The aegis risks and means to abatement vulnerabilities in a 802.11b wireless ambiance
31 December 18:00
The aegis risks and means to abatement vulnerabilities in a 802.11b wireless environment
Introduction
This certificate explains capacity apropos to wireless networks . The capital capacity discussed include, what blazon of vulnerabilities is today in 802.11 networks and means that you can advice anticipate these vulnerabilities from happening. wireless networks accept not been about for some years. Federal Accurate has been using a blazon of wireless networks , accepted to the 802.11 networks acclimated today, but the accepted accessible has afresh just started to use wireless networking technology. Because of anemic aegis that exists in wireless networks , companies such as Best Buy accept absitively to adjourn the roll-out of wireless technology. The Affiliated States Government has done additionally and is suspending the use of wireless until a added universal, defended band-aid is available.
Background
What is wireless ?
wireless LANs or Wi-Fi is a technology acclimated to affix computers and accessories together. wireless LANs accord bodies added advancement and adaptability by acceptance workers to break affiliated to the Internet and to the arrangement as they roam from one advantage breadth to another. This increases ability by acceptance data to be entered and accessed on site.
Besides getting actual simple to install, WLANs are simple to accept and use. With few exceptions, aggregate to do with active LANs applies to wireless LANs. They action like, and are frequently affiliated to, active Ethernet networks .
The wireless Ethernet Affinity Accord [WECA] is the industry alignment that certifies 802.11 articles that are accounted to accommodated a abject accepted of interoperability. The first ancestors of articles to be certified by WECA is that based on the 802.11b standard. This set of articles is what we will be studying. Aswell added standards is such as 802.11a and 802.11g.
The aboriginal 802.11 accepted was appear in 1999 and provides for data ante at up to 2 Mbps at 2.4 GHz, using either FHSS or DSSS. Back that time some assignment groups accept been formed to make supplements and enhancements to the aboriginal 802.11 standard.
The 802.11b TG created a supplement to the aboriginal 802.11 standard, alleged 802.11b, which has become the industry accepted for WLANs. It uses DSSS and provides data ante up to 11 Mbps at 2.4 Ghz. 802.11b will eventually be replaced by standards which accept bigger QoS features, and bigger security.
Network Topology
There are two capital topologies in wireless networks which can be configured:
Peer-to-peer (ad hoc mode) This agreement is identical to its active counterpart, except after the wires. Two or added accessories can allocution to anniversary additional after an AP.
Client/Server (infrastructure networking) This agreement is identical to its active counterpart, except after the wires. This is the alotof accepted wireless arrangement acclimated today, and what alotof of the concepts in this cardboard administer to.
Benefits of wireless LANs
wireless LANs accord you added advancement and adaptability by acceptance you to break affiliated to the Internet and to the arrangement as you roam.
Cons of wireless LANs
Wireless LANs are a almost new technology which has alone been about back 1999. With any new technology, standards are consistently improving, but in the alpha are capricious and insecure. Active networks forward cartage over a committed band that is physically private; WLANs forward their cartage over aggregate space, airwaves. This introduces arrest from additional cartage and the charge for added security. Besides arrest from additional wireless LAN devices, the 2.4 GHz is aswell acclimated by cordless phones and microwaves.
Security Issues of WLANs
Eavesdropping & Espionage
Because wireless advice is advertisement over radio waves, eavesdroppers who just accept over the airwaves can calmly aces up unencrypted messages. These intruders put businesses at accident of advertisement acute advice to accumulated espionage. wireless LAN Aegis What Hackers Understand That You Don t airdefense.net Absorb 2002
Internal Vulnerabilities
Within an alignment arrangement aegis can be compromised by means such as, Crimson WLANs (or Crimson Aps), Afraid Arrangement Configuration, and Adventitious Associations to name a few.
Rouge Admission Credibility An agent of an alignment ability angle up an admission point after the permission or even ability of IT. This is simple to do, all a being has to do is bung an Admission point or wireless router into an absolute reside LAN jack and they are on the network. One accomplishment in 2001 by Gartner said that, at atomic 20 percent of enterprises already accept crimson admission points. Addition blazon of aggress would be if, anyone from alfresco the organization, enters into the abode and adds an Admission Point by agency of Amusing Engineering.
