Security+ All-In-One Edition Chapter 10 – Wireless Security Brian E. Brzezicki Wireless Look No Wires! Wireless Attempt at communication using non-physical links. Examples • Radio Waves • Light Pulses Often used for networking, but can be used simply to eliminate wires for device to device communication. Wireless LAN protocols 802.11 standard • Wireless LAN networking • Data Link layer specifications • Components – Access point (a type of bridge) – Wireless Card – SSID 802.11 family • 802.11b – 11Mbs – 2.4Ghz (same as common home devices) • 802.11a – 54Mbps – 5Ghz (not as commonly used, however absorbed by walls, yielding less range possibly) • 802.11g – 54Mbs – 2.4Ghz – Cards are generally backwards compatible and can serve as 802.11b or 802.11a • 802.11n – Uses Multiple Input Multiple Output (MIMO) – 100Mbs – 2.4G or 5Ghz Wireless Problems • Easy to get access to airwaves, hard to restrict! Talk about the attacks next. Wireless Attacks Wireless Attacks • War driving – Wireless scanners – Netstumber (see next slide) • Warchalking (2 slides) (more) NetStumbler [...]... different types of wireless encryption protocols • WEP – – – – – Shared passwords (why is this bad?) 64/40 or 128 /104 bit key Uses RC4 Easily crack able (due to key reuse) Only option for 802.11b (more) Transmission Encryption • WPA PSK – Shared password – Uses TKIP normally • RC4 with changing keys – Can use AES (not certified) • 128 bit key • WPA2 PSK – Uses AES (normally) • 128 bit key – Can use TKIP... the attack above? Q What is one way office users could use wireless to violate network security? Q What is Bluetooth used for? Q What is Bluesnarfing? Wireless security • Access control – Turn off SSID broadcasts (problems) – MAC filtering (problems) • Encryption – Discussed later • Authentication – Use Radius and 802.1X • Isolation – VLANs over wireless ... the communications Chapter 10 – Review Questions Q What encryption protocol does WEP use Q What 2 key lengths does WEP support Q What encryption protocol does WPA2 use? Q Why is MAC filtering or turning off SSID broadcasting not sufficient security? Q What does WAP use for security? Chapter 10 – Review Questions Q What is the WAP GAP Q Define how to accomplish a MiM attack on a wireless network Q What... – Sending forged message to nearby bluetooth devices – Need to be close – Victim phone must be in “discoverable” mode • Bluesnarfing – Copies information off of remote devices • Bluebugging – – – – More serious Allows full use of phone Allows one to make calls Can eavesdrop on calls Bluetooth Countermeasures • Disable it if your not using it • Disable auto-discovery • Disable auto-pairing WAP WAP Wireless. .. WPA2 in Enterprise Mode – Uses 802.1X authentication to have individual passwords for individual users • RADIUS – what was radius again? • 802.11i – the official IEEE wireless security spec, officially supports WPA2 Wireless Device to Device Communication Bluetooth Bluetooth • What is Bluetooth • What is the purpose of Bluetooth, is it networking? • Bluetooth Modes – Discovery Mode – Automatic Pairing... put up a fake access point get people to connect with you Evesdropping and attaining nonauthorized acess • Evesdropping – Air Snort – breaks WEP retrieves encryption keys (security+ exam reference airsnort, even thought it’s no longer developed) – aircrack-ng – breaks WEP and WPA-psk Wireless Countermeasures • Turn off SSID broadcasts (problems?) • Enable MAC filtering (problems?) • Use Encryption (we’ll... auto-pairing WAP WAP Wireless Application Protocol – a protocol developed mainly to allow wireless devices (cell phones) access to the Internet • Requires a Gateway to translate WAP HTML (see visual) • Uses WTLS to encrypt data (modified version of TLS) • Uses HMAC for message authentication • WAP GAP problem (see visual and explain) • A lot of wireless devices don’t need WAP anymore… why? WAP WAP . Security+ All-In-One Edition Chapter 10 – Wireless Security Brian E. Brzezicki Wireless Look No Wires! Wireless Attempt at communication using non-physical. family • 802.11b – 11Mbs – 2.4Ghz (same as common home devices) • 802.11a – 54Mbps – 5Ghz (not as commonly used, however absorbed by walls, yielding less range possibly) • 802.11g – 54Mbs – 2.4Ghz – Cards. 802.11a • 802.11n – Uses Multiple Input Multiple Output (MIMO) – 100 Mbs – 2.4G or 5Ghz Wireless Problems • Easy to get access to airwaves, hard to restrict! Talk about the attacks next. Wireless Attacks Wireless