Professional Documents
Culture Documents
Introduction
• The 802.11 standard defines wireless local area
network (WLAN) technology.
• Concern about the:
– ability to transmit data securely over a wireless medium
and
– properly protect wired network resources.
Introduction..
• Wireless networks + entry point into a network for hackers.
• Relatively new technology + security vulnerabilities.
• Increase of Wi-Fi hotspots + rising number of cell phones,
PDAs, and laptops equipped with Wi-Fi radios - wireless
security - issue for many organizations.
• + Broadcast nature of radio frequency (RF) wireless networks
+ rapid adoption of wireless technologies for home and
business networks = many hacking opportunities exist in
wireless networking.
• + cost of Wi-Fi equipment is dropping + organizations install
wireless networks to complement or replace existing wired
networks.
Wi-Fi and Ethernet
• Wi-Fi networks are fundamentally different
from Ethernet networks.
• Ethernet network - copper or fiber-optic
cabling.
• Wi-Fi network - across open air.
• Encryption applied to wireless networks only
encrypts the data itself, leaving the header
portion of the wireless frame open to many
types of attacks.
Wi-Fi and Ethernet..cont
• There are three types of 802.11 frames:
– Management
• Used for notification, connection, disconnection, and
information.
– Control
• Used to control which station has access to the wireless
network media.
– Data
• Used to carry upper layer data.
Standards Organizations
• The International Organization for Standardization (ISO)
– Open Systems Interconnection (OSI) model = architectural model for data
communications.
• Default Settings
– The two most obvious default settings would be the SSID and the
administrator login name/password.
– Also, if the device allows, change the default IP address.
• SSID Name
– Do not use a SSID that can clearly identify who you are.
– Do not use a family surname, your street address, or your dog’s name.
– Choose a network name with no meaning — something such as
Rhj18YT89.
– SSID’s are “ case sensitive ” and must match on both the Wi - Fi home
router and the client stations.
SSID Broadcast
• SSID Broadcast is a function performed by an
Access Point that transmits its name so that
wireless stations searching for a network
connection can ‘discover’ it.
SSID Cloaking / Disabling SSID
Broadcast
• Remember in Star Trek when the Romulans “
cloaked ” their spaceship but somehow Captain
Kirk always found the ship anyway?
• Well, there is a way to “cloak” your service set
identifier (SSID).
• Access points typically have a setting called
Closed Network or Broadcast SSID.
• By either enabling a closed network or disabling
the broadcast SSID feature, you can hide, or
cloak, your wireless network name.
SSID Cloaking
Securing Wireless Networks
• Do not auto-connect to open Wi-Fi networks.
– Connecting to an open Wi-Fi network such as a free
wireless hotspot or an unknown WLAN exposes your
computer to security risks.
– Most computers have a setting available allowing
these connections to happen automatically without
notifying you.
– Most versions of Windows will reconnect to a
previously connected SSID.
– This setting should not be enabled except in
temporary situations.
Securing Wireless Networks
• Enable firewall settings on your laptop and
home access point.
– Most network routers contain built-in firewall
capability, but the option also exists to disable
them.
– Ensure that your router’s firewall is turned on.
– You should always install and configure personal
firewall software on each computer connected to
the router.
Securing Wireless Networks
• Reduce your WLAN transmitter power.
– Won’t find this feature on all wireless routers and access
points
– some allow you to lower the power of your WLAN
transmitter and thus reduce the range of the signal.
(enterprise-class access points.)
– fine-tune a signal so that it won’t leak outside your home
or business,
– limit how far outside your premises the signal reaches
– minimizing the opportunity for outsiders to access your
WLAN.
– This will also improve your throughput on your access
point by limiting the wireless cell to just your premise.
Securing Wireless Networks
• Disable remote administration.
– Most WLAN routers have the ability to be remotely
administered via the Internet.
– Ideally, only if it lets you define
• a specific IP address or
• limited range of addresses that will be able to access the
router.
– Otherwise, almost anyone anywhere could potentially
find and access your router.
– As a rule, unless you absolutely need this capability,
it’s best to keep remote administration turned off.
Wireless Threats: Eavesdropping
or Sniffing
• This type of attack involves capturing
passwords or other confidential information
from an unencrypted WLAN or hotspot.
• A protection against this attack is to use SSL
application-layer encryption or a VPN to
secure user data.
Hacking tools
• NetStumbler and Kismet are WLAN discovery tools.
They both discover the
– Media Access Control (MAC) address,
– Service Set Identifier (SSID),
– security mode, and
– channel of the WLAN.