550 likes | 673 Views
Wireless Network Security Nate Arnold GE Transportation. Wireless Networks What are they?. A Wireless Network is a system of physically separated devices which communicate via electronic waves in order to share information. Wireless Networks What’s out there?.
E N D
Wireless NetworksWhat are they? • A Wireless Network is a system of physically separated devices which communicate via electronic waves in order to share information.
Wireless NetworksWhat’s out there? • Approximately 50 different types of wireless networks • Examples • Cell Phones (GSM, 3GS) • UPS & Fed Ex sending messages using GPRS and CDMA • 802.11 IEEE standards for WLAN • Satellites (Corporate networks, GPS, Iridium)
Wireless NetworksWhat we will focus on • 802.11 IEEE • Current standards • Security • New and future standards • Examples • Alternate Wireless Network Standards
Wireless NetworksThe Business Case • Why go wireless? • Do the benefits outweigh the risks?
Wireless NetworksThe Business Case • Does wireless networking provide business value? Soft Benefits vs. Hard Benefits
Wireless NetworksThe Business Case Soft Benefits of a WLAN: • Increased flexibility • Faster decision making • Higher employee satisfaction • Greater accuracy of information
Wireless NetworksThe Business Case Real world examples of Soft Benefits • University of Illinois at Chicago Medical Center • 507 beds, Outpatient Care Center, 715 physicians • Originally 5 different terminals to carry out jobs • Difficult for IT Dept. to support multiple devices • Server based WLAN, and wireless computers improved the quality of the care given to patients
Wireless NetworksThe Business Case Real world examples of Soft Benefits • AOT Financial Services (The Netherlands) • Amsterdam Options Exchange introduces new electronic trading with wireless access • AOT provided its traders the with wireless devices and so the ability to make a trade or access market information at the touch of a button • Results in a 300 percent increase in the speed of trading • 300 percent increase in profits?
Wireless NetworksThe Business Case Problems with Soft Benefits • Difficult if not impossible to quantify • Hard to justify expenditure
Wireless NetworksThe Business Case Hard Benefits • Dollar amount of cost savings • Measurable increases in productivity
Wireless NetworksThe Business Case Hard Benefits – Cost savings • Case study of a major national retail chain with more than 500 stores • Focuses on total cost of ownership of wireless vs. wired networks in stores • Initial installation, and store reconfigurations both considered
Wireless NetworksThe Business Case Hard Benefits - Productivity Gains • Intel IT and Intel Finance collaboration • ROI based model based on the standard discounted cash flow methodology ROI = (Productivity benefits – Start-up costs – Sustaining costs)
Wireless NetworksThe Business Case Hard Benefits – Productivity Gains • Startup costs and Sustaining costs both relatively easy to measure • Converting the perceived value to actual ROI is much more difficult
Wireless NetworksThe Business Case Hard Benefits – Productivity Gains • Method to measure productivity benefits • WLAN Pilot • Determine data points • Establish a baseline • Segment the users • Set expectations
Wireless NetworksThe Business Case Hard Benefits – Productivity Gains • Timesavings = Productivity • Measuring Timesavings • Intel IT asked users how much time they saved by using the WLAN and took 25 percent of those estimates to use in its ROI equations.
