380 likes | 521 Views
Wireless and Broadband Net Access and Security. Lesson 11. Wireless. IEEE 802.11 working group to define the interface between wireless clients and their network access points.
E N D
Wireless • IEEE 802.11 working group to define the interface between wireless clients and their network access points. • 802.11a: uses OFDM (Orthogonal Frequency Division Multiplexing) to deliver up to 54Mbps in the 5GHz ISM band. (Industrial, scientific, medical – unlicensed part of spectrum) • 802.11b: HR-DSSS (High Rate Direct Sequence Spread Spectrum) to deliver up to 11Mbps in the 2.4GHz band. Actually appeared before 802.11a. • 802.11g: An enhanced version of 802.11b. Uses ODFM but operates in the 2.4GHz band. In theory can operate up to 54Mbps. • 802.11i: Aimed at better security. Wants longer keys than current WEP.
Version Type Subtype To DS From DS MF Retry Pwr More W O 802.11 Frame Structure Frame Control Duration Address 1 Address 2 Address 3 Seq Address 4 Data Checksum Why 4 addresses? Source and destination system, source and destination base stations
802.11 Frame Structure • Frame Control Field • Protocol Version: allows different versions of protocol to be used in same cell at the same time • Type: Data, control, or management frame • Subtype: RTS (request to send) or CTS (clear to send) • To/From DS: frame sent to/from intercell distribution system • MF: More fragments to follow • Retry: retransmission of a frame sent earlier • Pwr: power management, put device in/out of sleep state • More: additional frames follow • W: body had been encrypted using WEP • O: sequence of bits with this set must be processed in order.
Wireless Application Protocol (WAP) • Designed for systems with • Slow processors • Limited memory • Lower bandwidth • Much leaner than wired protocols • Make data transactions as compressed as possible • Allow for more dropped packets
WAP vs. wired network(Security+ Guide to Network Security Fundamentals)
WAP client access to network • Step 1: Client makes a connection with the WAP gateway and sends a request for the content it wants using WSP (Wireless Session Protocol) • Step 2: Gateway converts the request into the HTTP format and forwards it to the application server. • Step 3: Application server sends requested content back to the WAP gateway. • Step 4: Gateway converts the data using WSP, compresses it and sends it to the WAP client. • If the WAP client has enabled the Wireless Transport Layer Security (WTLS) protocol, data is encrypted.
The “Gap” in WAP • WAP 1.X does not require the use of WTLS. If it is not enabled, all data is transmitted in the clear. • Must convert at the gateway from WTLS to TLS. This means that for a brief moment the data is in the clear and can be read at the gateway. This is the “Gap in WAP”. • What is the real security risk of this being exploited? • WAP 2.0 employs TLS (Transport Layer Security) so no conversion is necessary at the gateway.
Wireless Transport Layer Security (WTLS) • 3 different classes of authentication • Class 1: Does not allow either the client or gateway to authenticate the other • Class 2: Allows the client to authenticate the gateway • Class 3: Allows both client and gateway to authenticate each other. • Class 3 ideal but few WAP-enabled devices use it since it requires a Wireless Identity Module (WIM) – a tamper-resistant device that holds digital signatures and has power to perform encryption for authentication purposes
WTLS Class 2 authentication • Prior to sending a request for a session, the WAP device sends a request for authentication to the gateway. The client always initiates this process. The client can also challenge the gateway again at any time during the session. • The gateway sends a copy of its certificate, which contains the gateway’s public key. • The device receives the certificate and key and generates a unique random value for encryption. • The gateway receives the encrypted value and uses its own private key to decrypt it. Now both have new shared key.
Wired Equivalent Privacy (WEP) • The optional security mechanism specified by the 802.11 protocol to provide authentication and confidentiality in a wireless environment. • Uses RC4 algorithm • Although the IEEE committee recommended that WEP should be used, it also stated WEP should NOT be considered adequate security and strongly suggested other security mechanisms be used (e.g. other authentication processes)
Weaknesses with WEP • Uses Initialization Vector (IV) and shared key between users. • Many sites use same shared key for all users, thus any individual can listen to anybody’s communication – sort of like ethernet. • IV is only 24 bits and will thus repeat after only a short period of time. This allows for several types of cryptographic attacks that utilize different messages encrypted with the same key. • RC4 algorithm itself is flawed and can be broken easily.
