Académique Documents
Professionnel Documents
Culture Documents
2
Overview
Wireless Frequencies Available
Wireless Network Limitations
Wireless Network Security Issues
Hacking, Cracking and Attacks
Risk Mitigation
3
Capabilities
Roaming Freedom
No longer constrained to the office
Smaller hand held devices have same functions as
larger laptops/tablets
Never have to worry about access or “jacking-in”
High Speed Data Transmission
Speeds may vary, but all are faster than dial up
services
Near Real Time Data Updates
Cases in SACWIS are updated when workers in the field
get the information; decreases possible data loss due
to memory errors
4
Wireless Frequencies
Available to the Public
Regulated by IEEE (Institute of Electrical
and Electronics Engineers) 802.11x
Standards
802.11a
802.11b
802.11g
Coming soon…
802.11n
5
802.11a
Works at 40mhz, in the 5ghz range
THEORETICAL transfer rates of up to
54mpbs
ACTUAL transfer rates of about 26.4mbps
Limited in use because it is almost a line of
sight transmittal which necessitates
multiple WAP’s (wireless access points)
Cannot operate in same range as
802.11b/g
Absorbed more easily than other wireless
implementations
6
802.11b – “WiFi”
Operates at 20mhz, in the 2.4ghz range
Most widely used and accepted form of wireless
networking
THEORETICAL speeds of up to 11mbps
ACTUAL speeds depend on implementation
5.9mbps when TCP (Transmission Control Protocol) is
used
(error checking)
7.1mbps when UDP (User Datagram Protocol) is used
(no error checking)
Can transmit up to 8km in the city;
rural environments may be longer if a line of sight
can be established
7
802.11b - “WiFi” (cont.)
Not as easily absorbed as 802.11a signal
Can cause or receive interference from:
Microwave ovens (microwaves in general)
Wireless telephones
Other wireless appliances operating in the
same frequency
8
802.11g - “Super G”
Operates at the same frequency range as
802.11b
THEORETICAL throughput of 54mpbs
ACTUAL transmission rate is dependent on
several factors, but averages 24.7mbps
Logical upgrade from 802.11b wireless networks
– backwards compatibility
Suffers from same limitations as 802.11b
network
System may suffer significant decrease in
network speeds if network is not completely
upgraded from 802.11b
9
Limitation of Wireless
Networks
Availability
Environmental
Adding Devices
Availability
Wireless becoming more and more available as
time passes
Wireless data networks are growing at roughly
the same rate as cellular telephone networks with
comparable coverage
Does not rely on laying cables for connectivity
Network cannot be accessed in situations where
RF signals have interference
Largely inaccessible in rural areas
11
Environmental
Weather
Rain, lightening affect RF signals
Solar flares
RF interference from ambient
sources or other RF devices
Microwave towers
Radio towers
Electromagnetic interference
Generators
Power plants
12
Adding Devices
Extending range requires additional WAP’s
Not always a viable option
Possible conflicts between 802.11b and 802.11g
cause significant speed decrease in network
Opens network up to more attacks
Non-conflicting SSIDs (Service Set Identifiers)
SSID’s are numbers that identify wireless devices on a
network.
When SSIDs are not set dynamically
13
Security Issues
15
Hacking and Cracking
Wired networks less susceptible to hackers/crackers
RF signals allow for more unauthorized attempts
Ubiquitous wireless networking devices allow access
Hacking
Gaining unauthorized access to networks/devices
by algorithms or penetration programs
Cracking
Extending the use of devices past original intentions
16
Common Hacking &
Cracking Techniques and
Devices
Referred to as “Wardrivers” or
“Warchalkers”
Use PDA’s, laptops, scanners, tablets
or any WiFi enabled devices
Underground networks list and
update open networks that are
waiting to be exploited
Attack weak keys or sniff messages
going over the network to determine
SSID range
17
Types of Attacks
18
Types of Attacks (cont.)
“Weak key” attacks
Involve algorithms in RC4 hashing algorithm
and WEP (Wired Equivalent Privacy)
Both implementations use easily broken
algorithms
WEP has been broken in under 2 hours
Dictionary attacks
Attackers use pre-populated list of frequently
used passwords and regular words
Birthday attacks
A complicated algorithmic attack
19
Open Networks
Most often associated with home
networks
Networks are the target of hackers that
“wardrive.”
Result of wireless networks that are
either unsecured entirely or are using
weak WEP keys
Effects can be devastating
20
Mitigating Risks on a
Wireless Network
or
22
Encryption and Data
Insurance
USE STRONG ENCRYPTION!!
SHA-1 (Secure Hashing Algorithm)
End to End Encryption
Initiate encryption at user and end at server
that is behind the firewall, outside the DMZ
Treat WLANs as untrusted networks
that must operate inside the DMZ
Access trusted network via VPN and
two-factor authentication
Increase application security
Possibly through use of an enterprise
application system
Minimally through increased encryption
23
Encryption and Data
Insurance
Do not, under any circumstances,
allow ad hoc WLANS
Embrace and employ the 802.11i
IEEE security standard
Native per user access control
Native strong authentication
(tokens, smartcards and certificates)
Native strong encryption
Best bet for new wireless
networks
24
Wireless Future
“To the future and
beyond!!”
-Buzz Lightyear
IPv4 Moving to IPv6
IPv4 changing to IPv6
US currently using IPv4; consists of four 8 bit fields
(255.255.255.255)
When initially created, US received lion share of IP
addresses; Europe and Asia left with remainder
IPv6 is the future
Already in use in Asia and Europe
Limited implementation in use
(RFID’s and shipping ports)
New devices currently on market
Netgear
Cisco
26
Pros of IPv6
Eliminates the need for SSIDs
Every device will have its own IP address
Billions of unique IP addresses
Eliminates the need for NAT (natural address translation)
Can accept a range of IP addresses
Minimizes hackers/crackers ability to penetrate
networks
Increases scalability
27
Cons
Cost of Change Over
Current infrastructure cannot be used
unless it is already IPv6 compliant
New hardware required
Network Changes
Re-addressing of current IPv4
hardware/clients
Compatibility with existing wireless
infrastructure
28
802.11n (Ultranet)
Standards in discussion now; should be
completed by the end of 2006
REAL throughput of at least 100mbps
4 – 5 times faster than 802.11g/a
20 times faster than 802.11b!
Better distance than 802.11a/b/g
Being designed with speed and security
in mind
Perfect compliment for WWW2
29
Parting Thoughts
Wireless Networking while great in
theory has significant problems that
are not easily addressed
Upgrades to wireless technology that
are on the horizon make changing
over/integrating far less attractive
30