Wireless Sales
7 Security Problems of Wireless Networks • Easy Access • Rogue Access Points • Unauthorized Use of Service • Service and Performance Constraints • MAC Spoofing and Session Hi-jacking • Traffic Analysis and Eavesdropping • Higher Level of Attacks
Security Goals of 802.11 • To protect wireless transmissions that travel over the open radio frequencies. • Confidentiality: protect data from being intercepted • Access Control: protect access to private networks • Data Integrity: prevent tampering with transmitted messages
Weak Authentication Open System Authentication Shared Key Authentication MAC Address Filtering Weak Encryption Keystream Reuse Improper Key Management Short Encryption Keys WEP Packet Checksums are not Secure WEP is Turned off by Default 802.11 WEP Design Flaws
802.1X Mutual Authentication using Extensible Authentication Protocols (EAP) Wi-Fi Protected Access (WPA) Enhanced encryption that replaces WEP Solution for Securing 802.11
What is EAP? • EAP stands for Extensible Authentication Protocol that is based on a process rather than an algorithm • EAP is a one sided authentication protocol • EAP allows for mutual authentication by running the protocol in both directions • It is a request-response protocol • It reduces exposure to key attacks
The EAP Protocols • EAP-TLS (Transport Layer Security) • Authentication by digital certificates • PEAP (Protected EAP) • Server side authentication by digital certificate and client side by user supplied password • MD5-CHAP • Client side authentication by hashed password • LEAP (Lightweight EAP) • Proprietary to Cisco • Mutual Authentication with random rekeying
Wi-Fi Protected Access (WPA) • Specification accepted early part of 2003 • Secure implementations of WPA involve • 802.1x infrastructure • EAP protocol + RADIUS server • Software upgrades for clients and Access Points
WPA Security Enhancements • 802.1x • EAP Authentication • Temporal Key Integrity Protocol (TKIP) • Encryption method using 128 bit rekeying • Allows different client stations to use different keys to encrypt data • Key generating function that encrypts every data packet with it own unique key • Message Integrity Code (MIC) • Checksum that prevents message tampering
802.11i Standard • Approved in August 2004 • It incorporates the 802.1x specification • It adds security features • Temporary Key Integrity Protocol (TKIP) • Advanced Encryption Standard (AES) • Replacement for WEP • Mathematical ciphering algorithm that uses variable key lengths (128, 192,256) making it almost impossible to decipher
802.20 (MBWA) Mobile Broadband Wireless Access IEEE may ratify by the end of this year Offers blanket coverage to a large city sized area at speeds of 1.5 mbps Requires special hardware at cell transmission sites and client devices containing specialized chips Newer Standards • 802.16 or Wi-Fi Max • Enables a single base station to support fixed and mobile devices (30 mile radius/70 mbps) • DSL providers can use this standard to provide last mile delivery of broadband to homes
Newer Standards (2) • 802.11n “mesh networking” - home use • IEEE expected to ratify this standard late 2005 • Wireless transmissions hop from device to device - Leaps could reach 100-200 mbps • The first TV to accept this standard is expected to be released in 2006
New Networks • Ultrawideband (UWB) for home use • Expected to be ratified by IEEE in 2005 • Data transmission rates of 1 gbps • Shorter transmit range than current Wi-Fi • Freedom Link by SBC • Combines Wi-Fi and new cellular-data networks • Voice Over Wi-Fi by Nortel Networks • Makes it possible to use Wi-Fi to make phone calls over the Web
WLAN Security Best Practices • Educate Employees • Personal Firewalls on Mobile Machines • Scan for Rogue APs (ex: Netstumbler) • Change Default Passwords on APs • Turn on and use WEP • Avoid Placing APs near walls or windows • Reduce Broadcast Strength • Use VPN with secondary authentication
MUnet Wireless LAN • IT Services will install a university-wide 802.11 infrastructure over 75% of most heavily trafficked student areas (e.g., study areas, classrooms, and instructional spaces) and over 90% of office and conference areas by June 2005. The residence halls will be the first area to receive the 802.11 infrastructure, with coverage planned for Fall 2004. • Wireless networking, even with WEP encryption, is inherently insecure. Sensitive data should not be transmitted on a wireless network unless encrypted by the application (e.g. SSL or SSH) or through use of MU's VPN service (see Related Items).
MU WiFi Security Use the MUVPN http://software.muohio.edu/
MUnet Wireless LAN • Access point connects to the MU network via 10/100MB Ethernet • 802.11b Compliant • Uses the FCC unlicensed 2.4 GHz radio frequency • MUnet maintains central administrative control • MUnet requests that use of all other 2.4 GHz devices be discontinued in university-owned buildings • Interference: other wireless LAN devices, cordless telephones, cameras, and audio speakers
More MU WiFi Info Mymiami.muohio.edu
What is Netstumbler? • A Windows utility for 802.11b based wireless network auditing • Compatible with Windows 9x, 2000, and XP • MiniStumbler • Pocket PC 3.0 and 2002. Supports ARM, MIPS and SH3 CPU types • More info at netstumbler.com
Who might use Netstumbler? • Security team wanting to check that their corporate LAN isn't wide open • Systems admins wanting to check coverage of their Wireless LAN • Gatherers of demographic information about 802.11 popularity • Drive-by snoopers • Overly curious bystanders