“War Chalking” SSID – should be cryptic so as to not provide valuable data to potential attackers. e.g. don’t use “ABC Consulting Firm” as a SSID. SSID – Service Set Identifier. Wireless network names sent with wireless data packets to help devices identify each other.
Broadband • Not a clear definition of what it is • Baseband uses a signal pulsed directly on the transmission medium in the form of high-speed, square-wave pulses of direct current voltage. • Broadband systems use cable television technology to divide the transmission medium into frequency bands or channels. Each broadband channel can be multiplexed to carry data, voice, or video.
Broadband (cont.) • The term is used to cover a gamut of alternatives for handling high-bandwidth traffic. • In the ITU’s definition it is any bandwidth in excess of the B-ISDN primary rate (25-1200Mbps) • It has become a term used to cover any high-speed access mechanism. • ISDN • Cable • DSL • Wireless
ISDN • Integrated Services Digital Network • Probably really should be considered narrowband/baseband but…it is faster than dial-up. • What’s the reason behind ISDN? • Normal voice lines limited to 4KHz which limits speed of data transmission • Most signaling is still in-band which is very consuming of bandwidth • The little out-of-band signaling that exists runs on lines separate to the network • Most users have separate voice and data networks/lines • Telephone and data equipment must be separately administered from the network it runs on • There are several voice, data and digital interface standards.
ISDN (cont.) • ISDN’s goal or vision: • Provide an international standard for voice, data and signaling • Make all transmission circuits end-to-end digital • Adopt a standard out-of-band signaling system • Bring more bandwidth to the desktop • Delivers this with existing copper cables, but requires ISDN digital-switching equipment • On the plus side, telephone calls can be made a lot faster than with the current analog equipment. • You will pay extra for the ISDN service (no surprise)
ISDN (cont.) • Requires an ISDN “modem” • Not really a modem. Modems translate digital signals to analog (and back) so existing POTS can be used. • ISDN “modem” really a terminal adapter • ISDN allows you to use your line for voice calls as well as data • Though ISDN is faster than traditional POTS with modem, it is slower than DSL • Because of this, it isn’t as popular as DSL
ISDN (cont.) • Most common configurations: • Basic Rate Interface (BRI): 2B+D. • 2 64Kbps B(bearer) channels for data or voice • 1 16Kbps D(data) which can also be used for signaling • Primary Rate Interface (PRI): 23B+D or 30B+D • 23B+D equivalent to 1.544Mbps • 23 or 30 B channels and 1 D channel
Cable • Cable modems connect you to the Internet via the coaxial cable (sometimes referred to as the broadband wire) that is used in your house to deliver Cable TV. • The coax cable enters a splitter inside your home which divides the transmission into that which will be sent to your TV and that which is destined for your computer through a cable modem. • The cable modem attaches to an ethernet card inside the computer. This card is configured the same as any other network card.
Cable (cont.) • Computer data is sent along frequencies that lie between the 100 6MHz frequency bands carrying TV programming. • Data Sent as standard IP packets. • High bandwidth lets you: • Receive at speeds of 3-10 Mbps • Transmit at speeds up to a maximum of 2 Mbps
Cable (cont.) • Cable is a broadcast medium. Everyone connected to the same distribution hub receives everyone else’s downloads too. • Cable companies generally divide each city into neighborhoods of about 500 homes which will all be on the same local area network. • If many folks access the system at the same time then speeds will be slower. • Obvious security implications to it being a broadcast medium.