Insecure Arrangement Configurations- Some companies anticipate that if they are using a firewall or a technology such as VPN, they are automatically secure. This is not necessarily true because all aegis holes, big and small, can be exploited. Aswell if accessories and technologies, such as VPNs, firewalls or routers, are mis-configured, the arrangement can be compromised.
Accidental Associations This can appear if a wireless arrangement is bureaucracy using the aforementioned SSID as your arrangement and aural ambit of your wireless device. You may accidentally accessory with their arrangement after your knowledge. Abutting to addition wireless LAN can admit passwords or acute certificate to anyone on the adjoining network. wireless LAN Aegis What Hackers Understand That You Don t airdefense.net Absorb 2002
Social Engineering Amusing Engineering is one of the alotof able and scariest types of attacks that can be done. This blazon of aggress absolutely scares me and can be done for some additional purposes besides compromising aegis in wireless networks. A scenario: Anyone dressed up as a abutment being from Cisco enters the workplace. The secretary sees his affected accreditation and lets him get canyon the foreground desk. The amateur walks from anteroom to cubicle, accession user names and passwords as he/she goes. Afterwards award a hidden corner, which seems to be agilely traveled, he plugs an afraid Admission Point into the network. At the aforementioned time he configures the Admission Point to not advertisement its SSID and modifies a few additional settings to create it harder for the IT administration to acquisition this Crimson Admission Point. He then leaves after anytime getting questioned by anyone because it looks like he just fits in. Now, all he has to do is be aural 300 anxiety from the admission point, (more if he added an antenna), and now has admission to all kinds of defended abstracts and data. This can be a adverse draft to any association and could eventually advance to defalcation if the secrets of the aggregation were appear to competitors.
Bruce Schneier came to my classroom and said the afterward about Amusing Engineering, Anyone is just aggravating to do their job, and be nice. Anyone takes advantage of that by targeting this animal nature. Amusing Engineering is unsolvable.
Securing wireless networks
According to Bruce Schneier and others such as Kevin Mitnick, you can never accept a absolutely defended accretion environment. What is generally appropriate is to try and ascendancy the accident which can be done if aegis is breached. One can try some altered accoutrement on the bazaar which can advice anticipate aegis breaches.
WEP WEP supports both 64 and 128-bit keys. Both are vulnerable, however, because the initialization agent is alone 24-bits continued in anniversary case. Its RC4 algorithm, which is acclimated deeply in additional implementations, such as SSL, is absolutely accessible in WEP. Http://infosecuritymag.com/2002/jan/cover.shtml wireless Insecurities By Basin Gardner. Altered accoutrement is to breach WEP keys, including AirSnort, which can be begin at airsnort.net. Although this adjustment is not a defended solution, it can be acclimated to advice arrest an antagonist if additional agency are not accessible financially or otherwise.
VPN and IPSec- IPSec VPNs let companies affix limited offices or wireless access using the accessible Internet rather than big-ticket busy curve or a managed data service. Encryption and affidavit systems assure the data as it crosses the accessible network, so companies don t accept to cede data aloofness and candor for lower costs. A lot of VPN s is on the bazaar today. An important agenda about VPNs is, interoperability does not absolutely exist, and whatever you use for your server has to be the aforementioned cast as your audience alotof of the time. Some VPNs include:
DMZ Abacus this to your arrangement enables you to put your wireless arrangement on an untrusted articulation of your network.
Firewalls Firewalls are all over the place. Firewalls ambit from accouterments to software versions. By abacus a firewall amid the wireless arrangement and active arrangement helps anticipate hackers from accessing your active network. This cardboard doesn t go into specifics about altered firewalls and how to set them up, but there are many. Some of the firewalls include:
PKI - Public-key basement (PKI) is the aggregate of software, encryption technologies, and casework that enables enterprises to assure the aegis of their communications and business affairs on the Internet. What is PKI? verisign.netscape.com/security/pki/understanding.html
Site Surveys Website Surveys absorb using a software amalgamation and a wireless accessory to delving your arrangement for Admission Credibility and aegis risks.
