtering
 Virtual Private Networking
(a.k.a. VPN) with
individual user SA’s
 Antenna placement &
configuration
Copyright 2003 Tel Tech Plus Inc
Join the Knights of Camelot
Section 3a Security – Air-Tapping
The holy grail: IEEE 802.11i
 AES Encryption
 Secured connect/disconnect
 Other goodies
Copyright 2003 Tel Tech Plus Inc
Attacks on Computers and
Network Hardware
Section 3b Security - Computer &
Network Hardware Attacks
 Viruses & Trojan Horses
password and data stealing
data corruption
computer and network usurping
 Hackers
all the above plus
network jamming attacks
general mischief
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios
Section 3b Security - Computer &
Network Hardware Attacks
Before
Monkey Jack
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios
Section 3b Security - Computer &
Network Hardware Attacks
After
Monkey Jack
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios
Section 3b Security - Computer &
Network Hardware Attacks
This is your
connection
Copyright 2003 Tel Tech Plus Inc
Attack Scenarios
Section 3b Security - Computer &
Network Hardware Attacks
This is your
connection
on WLAN Jack
Copyright 2003 Tel Tech Plus Inc
Defenses Against Attacks
on the Enterprise
Section 3b Security - Computer &
Network Hardware Attacks




Firewalls (hardware & software)
Antivirus software
Good password protection
Keeping up to date on firmware,
drivers, and patches
Copyright 2003 Tel Tech Plus Inc
What Else Can Be Done?
Section 3b Security - Computer &
Network Hardware Attacks
 Site survey before deployment
 If not installing a wireless Intrusion
Detection System, periodic site
surveys after deployment
 Wi-Fi certification makes life a little
easier
Copyright 2003 Tel Tech Plus Inc
Public Network Concerns
Section 3b Security - Computer &
Network Hardware Attacks
Usually no wireless LAN encryption is
employed, so:
 When accessing corporate info:
VPN a must
 For public sites: use https://
or people can see what you’re
sending back and forth over
the air
Copyright 2003 Tel Tech Plus Inc
In Closing . . .
Cellular & Wireless LAN are great
tools
 Readily available and
inexpensive
 Speeds are reasonable
 Just need to prep computers
and users beforehand as
to the risks
Copyright 2003 Tel Tech Plus Inc
Wireless Without Worry
Secure Wireless Networking
Presented by:
TEL TECH PLUS, INC.
Philip H. Schlesinger, CCNA, MCSE
IT Manager
990 Park Center Drive, Suite C
Vista, CA 92083-8352
760-598-6233 760-598-6307 fax
pschlesinger@teltechplus.com
www.teltechplus.com
For an electronic copy of this presentation,
please visit our web site and click on the
BiCSi link on the main page.
Copyright 2003 Tel Tech Plus Inc
Sources
http://www.marconicalling.com
http://www.gartner.com
http://www.ieee.org
http://www.wi-fi.org
http://www.airdefense.net
http://802.11ninja.net
http://www.yahoo.com
(probably the best place to go for info)
Copyright 2003 Tel Tech Plus Inc
Questions ?
Copyright 2003 Tel Tech Plus Inc
Related documents
PROJECT LOG: FUTURE CITIES INTERREG IVB PROJECT
PROJECT LOG: FUTURE CITIES INTERREG IVB PROJECT
Step_Three_Powerpoint
Step_Three_Powerpoint
Letter to unsuccessful applicant (not invited to interview)
Letter to unsuccessful applicant (not invited to interview)
The Four Functions of the Computer
The Four Functions of the Computer
Dr Caroline Wiertz is a Reader in Marketing at Cass Business
Dr Caroline Wiertz is a Reader in Marketing at Cass Business
Download
advertisement