1 / 42

Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6 Wireless Network Security. Objectives. Describe the basic IEEE 802.11 wireless security protections Define the vulnerabilities of open system authentication, WEP, and device authentication

bela
Download Presentation

Security+ Guide to Network Security Fundamentals, Third Edition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security

  2. Objectives Describe the basic IEEE 802.11 wireless security protections Define the vulnerabilities of open system authentication, WEP, and device authentication Describe the WPA and WPA2 personal security models Explain how enterprises can implement wireless security Security+ Guide to Network Security Fundamentals, Third Edition

  3. IEEE 802.11 Wireless Security Protections Institute of Electrical and Electronics Engineers (_________) The most widely known and influential standards making organization for ____________________ ____________________________________ In 1990, the IEEE formed a committee to develop a standard for _______________ Operating at a speed of ________ million bits per second (Mbps) within the __________ frequency In 1997, the IEEE approved the IEEE 802.11 WLAN standard Security+ Guide to Network Security Fundamentals, Third Edition

  4. IEEE 802.11 Wireless Security Protections (continued) Revisions IEEE 802.11__________- operates at ______________ Mbpswithin the _____________ frequency AKA ____________________ IEEE 802.11____- operates at __________ Mbpswithin the __________GHZ frequency _______ compatible with 802.11b IEEE 802.11_______- operates at ________ Mbpsand is ____________________________ compliant devices “best of both worlds” IEEE 802.11_____ – said to increase bandwidth to ________ Mbps and is also _________________ Security+ Guide to Network Security Fundamentals, Third Edition

  5. Wireless Security Protections • Three categories • _________________ • Wired equivalent Privacy (_______) encryption • ______________________ More to come on each of these…

  6. Controlling Access Controlling wireless access of devices to the WLAN Accomplished by _____________________ to the access point (AP) By restricting access to the AP, only those devices that are _________________ to the AP and become part of the wireless network The IEEE 802.11 standard does not specify ______ to implement controlling access Almost all wireless AP vendors implement access control through Media Access Control (_______) __________________________ MAC address filtering is usually implemented by _______________(instead of preventing) devices to access the network Security+ Guide to Network Security Fundamentals, Third Edition

  7. Wired Equivalent Privacy (_________) Designed to ensure that only ____________ _______________ can view transmitted wireless information Uses _______________ to protect traffic Uses ____________________ between wireless device and AP The IEEE 802.11 committee designed WEP to meet the following criteria: __________, exportable, optional, self-synchronizing, and ________________________ Security+ Guide to Network Security Fundamentals, Third Edition

  8. WEP (continued) IEEE 802.11 WEP shared secret keys must be a minimum of _______________ in length The options for creating keys are as follows: 64-bit key 128-bit key Passphrase The AP and devices can hold up to ________ shared secret keys One of which must be designated as the _______________ _________ must be done with ___________ key, ___________ must be done with the __________ key used for _____________________ Security+ Guide to Network Security Fundamentals, Third Edition

  9. WEP (continued) Checksum based on text Default key = length of text plus the ICV Seed- changes each time so random number can be created 1 XOR 0 = 1 0 XOR 1 = 1 otherwise 0 value Encrypted text Security+ Guide to Network Security Fundamentals, Third Edition

  10. Device Authentication Wireless LANs cannotlimit access to the wireless signal by walls or doors Sometimes called _________________ Wireless authentication requires the _____________ -not user- to be _________________________ to the network Types of authentication supported by the 802.11 standard ________________ authentication See Figure 6-6 – next slide ____________________ authentication See Figure 6-7 – two slides down Security+ Guide to Network Security Fundamentals, Third Edition

  11. AFTER comparing the SSID received with the actual SSID of the network Contains SSID Security+ Guide to Network Security Fundamentals, Third Edition

  12. Challenge text sent back If equivalent ? Security+ Guide to Network Security Fundamentals, Third Edition

  13. Vulnerabilities of IEEE 802.11 Security IEEE 802.11 standard turned out to be very _________________ The primary vulnerabilities are in the areas of: Open system authentication MAC address filtering WEP More to come on each of these…. Security+ Guide to Network Security Fundamentals, Third Edition

  14. Open System Authentication Vulnerabilities Open system authentication is considered weak because authentication is based on only _______________: A _______________________ An attacker can easily discover a valid SSID by doing nothing Exploits the ___________________________ Once a wireless device receives a beacon frame, it can attempt to join the network by sending an association request frame back to the AP Security+ Guide to Network Security Fundamentals, Third Edition

