Académique Documents
Professionnel Documents
Culture Documents
• Open Authentication
Open authentication provides no way for the access point to
determine whether a client is valid.
Study Security
mechanisms
ATTACK!!!!!!!!
(i.e. Decrypt the
packets)
DOS
BEFOREATTACK
Access point is busy handling attackers request
AFTERATTACK
Rogue WLANs:- Unauthorized, “rogue” wireless
LANs are clearly a foreseeable internal risk to the
security, confidentiality, and integrity of customer
information.
Insecure WLANs:- Insecure wireless LANs are a
recognized security risk. While wireless LANs are
often deployed for their productivity benefits,
security is often an afterthought.
WLAN Policy violation:- WLAN policy violations
are a recognized internal risk to the security,
confidentiality, and integrity of customer
information.
Network Eavesdropping:- Because wireless
communication is broadcast over radio waves,
eavesdroppers who merely listen to the airwaves
can easily pick up unencrypted messages.
Additionally, messages encrypted with the Wired
Equivalent Privacy (WEP) security protocol.
Theft of WLAN credentials :-The theft of an
authorized WLAN user’s identity poses one the
greatest threats. Service Set Identifiers (SSIDs) that
act as crude passwords and Media Access Control
(MAC) addresses that act as personal identification
numbers are often used to verify that clients are
authorized to connect with an access point.
Insertion attacks.
Interception & unauthorized monitoring.
Jamming.
Client to client attacks.
Brute force attacks.
Encryption attacks.
Misconfigurations.
There are three principle ways to secure a
wireless lan .
1.) For closed networks (home users and
organization)configure access restrictions in
the access points.
2.) For commercial providers it should to be
isolated wireless network.
3.) End to end encryption.
A WLAN has some specific advantages:
It is easier to add or move workstations.
It is easier to provide connectivity in areas where it
is difficult to lay cable.
Installation is fast and easy, and it can eliminate
the need to pull cable through walls and ceilings.
Access to the network can be from anywhere within
range of an access point.
Portable or semi permanent buildings can be
connected using a WLAN.
WLANs also have some disadvantages:
As the number of computers using the network
increases, the data transfer rate to each computer will
decrease accordingly.
As standards change, it may be necessary to replace
wireless cards and/or access points.
Lower wireless bandwidth means some applications
such as video streaming will be more effective on a
wired LAN.
Security is more difficult to guarantee and requires
configuration.
Devices will only operate at a limited distance from an
access point.
Like most advances, wireless LANs poses
both opportunities and risks. The technology
can represent a powerful complement to an
organization’s networking capabilities,
enabling increased employee productivity and
reducing IT costs.
Defense against WPA/ WPA2 attacks
• Extremely Complicated keys can help
• Passphrase should not one from dictionary, so
use uncommon-senseless words.
• Key should be more than 20 chars with
combination of special chars, numbers,
alphabets. Change them at regular intervals.
Security Checkboxes
1. WPAinstead of WEP
2. WPA2 Enterprise implementation
3. Place APat securedlocation.
4. Centralized authentication & UpdateDrivers
regularly.
5. Changing default SSIDafter Configuring
WLAN
6. Firewall policies & Router accessPassword
Security Checkboxes(contd…)