Wireless Security - PowerPoint

Document Sample
Wireless Security - PowerPoint Powered By Docstoc
					        Wireless Secuity and Design
   Introductions:
       Mike Danahy and Steve Mylander
   Today
       Wireless design
            Part I: Wireless Fundamentals
            Part II: Wireless Threats
            Part III: Tools of the Trade
            Part IV: Wireless Security
    Wireless Design and Security
   Wireless Funamentals
       Taken from the book “Maximum Wireless Security”
        by Cyrus Peikari; Seth Fogie
       Access Points
            WAP11 SOHO (Small Office and Home Office) AP
                 Really like this AP because it has 2 antenas.
                 Setup: Almost all APS are the same on ip address
                 192.168.0.1, admin for the login and admin for the password
                     CHANGE THIS IMMEDIATELY

                     do not need to change it to work; off the shelf philosophy
    Wireless Design and Security
   Wireless Funamentals
       Antennas:
            HEART AND SOUL OF YOUR WIRELESS
            Hertz; unit to measure radio frequency coming off of an
             antenna.
                 One Frequency or hertz is the number of waves propogated in
                  one second.
                 FM Radio station using 103.5 mega Hertz or 103.5 mhz is a
                  wave of 103,500,000
                 AM Redio Station 1050 AM is 1,050,000 herts or 1050 khz
                 Lower the frequency the longer the distance.
    Wireless Design and Security
   Wireless Funamentals
       Antennas:
            “In many situations, a lower power signal transmitted
             using a good antenna can arrive at its destination with
             more accuracy than a high-powered signal transmitted
             using a poor antenna. Antennas are rated by the amount
             of gain that they provide”
            GAIN is the increase in power you get by using a
             directional antenna
            GAIN Measured in db or decibles:dbi and dbd
            CB antena compared to 2.4ghz antenna: 34' and 2.2'
    Wireless Design and Security
   Wireless Funamentals
       Antennas:
            In wireless there are 2 types of antennas
                 OMNI-Directional and Directional
                 Flashlight analogy
                 OMNI-Directional are not truly Omni-directional
                     great for covering a wide area (not long)

                     SMISMCO10 is an omni-directional antenna designed for

                      medium- to long-range multipoint applications
                      TechnoLab Log Periodic Yagi at http://www.technolab-
                      inc.com/
                     http://www.youtube.com/watch?v=hNFKbcJ_WK8

                      http://www.metacafe.com/watch/837885/wifi_antenna_hack *
    Wireless Design and Security
   Wireless Funamentals
       Antennas:
            Directional Antennas are great for Focusing
                    point to point connection
                    SigMax Circular Yagi: Signull SMISMCY12. “ This Yagi
                     antenna from TechnoLab is truly one of a kind. Its low profile
                     and small design make it a great indoor directional antenna.
                     In addition, by placing this antenna on the outer perimeter of
                     a building, you can easily create building-to-building links.”
                    http://www.engadget.com/2005/11/15/how-to-build-a-wifi-
                     biquad-dish-antenna
                    http://www.l-com.com/item.aspx?id=22571
                    http://www.youtube.com/watch?v=kq3htRMNmss&feature=related
    Wireless Design and Security
   Wireless Funamentals
       Antennas:
            Directional Antennas are great for Focusing
                 DON'T MAKE YOUR OWN
                 Purchase Aps with attached antennas
                 Purchase a recommended antenna
                 PRE and POST tests.
    Wireless Design and Security
   Wireless Fundamentals
       802.11 Protocol
            Defines all wifi or wireless standards for data
             communications.
            802.1a The first wireless standard
                   Operates at the 5 ghz range
                   Sunset now. Not enough distance.
                   FHSS (Frequency Hoping Spread Spectrum)
                   DSSS (Direct-sequence Spread Spectrum)
                       There is a difference

                   Bluetooth (fhss)
            802.1b-802.1g Most widely used today
            802.1n Discussion on Ratification
            NOTE: please change this to 802.1i with 802.1x being the authentication component and the 802.1n being the
    Wireless Design and Security
   Wireless Fundamentals
       Interference
       the 1 – 6 – 11 rule
            some aps adjust automatically; can be good
            interference from
                 bluetooth.
                 microwaves and mobile phones (not cell phones)
                 other
                 demands the use of spread spectrum analyzer
                 placement of the aps.
                 other (discussion)
    Wireless Design and Security
   Wireless Security
   EVERYTHING IS BASED ON 5 SECURITY
    PRINCIPLES
       CONFIDENTIALITY: Render the information un-intelligible except by
        authorized entities.
       INTEGRITY: Data has not been altered in an unauthorized manner since
        it was created, transmitted or stored
       AUTHENTICATION: Verify the identity of the user or system that created
        information
       AUTHORIZATION: upon proving identity, the individual is then provided
        with the key or password that will allow access to some resources
       NON-REPUDIATION: Ensures that the sender cannot deny sending the
        message
    Wireless Design and Security
   Wireless Security
   EVERYTHING IS BASED ON THESE 5
    PRINCIPLES
       PKI or Public Key Infrastructure
            symmetric vs asymmetric keys
            Public, Private keys and certificates.
            an explanation maybe
       WEP
            Only does one known symmetric key between AP and user.
            very week IV (initialization vector) and no data integrity.
            Want WEP safer with WEP key + IV value + MAC Address (tkip).
                  temporal key integrity protocol.
    Wireless Design and Security
   Wireless Security
       WEP continued
            DEMO on hacking; pretty easy
            http://ethicalhack.org/vids/kismac-vid.php
            https://www.grc.com/passwords.htm
            kismac and others will also crack WPS encryption
               Remember password length does not matter with wep and it is
                everything in WPA or enhanced WEP
            802.1n will take in Confidence, Integrity, Authentication,
             Authorization and non-repudiation.
            802.1x
                 demands the use of a radius server (Well almost).

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:74
posted:2/23/2010
language:English
pages:12