Lecture 9 WLAN Security

8/14/2019 Lecture 9 WLAN Security

1/15

1

2004, Cisco Systems, Inc. All rights reserved.

Wireless LAN (network) security


2/15


3/15

3

33 2004, Cisco Systems, Inc. All rights reserved.

WLAN threatsWLAN threats

2- Unstructured threats:2- Unstructured threats:

- It happened by hackers who are more technical

- - They can know the network vulnerabilities then they can provide ascript or a code or a program to use it in accessing to the network.

- 3- External threats:3- External threats:

- - It may be happened by a person or organized group from theoutside of the network , they arent authorized to access to thenetwork.

4- Internal threats :4- Internal threats : - It happened by a person who is has the permission and authorized

to access to the network from the internal employees , he candamage the network.


4/15

4


WLAN threatsWLAN threats

SpySp

y-To gather information isnt allowed to be known

-AccessAccess

- Unauthorized person access to the network ( doesnt have any

account ), he can access by guessing the password or he know that the

password is weak.

-DOS (Denial Of Service)DOS (

Denial Of Service)

-- Disable or corrupts wireless network.-- The more danger and is difficult to prevent.


5/15

5


The development of a good securityThe development of a good security

-1-Provide a process to audit existing wireless security.1-Provide a process to audit existing wireless security.

-2- Provide a general frame work for implementing2- Provide a general frame work for implementing

security.security.

-3- Define behavior that is allowed and that isnt allowed .3- Define behavior that is allowed and that isnt allowed .-4- Help determine which tools are needed for the4- Help determine which tools are needed for the

organization.organization.

-5- Help communication among a group of key decision5- Help communication among a group of key decision

makers and define responsibilities of users andmakers and define responsibilities of users andadministrators.administrators.

-6- Define a process for handling wireless breaches.6- Define a process for handling wireless breaches.

-7- Create a basic for legal action.7- Create a basic for legal action.


6/15

6


First generation wireless securityFirst generation wireless security

1- SSID (Security Set Identifier) :1- SSID (S

ecurity Set Identifier) :-Basic form of security.

1- to 32 character (ASCII code)-For clients and access points.

-Most of Access Points (APs) have options like:

-1- (SSID broadcast):- It advertise the SSID , so it is easy to be known by any person- This option is enabled by default , so for security must set to be

disabled .

-2- (Allow any SSID):- Allow clients to access the wireless network with blank SSID , or with

any SSID .


7/15777 2004, Cisco Systems, Inc. All rights reserved.

First generation wireless securityFirst generation wireless security

2 MAC based authentication2 MAC based authentication

Each Access Point (AP) have a list of valid MAC address ,or it beingEach Access Point (AP) have a list of valid MAC address ,or it being

saved on a centralized server , this can know which devices allowed tosaved on a centralized server , this can know which devices allowed to

access the network and prevent unauthorized devices by the MAC access the network and prevent unauthorized devices by the MAC

address .address .

-- The problem in this way is that the MAC- addresses unencrypted , soThe problem in this way is that the MAC- addresses unencrypted , so

it is easy to be known.it is easy to be known.



Authentication Process

On a wired network, authentication is implicitly provided by the physicalcable from the PC to the switch.

Authentication is the process to ensure that stations attempting toassociate with the network (AP) are allowed to do so.

802.11 specifies two types of authentication:

Open-system

Shared-key (makes use of WEP)


9/15



Open Authentication and WEP

In some configurations, a client can associate to the access point with anincorrect WEP key or even no WEP key.

The AP must be configured to allow this (coming).

A client with the wrong WEP key will be unable to send or receive data, since thepacket payload will be encrypted.

Keep in mind that the header is not encrypted by WEP.

Only the payload or data is encrypted.

Associated but datacannot be sent or

received, since it

cannot be

unencrypted.

There is noverification of the

user or machine ,

tied to a WEP key



Two methods 802.11 standard defines for clientsTwo methods 802.11 standard defines for clientsto connect to an access pointto connect to an access point

2- Shared key authentication:2- Shared key authentication:

- Require the client and the access point to have the same WEP

key.

- Access Point (AP) using shared key authenticated send a

challenge text packet to the client .

- If client has the wrong key or no key , it will fail (client fail)



EncryptionEncryption

- WEP ( Wired Equivalent Privacy )- WEP ( Wired Equivalent Privacy )

- IEEE 802.11 standard include WEP (( Wired Equivalent Privacy ) toWired Equivalent Privacy ) to

protect authorized user of WLAN from attackprotect authorized user of WLAN from attack .

-Is a technology which encrypt the traffic on your network.

- When using WEP , both the wireless client and the access point musthave a matching WEP key.

WEP keys :WEP keys :

First schemeFirst scheme :: Set of up to four default key are shared by all station ,

so when the keys are distributed over the stations , it is easy to beknown by unauthorized person .

-Second scheme :Second scheme :

- Each client establish a key mapping relationship with other station.

- This is more secure



Wi- Fi Protected Access (WPA)Wi- Fi Protected Access (WPA)

-Wi- Fi Protected Access (WPA)Wi- Fi Protected Access (WPA)More stronger than (WEP)More stronger than (WEP)

- WPA has two modes :- 1- Personal :- For small installation ( single password).

-2- Enterprise :

- For large installation ( username , password).

End- to End EncryptionEnd- to End Encryption-Mean that all conversation is encrypted from your PC to the service or

the station you talking to.

-SSL ( Secure Socket Layer) The most common , it makes private

conversation.-SSH ( Secure Shell) - end to end method of encryption , make

the same job of telnet protocol put the connection is encrypted.



Wireless security protocolsWireless security protocols

-1- WPA2WPA2

- Version of the final 802.11i standard .

- Support EAP (Extensible Authentication Protocol) authentication

method .

-2- 802.1x2- 802.1x

- IEEE standard for access of wireless and wired LANs , Provide

authentication and authorization of LAN nodes .

- Define (EAP) protocol which use central authentication server.

-3- LEAP ( Light Weight Extensible Authentication ProtocolLEAP ( Light Weight Extensible Authentication Protocol ))

- Based on 802.1x , help minimize the original security flaws by using

WEP .

- Also use MAC address authentication.


15/15151515 2004 Cisco Systems Inc All rights reserved

Wireless security protocolsWireless security protocols

-4- PEAP ( Protected Extensible Authentication Protocol)

- Allow for a secure transport of data , password and encryption key

without the need of a certificate server .

-5- TKIP (Temporal Key Integrity Protocol)5- TKIP (Temporal Key Integrity Protocol)

- Provide a message integrity check .

- Part of IEEE 802.11i.

-6- RADIUS (Remote Authentication Dial User and Service)6- RADIUS (Remote Authentication Dial User and Service)

- Is AAA protocol ( Authentication , Authorization , and Accounting) .

Documents

Lecture 9 WLAN Security