  15. Open System Authentication Vulnerabilities (continued) _______________ scanning The most common type of scanning A wireless device _____________________ frame for a set period of time AP can be configured to prevent the beacon frame from including the SSID Problems arise when the SSID is not beaconed Provides ___________________________ User must ________________________ Security+ Guide to Network Security Fundamentals, Third Edition

  16. Problems That can Arise when the SSID is not beaconed… Can affect roaming causing an ______________ ____________________ Devices are not able to automatically switch from AP to AP when beaconing is turned off Can also ___________________________ Microsoft Windows ______________ Devices using XP always connect to an access point that is broadcasting its SSID The SSID can be _____________ even when it is not contained in beacon frames Still is transmitted in other management frames sent by the AP Security+ Guide to Network Security Fundamentals, Third Edition

  17. MAC Address Filtering Weaknesses MAC addresses are initially exchanged in an __________________ through the WLAN An attacker can easily see the MAC address of an approved device and use it to join the network ___________________________________ Managing a large number of MAC addresses can pose significant challenges MAC address filtering does _____ provide an automatic means to __________________ user to access the network Security+ Guide to Network Security Fundamentals, Third Edition

  18. Weaknesses in WEP 1. When encrypting packets with either a 64-bit or 128-bit number the initialization vector (_________) remains at ____________________ The short length of the default key______________ The shorter the easier to break 2. WEP implementation violates the cardinal rule of cryptography: Anything that creates a __________________ must be ____________________________ Patterns provide an attacker with valuable info ______________________ in fewer than seven hours Security+ Guide to Network Security Fundamentals, Third Edition

  19. Weaknesses in WEP (continued) • Possible for an attacker to identify two packets derived from the same IV (called a collision) • Attacker could then launch a________________ • A method of determining the keystream by analyzing two packets that were created from the same IV • Attacker can work backwards • Once the plaintext of one packet has been discovered, ___________with that same IV can also be ______________________ Security+ Guide to Network Security Fundamentals

  20. Personal Wireless Security Designed for SOHO’s or consumer use The wireless security requirements for _________________ are most often based on two models promoted by the Wi-Fi Alliance: _________ Personal Security _________ Personal Security Security+ Guide to Network Security Fundamentals, Third Edition

  21. WPA Personal Security Wireless Ethernet Compatibility Alliance (___________) A consortium of wireless equipment manufacturers and software providers formed to promote wireless network technology In 2002, the WECA organization changed its name to _____________ (Wireless Fidelity) _________________ Security+ Guide to Network Security Fundamentals, Third Edition

  22. WPA Personal Security (continued) In October 2003 the Wi-Fi Alliance introduced Wi-Fi Protected Access (_____) WPA addresses __________________________ _______________________ _________ addresses ________________ __________ addresses _______________________ Security+ Guide to Network Security Fundamentals, Third Edition

  23. WPA Personal Security (continued) Preshared key(PSK) authentication uses a ____________________ which is used to__________________________ PSK serves as the starting point (seed) for mathematicallygenerating the encryption keys PSK used to authenticate user The __________ is created and must be entered into __________________ and ___ ____________________ prior to the devices communicating with the AP Security+ Guide to Network Security Fundamentals, Third Edition

  24. WPA Personal Security (continued) Temporal Key Integrity Protocol (TKIP)is theencryption technology used by WPA TKIP has several _____________________: TKIP uses a longer ________ key- called the_________ key TKIP keys are known as ________________ which are _________________ for each packet created When coupled with other technologies, TKIP provides an even greater level of security WPA also replaces the (CRC) function in WEP with the Message Integrity Check (______________) Designed to prevent an attacker from_____________________ _________________________________ A MIC key, the sender and receiver’s MAC and the text create the MIC ______________________ each _________________ the MIC then the __________________ Security+ Guide to Network Security Fundamentals, Third Edition

  25. WPA2 Personal Security Wi-Fi Protected Access 2 (__________) Introduced by the Wi-Fi Alliance in September 2004 Still uses _______________ but instead of TKIP encryption it uses _____________________________________ PSK Authentication Intended for personal and small office home office users who________________________________________ PSK keys are__________________________________ _______________________after a specified period of time known as the____________________ Like PSK in the original WPA, keys must be entered in both access point and the wireless devices Security+ Guide to Network Security Fundamentals, Third Edition

  26. WPA2 Personal Security (continued) First PSK _______________________: The distribution and sharing of PSK keys is performed ____________ without any technology security protections PSK only uses a _____________ (WEP can use four keys) PSK key must be changed regularly and requires _____________________________ on every wireless _______________ and on all _________________ In order to allow a guest user to have access to a PSK WLAN, the key must be given to that guest, then changed on all devices once guest departs Security+ Guide to Network Security Fundamentals, Third Edition

