1 / 11

Wireless LAN (network) security

Wireless LAN (network) security. Wireless security. - Is the process of preventing unauthorized access or damage to computers (damage data or damage application) using wireless network . - WLAN vulnerabilities: 1- Weak device – only authentication 2- Weak data encryption

ban
Download Presentation

Wireless LAN (network) security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wireless LAN (network) security

  2. Wireless security • - Is the process of preventing unauthorized access or damage to computers (damage data or damage application) using wireless network . • - WLAN vulnerabilities: • 1- Weak device – only authentication • 2- Weak data encryption • 3- No message integrity • WLAN threats • 1- Unstructured threats : • - It happened by hackers who aren’t technical , they use simple tools to steal the passwords.

  3. WLAN threats 2- Unstructured threats: • It happened by hackers who are more technical • - They can know the network vulnerabilities then they can provide a script or a code or a program to use it in accessing to the network. • 3- External threats: • - It may be happened by a person or organized group from the outside of the network , they aren’t authorized to access to the network. • 4- Internal threats : • - It happened by a person who is has the permission and authorized to access to the network from the internal employees , he can damage the network.

  4. WLAN threats (ways) • Spy • To gather information isn’t allowed to be known • Access • - Unauthorized person access to the network ( doesn’t have any account ), he can access by guessing the password or he know that the password is weak. • DOS (Denial Of Service) • - Disable or corrupts wireless network. • - The more danger and is difficult to prevent.

  5. The development of a good security • 1-Provide a process to audit existing wireless security. • 2- Provide a general frame work for implementing security. • 3- Define behavior that is allowed and that isn’t allowed . • 4- Help determine which tools are needed for the organization. • 5- Help communication among a group of key decision makers and define responsibilities of users and administrators. • 6- Define a process for handling wireless breaches. • 7- Create a basic for legal action.

  6. First generation wireless security • 1- SSID – (Service Set Identifier) : • Basic form of security. • 1- to – 32 character (ASCII code) • - The option : “SSID broadcast “: (enable / disabled) • - SSID (service set identifier) is a function performed by an Access Point that transmits its name so that wireless stations searching for a network connection can 'discover' it. It's what allows your wireless adapter's client manager program or Windows XP's built-in wireless software to give you a list of the Access Points in range.- Having SSID broadcast disabled essentially makes your Access Point invisible unless a wireless client already knows the SSID, or is using tools that monitor or 'sniff' traffic from an AP's associated clients. • - Some vendors refer to the SSID as the "network name."

  7. First generation wireless security 2 – MAC – based authentication Each Access Point (AP) have a list of valid MAC – address ,or it being saved on a centralized server , this can know which devices allowed to access the network and prevent unauthorized devices by the MAC – address .

  8. Authentication Process • On a wired network, authentication is implicitly provided by the physical cable from the PC to the switch. • Authentication is the process to ensure that stations attempting to associate with the network (AP) are allowed to do so. • 802.11 specifies two types of authentication: • 1- Open-system • 2- Shared-key (makes use of WEP)

  9. Authentication Type: Open System Authentication • The following steps occur when two devices use Open System Authentication: • The station sends an authentication request to the access point. • The access point authenticates the station. • The station associates with the access point and joins the network. • The process is illustrated below.

  10. Two methods 802.11 standard defines for clients to connect to an access point • 2- Shared key authentication: • Require the client and the access point to have the same WEP key. (Wired Equivalent Privacy) • Access Point (AP) using shared key authenticated send a challenge text packet to the client . • If client has the wrong key or no key , it will fail (client fail)

  11. Wi- Fi Protected Access (WPA) • Wi- Fi Protected Access (WPA)More stronger than (WEP) • WPA has two modes : • 1- Personal : • For small installation ( single password). • 2- Enterprise : • - For large installation ( username , password). • End- to – End Encryption • Mean that all conversation is encrypted from your PC to the service or the station you talking to.

More Related