Transcript Wireless Security - Montclair State University

Wireless Security
Ysabel Bravo
Fall 2004
Montclair State University - NJ
What is the need to go wireless?
 Wireless communication has developed
enormously over the last past years allowing
instant and fast communication from point to
point (s). It has been adopted by businesses
and professional users who depend on “up to
the minute information” to conduct daily
business activities.
Is this communication secure? If so, how?
Wireless Security Requirements
Reported incidents in terms of security and
data/investments loss call for more measures.
Any secure mobile solution must follow this
functionality:
 Authentication
 Encryption
 Access
& Accountability
Security: Authentication
 Low level of authentication must have one of
the following categories:



Something you know (i.e. user name and
password/pin)
Something you are (i.e. finger prints)
Something you have (i.e. smart card/employee
ID card)
 A combination of those will make
authentication stronger.
Security: Encryption
 No encryption used for wireless has been
critical to security.
 WEP (Wired equivalent privacy) was not
intended for security and encryption. It was
only for casual eavesdropping or
unauthorized data modification.
 Encryption recomemded:



PKI (Public key infrastructure)
128 bit minimum encryption
Use of AES (Advanced encryption standard)
Security: Access & Accountability
 User should only be allow to authorized
information
 Tracking use of services access by user.
 Ensuring the principal of C.I.A (Confidentiality,
Integrity & Availability)
Security: Wireless Break-ins
 Many of the securities weaknesses are
created by the user itself as a result of
ignorance and/or disregard for security.
 Vulnerabilities and how to fix them:




Rogue Access Points
Chatty Laptops
Unconfigured Access Points
Ignoring Security Standards
Rogue Access Points
 Vulnerability:


They are not secure.
They are not yours & they can read your traffic
as well.
 Alternative:

Use IDS (intrusion detection System) to detect
rogue Wlans and monitor Wlan.
 End user: inexpensive ids
Chatty Laptops
 Vulnerability:
 Once laptop on, it look for an access point to
talk to.
 Devices have no brain – therefore they do
what they are designed to do.
 Alternative:
 Follow configuration standards from your
employer
 Learn configuration policies from provider.
Unconfigured Access points
 Vulnerability:

Access point equipment such as Lynksys or
Cisco has default passwords. Ex. Cisco is
“Tsunami”
 Alternative:

IT departments or local administrator must
configure devices assigning proper ids and
password.
Ignoring Security Standards
 Vulnerability:
 Anyone sniffing the air can read packets from
unsecured devices.
 Companies indicate how to connect wirelessly,
users ignore standards and forget about
security.
 Alternative:
 If equipment granted by company, standards
should be implemented in system before
assigning equipment to users. & Enforcing
policies by regularly checking on equipment.
Unencryption  Solutions
 Unencrypted:


MAC registration: restrict DHCP leases to
know MAC addresses. Verifies card have
been registered, cannot verify the user.
Firewall: Use of HTTP, HTTPs. Request is
sent to authentication server. Added
components are: user name, time stamp,
failure.
Encryption  Solutions
 Encrypted:


WEP wired equivalent privacy works with
another security system to provide
authentication. Changing the value of IV after
each transmission. MAC addresses are sent in
the clear
VPN virtual private network, provides higher
level of security using advanced encryption
algorithms.
WEP encryption
Wireless Application Protocol (WAP)
 Developed to implement a standard for
communication between wireless devices and
the Internet.
 Improve productivity, service, installation
speed, cost.
 WAP capabilities coexist with Bluetooth and
WLANs
 Currently allows authentication, privacy and
secure connections; non-repudiation and
integrity checks.
 WAP provides PKI services via supporting
services.
Potential WAP security solution
T-mobile hot spot ensures:
 “Our network now supports the IEEE 802.1x security
standard with WiFi Protected Access (WPA). This
provides robust encryption of data transfer over the
air between devices connected via WPA”.

Quote from www.t-mobile.com
 WPA is called Temporal Key Integrity Protocol
(TKIP).TKIP takes the original master key only as a
starting point and derives its encryption keys
mathematically from this master key. TKIP then
regularly changes and rotates the encryption keys so
that the same encryption key is never used twice.
On the news: Wireless
 Cnn.com: Cities find Wi-Fi future


Will they be secure?
Do users really know how this works?
 Cnn.com: Wireless life, Avoid break-ins.

Easy steps for unaware wireless users.
What NetStumbler can do for you?
 NetStumbler is a tool for Windows that allows you to






detect Wireless Local Area Networks (WLANs) using
802.11b, 802.11a and 802.11g. It has many uses:
Verify that your network is set up the way you
intended.
Find locations with poor coverage in your WLAN.
Detect other networks that might be causing
interference with your network.
Detect unauthorized "rogue" access points in your
workplace.
Help aim directional antennas for long-haul WLAN
links.
Use it recreationally for WarDriving.
Network Stumbler:
NetStumbler – Results
NetStumbler - Findings
NetStumble –
Results at MSU Science Building
IEEE WLAN Standards
References:
 All references noted on final report, please
see documentation.
Montclair State University
Computer Science Department
Montclair, New Jersey - USA