Digital Subscriber Line (DSL) • Traditional analog transmissions and voice calls sent over the POTS use only a small portion of the potential bandwidth. • DSL allows users to talk on the telephone and use the Internet at high speeds simultaneously – over a single line. • Several different variations • Asymmetric Digital Subscriber Line (ADSL) • Very high-speed DSL (VDSL) • G-Lite or Universal DSL • Rate adaptive DSL (RADSL)
Upstream data Downstream Data Voice 0 4 6 100 180 1000 Kilohertz ADSL • Asymmetric – more bandwidth is devoted to data traveling downstream (to your machine) than upstream (from your machine) • Upstream traffic generally small portion of network traffic – especially web-based traffic. • 8Mbps downstream, 1Mbps upstream possible
xDSL Transmission Rates • VDSL -- speeds as high as 10-26 Mbps downstream but need to be within 4500 feet of a phone switch. • ADSL – speeds up to 8 Mbps downstream need to be 18,000 feet from phone switch. • G-Lite – allows only 1.5Mbps downstream at distances to 18,000 feet from the phone switch. • RADSL – reaches as far as 21,000 feet but is limited to 600Kbps-7Mbps downstream.
Wireless • “Broadband Wireless” initially an attempt to deliver cable TV services – without the cable. • Local Multipoint Distribution System (LMDS) • Receiver dishes located on top of apartment buildings can receive signal to broadcast to apartments via coax. • Can also utilize 18” antenna in subscriber’s home • Variations used to transmit data and some attempts with voice. • Local Multipoint Communication System (LMCS) used in Canada for wireless broadband data signals • Rates up to 155 Mbps • Multipoint Multichannel Distribution Service (MMDS) • Also known as Microwave Multi-point Dist Srvc • Used for longer distance (40 km) up to 10 Mbps
Broadband Security Issues • Broadband Internet access provides increased convenience and speed – but has its own security issues • Inexperienced users • Continuous connection (‘Always-on’) • Bottom line, however, is it is basically “general security”
Dial-up –vs- Broadband Broadband attractive for emerging SOHO environments and for telecommuting.
Some Telecommuter Security This is from the point of view of a business that is allowing employees to telecommute.
Broadband Security • Issues with “always-on” connections • Virus Attacks • Intruder Attacks • Personal and Network Firewalls
“Always-On” Connections • ISPs generally use one of two methods to assign an IP address to a subscriber • Static • IP address for a machine remains the same even if rebooted. Commonly used for servers. • Dynamic host configuration protocol (DHCP) • Used to temporarily assign an IP address to subscriber systems. Commonly used by dial-up users to share a pool of addresses.
“Always-on” (cont.) • The strategy best protects dial-up users who go online only for brief sessions. Each time they log off and dial in again, they will be assigned a new address. • With “always-on” connections such as DSL and cable modems, a user may have the same IP address for extended periods. This gives attackers a chance to connect to their computers. • Periodically, the address will “expire” but not quickly enough to avoid attackers potentially targeting the system.
Virus Attacks • As we mentioned before, probably the most widely understood threat. • Standard anti-virus package that will scan received files is useful. • May also want to periodically check your system’s files in case “stealth” method used to access your wireless system. • Basically concerned with viruses affecting computers/pc’s but “Timofonica” virus actually sent messages (using a Short Message Service (SMS) gateway) to subscribers of the Timofonica service (Spanish Cell phone service). • Though no real damage, outside of wasted bandwidth, to the phones, many fear cell phone virus will be next generation of viruses.
Intruder Attacks • Outside of wireless, medium is not to blame for a technological change that has made it easier for individuals to attack systems. • What has changed is the range of possible targets. Now an individual’s own home pc is potentially accessible and may therefore become a target. • Need to eliminate file sharing on Windows 95/98 and Macintosh systems. • These features originally intended for use on private, secure local area networks, not the open environment found in cable modem world.
Personal and Network Firewalls • A good idea is to install personal firewalls on your pc to monitor suspicious activity and to filter traffic. • Software based firewalls – generally fairly inexpensive. Install directly onto your pc. • Hardware based firewalls – many broadband Internet access devices include bundled firewall and NAT support. While more expensive than software firewalls, still affordable.
Other security considerations • Distributed Denial of Service (DDoS). • Small office and home pc’s increasingly becoming the target of individuals setting up DDoS networks. Target of DoS attack will not be the pc, it instead will be used to launch an attack on another system. • Sniffing • With LAN nature of many broadband mechanisms, need to be cognizant of what you are sending since others are also sharing the same medium with you.
Summary • What is the Importance and Significance of this material? • How does this topic fit into the subject of “Voice and Data Security”?