  27. WPA2 Personal Security (continued) A second area of PSK vulnerability is the use of _______________________ Consisting of letters, digits, punctuation, etc. that is between 8 and 63 characters in length PSK passphrases of fewer than __ characters can be subject to a specific type of _______________ WPA2 encryption- AES-CCMP Different parts of the algorithm provide ________ ______________________________________ Security+ Guide to Network Security Fundamentals, Third Edition

  28. _____________ Wireless Security The enterprise wireless security options can be divided into those that follow: IEEE 802.11i standard or WPA and WPA2 models More to come on both… Security+ Guide to Network Security Fundamentals, Third Edition

  29. IEEE 802.11i The IEEE 802.11i wireless security standard addresses the two main weaknesses of wireless networks: ___________ and __________________ Encryption is accomplished by replacing WEP’s original PRNG RC4 algorithm with a ____________ Much more difficult for attackers to break IEEE 802.11i _____________ and ______________ is accomplished by the IEEE ___________________ Greater degree of security by using ___________________ All traffic blocked on port-by-port base until client is authenticated Authentication verified using credentials stored on an __________________________________ Provides a _______ way to _______________ used for encryption Software, known as ________________, is a required installation on all __________________ using the 802.1x protocol Security+ Guide to Network Security Fundamentals, Third Edition

  30. IEEE 802.11i Authentication Procedure AP which sends info to of client & sends info back to AP WLAN and begin transferring data Security+ Guide to Network Security Fundamentals, Third Edition

  31. IEEE 802.11i (continued) 802.11i includes_________________ Stores information from a device on the network so if a user roams away from a wireless access point and later returns, he ________________ ________________ all of the credentials 802.11i includes____________________ Allows a device to become ______________ to an AP _________________________ of that AP Allows for faster roaming between AP’s Security+ Guide to Network Security Fundamentals, Third Edition

  32. WPA Enterprise Security The WPA Enterprise Security model is designed for ______________________ organizations Provides _____________________________ over the personal model on a wireless LAN ______________ used is ______________(same authentication used in the IEEE 802.11i standard) _______________ is _______________ (used in WPA Personal Security model as well) Security+ Guide to Network Security Fundamentals, Third Edition

  33. WPA Enterprise Security (continued) IEEE 802.1x Authentication Gaining in popularity Provides an authentication framework for all _____ _______________ IEEE 802-based LANs Described earlier… TKIP Encryption An improvement on WEP encryption Uses existing WEP engine Described earlier… Security+ Guide to Network Security Fundamentals, Third Edition

  34. WPA2 Enterprise Security Provides the ________________________ _________________ on a wireless LAN ________________used is_______________ ______________is_____________________ Both Described Earlier… Security+ Guide to Network Security Fundamentals, Third Edition

  35. Enterprise Wireless Security Devices/Tools • Additional wireless security devices and tools are used by organizations to defend against attackers. • Three examples are:

  36. Enterprise Wireless Security Devices/Tools _______ Access Point An access point _________________________ ________________________ These features reside on the __________________ Advantages All APs can be_____________________________ simplifying wireless network management All ______________ is performedin the wireless________ allowingconfigurationto be done in one central location Downside- AP’s and wireless switches are ________________ so they must both come from the ____________________ Security+ Guide to Network Security Fundamentals, Third Edition

  37. Wireless Switch and Thin AP Figure Security+ Guide to Network Security Fundamentals, Third Edition

  38. Enterprise Wireless Security Devices/Tools (continued) Wireless VLANs Can be used to ___________________________ The flexibility of a wireless VLAN depends on which device separates the packets and directs them to different networks See Figures 6-14 and 6-15 For enhanced security many organizations set up _________ wireless VLANs One for ___________ access One for ____________ access Security+ Guide to Network Security Fundamentals, Third Edition

  39. Security+ Guide to Network Security Fundamentals, Third Edition

  40. Security+ Guide to Network Security Fundamentals, Third Edition

  41. Enterprise Wireless Security Devices/Tools (continued) Two Rogue Access Point Discovery Tools 1. ___________________________________ Allows manual auditing the airwaves for rogue access points 2. Continuously monitoring the RF frequency using a special sensor called a _______________ Four types of wireless probes: ________________ probe ________________ probe _____________________ probe _________________________ probe Security+ Guide to Network Security Fundamentals, Third Edition

  42. Summary The initial IEEE 802.11 standard contained security controls for protecting wireless transmissions from attackers The Wi-Fi Alliance has introduced two levels of personal security Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) Enterprise wireless security requires different security models from personal wireless security Additional wireless security devices can be used to defend against attackers Security+ Guide to Network Security Fundamentals, Third Edition

More Related