Security of Wireless Networks
Download
Report
Transcript Security of Wireless Networks
Security of
Wireless Networks
Martha Bowen
ISM6021
12/9/2002
Wireless Networking
Concept
TO INTERNET
OR LAN
Traditional networks
communicate over a variety
of wired connection media.
Wireless devices utilize a
combination of broadcast and
reception technologies to
communicate without wires.
Flexible Connectivity
Potential Security
Vulnerabilities
Confidentiality
Unauthorized Disclosure
C
Internal and external!
Man-in-the-middle attacks
Integrity
Unauthorized Modification
Data Corruption
Availability
A
Denial of Service Attacks
Consumer electronics interference
More complicated for Wireless!
I
Sources of Wireless
Vulnerabilities
67% of networks use Factory Settings!
Encryption off
Vendor-specific default network names
Broadcast on
Maximum range
Distributed authentication management
Insufficient access control
Inefficient monitoring & auditing
Physical nature of wireless devices
Wireless Hackers
Little forensic evidence left by wireless
devices
More corporate liability!
New vulnerabilities utilized by hackers during
two hours of monitoring at DefCon X (8/02).
War-driving
Driving around ‘sniffing’ for unprotected wireless
networks
Published at www.wigle.net or www.wifinder.com
Wireless Access Points
Map from www.wigle.net showing known
wireless access points for U.S.
Spread-Spectrum
Wireless Standards
Developed in WWII for secure military comms
Torpedo guidance system
Frequency-hopping
4 Basic security modes
Low power
Scrambling
User-specific network address
Encoding
Spread-Spectrum
Wireless Standards
802.11b
Most widely implemented - 11Mbps in the 2.4GHz band
Potential interference from 2.4GHz cordless phones
802.11a
54 Mbps in the 5 GHz band
Limited interoperability with 802.11b/g
Potential interference from cell phones (harmonics)
802.11g
54 Mbps in the 2.4GHz band - Backwards compatible to
802.11b
Developing Standards
802.11e -Quality of Service
802.11i - Security Issues
Industry Solutions
Wired Equivalency Protocol (WEP)
Ships with most wireless devices (disabled!)
Same level of protection as wired network
Up to 128-bit encryption
Limitations
Public accessibility, key length issue, one-way authentication
802.1x Encryption & Authentication
Extensible Authentication Protocol (EAP)
Currently implemented in Cisco products as LEAP
Mutual authentication, Dynamic WEP keys (per-user/persession), WEP key timeouts (configurable)
Limitations
Hijacking, Man-in-the-middle attack
Alternative wireless technologies
18GHz microwave, Infrared
Pending Technology
Improvements
Wi-Fi Protected Access
Wi-Fi Alliance solution
TKIP encryption
802.1X-based authentication
Input from leading cryptographers
Compatible with existing hardware
Initial communication with wireless access point, which
authenticates through login server
Username/password, biometric, or smart-card
Home version with improved WEP password method
Expected to start shipping early next year
Required for Wi-Fi certification by end of 2003
Pending Technology
Improvements
802.11i
Official standard from IEEE
Two proposed encryption standards
TKIP
Advanced Encryption Standard
Government-developed
Stronger encryption method
Requires hardware upgrade
Expected release months later than Wi-Fi
Protected Access
Home Wireless
Networking Solutions
Review configuration of Access Points!
Turn on encryption – even if it is WEP!
Change the vendor-specific default site ID
Pick generic names
Change WEP password daily or weekly
Disable broadcast
Enable MAC address filtering
Location/configuration of variable range/
variable speed access points
Frequent security audits
Keeping honest people honest…
Enterprise Networking
Solutions
Encryption key automation
RADIUS server
Virtual Private Network (VPN)
Centralized administration & monitoring
Update firmware/software frequently
Wireless Security Auditing Tools
Use multiple firewalls to isolate wireless,
Internet, and local wired connections
Summary
Significant vulnerabilities do exist in
many current wireless implementations.
It is possible to address many of these
vulnerabilities using technology which is
currently available to consumers and
enterprises.
IEEE, Wi-Fi alliance, and vendors are
currently focused on addressing existing
security issues.
Expect rapid changes!
Stay informed!
Questions?
Thank you!