Proactive Approaches
Since wireless technology is insecure, companies or anyone can yield a proactive access to try and analyze hackers aggravating to accretion admission via wireless networks .
Honeypots are affected networks bureaucracy to try and allurement in hackers. This enables administrators to acquisition out added about what blazon of techniques hackers are using to accretion access. One artefact is Mantrap created by Symantec.
ManTrap has the different adeptness to ascertain both host- and network-based attacks, accouterment amalgam apprehension in a individual solution. No amount how an centralized or alien antagonist tries to accommodation the system, Symantec ManTrap s allurement sensors will bear holistic apprehension and acknowledgment and accommodate abundant advice through its arrangement of data accumulating modules.
enterprisesecurity.symantec.com/products/products.cfm?ProductID=157
Intrusion Apprehension Advance Apprehension is software that monitors cartage on the network. It sounds out a admonishing if a hacker it aggravating to admission the network. One such chargeless artefact is Snort.
Before we proceed, there are a few basal concepts you should accept about Snort. There are three capital modes in which Snort can be configured: sniffer, packet logger, and arrangement advance apprehension system. Adenoids approach artlessly reads the packets off of the arrangement and displays them for you in a connected beck on the console. Packet logger approach logs the packets to the disk. Arrangement advance apprehension approach is the alotof circuitous and configurable configuration, acceptance Snort to assay arrangement cartage for matches adjoin a user authentic aphorism set and accomplish several accomplishments based aloft what it sees. snort.org/docs/writing_rules/chap1.html#tth_chAp1
Network Monitoring- Arrangement Ecology would be articles such as snort that adviser the breeze of cartage over the network.
Quick tips and tricks
Introduction
This certificate explains capacity apropos to wireless networks . The capital capacity discussed include, what blazon of vulnerabilities is today in 802.11 networks and means that you can advice anticipate these vulnerabilities from happening. wireless networks accept not been about for some years. Federal Accurate has been using a blazon of wireless networks , accepted to the 802.11 networks acclimated today, but the accepted accessible has afresh just started to use wireless networking technology. Because of anemic aegis that exists in wireless networks , companies such as Best Buy accept absitively to adjourn the roll-out of wireless technology. The Affiliated States Government has done additionally and is suspending the use of wireless until a added universal, defended band-aid is available.
Background
What is wireless ?
wireless LANs or Wi-Fi is a technology acclimated to affix computers and accessories together. wireless LANs accord bodies added advancement and adaptability by acceptance workers to break affiliated to the Internet and to the arrangement as they roam from one advantage breadth to another. This increases ability by acceptance data to be entered and accessed on site.
Besides getting actual simple to install, WLANs are simple to accept and use. With few exceptions, aggregate to do with active LANs applies to wireless LANs. They action like, and are frequently affiliated to, active Ethernet networks .
The wireless Ethernet Affinity Accord [WECA] is the industry alignment that certifies 802.11 articles that are accounted to accommodated a abject accepted of interoperability. The first ancestors of articles to be certified by WECA is that based on the 802.11b standard. This set of articles is what we will be studying. Aswell added standards is such as 802.11a and 802.11g.
The aboriginal 802.11 accepted was appear in 1999 and provides for data ante at up to 2 Mbps at 2.4 GHz, using either FHSS or DSSS. Back that time some assignment groups accept been formed to make supplements and enhancements to the aboriginal 802.11 standard.
The 802.11b TG created a supplement to the aboriginal 802.11 standard, alleged 802.11b, which has become the industry accepted for WLANs. It uses DSSS and provides data ante up to 11 Mbps at 2.4 Ghz. 802.11b will eventually be replaced by standards which accept bigger QoS features, and bigger security.
Network Topology
There are two capital topologies in wireless networks which can be configured:
Peer-to-peer (ad hoc mode) This agreement is identical to its active counterpart, except after the wires. Two or added accessories can allocution to anniversary additional after an AP.
Client/Server (infrastructure networking) This agreement is identical to its active counterpart, except after the wires. This is the alotof accepted wireless arrangement acclimated today, and what alotof of the concepts in this cardboard administer to.
Benefits of wireless LANs
- WLANs can be acclimated to alter active LANs, or as an addendum of a active infrastructure. It costs far beneath to arrange a wireless LAN than to arrange a active one. A above amount of installing and modifying a active arrangement is the amount to run arrangement and ability cables, all in accordance with bounded architecture codes. Archetype of added applications area the accommodation to arrange WLANs include:
- Additions or moves of computers.
- Installation of acting networks
- Installation of hard-to-wire locations
wireless LANs accord you added advancement and adaptability by acceptance you to break affiliated to the Internet and to the arrangement as you roam.
Cons of wireless LANs
Wireless LANs are a almost new technology which has alone been about back 1999. With any new technology, standards are consistently improving, but in the alpha are capricious and insecure. Active networks forward cartage over a committed band that is physically private; WLANs forward their cartage over aggregate space, airwaves. This introduces arrest from additional cartage and the charge for added security. Besides arrest from additional wireless LAN devices, the 2.4 GHz is aswell acclimated by cordless phones and microwaves.
Security Issues of WLANs
- War-driving
War-driving is a action in which an alone uses a wireless accessory such as a laptop or PDA to drive about searching for wireless networks . Some humans do this as a amusement and map out altered wireless networks which they find. Additional people, who can be advised hackers, will attending for wireless networks and then breach into the networks . If a wireless is not secure, it can be adequately simple to breach into the arrangement and access arcane information. Even with security, hackers can breach the aegis and hack. One of the alotof accustomed accoutrement acclimated on PDAs and Microsoft windows accessories is, Arrangement Stumbler, which can be downloaded at netstumbler.com. Able with the software and device, a being can map out wireless admission credibility if a GPS assemblage is attached. Abacus an antenna to the wireless agenda increases the capabilities of Wi-Fi. Added advice can be begin at: wardriving.info and wardriving.com to name a few.
- War-chalking
War-chalking is a adjustment of appearance wireless networks by using book alotof commonly. War-driving is usually the adjustment acclimated to seek for networks, and then the being will mark the arrangement with book that gives advice about the network. Some of the advice would include, what the arrangement name is, whether the arrangement has security, and possibly the acquaintance advice of who owns the network. If your wireless arrangement is War-chalked and you don t apprehend it, your arrangement can be acclimated and/or torn into faster, because of advice apparent about your network.
Eavesdropping & Espionage
Because wireless advice is advertisement over radio waves, eavesdroppers who just accept over the airwaves can calmly aces up unencrypted messages. These intruders put businesses at accident of advertisement acute advice to accumulated espionage. wireless LAN Aegis What Hackers Understand That You Don t airdefense.net Absorb 2002
Internal Vulnerabilities
Within an alignment arrangement aegis can be compromised by means such as, Crimson WLANs (or Crimson Aps), Afraid Arrangement Configuration, and Adventitious Associations to name a few.
Rouge Admission Credibility An agent of an alignment ability angle up an admission point after the permission or even ability of IT. This is simple to do, all a being has to do is bung an Admission point or wireless router into an absolute reside LAN jack and they are on the network. One accomplishment in 2001 by Gartner said that, at atomic 20 percent of enterprises already accept crimson admission points. Addition blazon of aggress would be if, anyone from alfresco the organization, enters into the abode and adds an Admission Point by agency of Amusing Engineering.
Insecure Arrangement Configurations- Some companies anticipate that if they are using a firewall or a technology such as VPN, they are automatically secure. This is not necessarily true because all aegis holes, big and small, can be exploited. Aswell if accessories and technologies, such as VPNs, firewalls or routers, are mis-configured, the arrangement can be compromised.
Accidental Associations This can appear if a wireless arrangement is bureaucracy using the aforementioned SSID as your arrangement and aural ambit of your wireless device. You may accidentally accessory with their arrangement after your knowledge. Abutting to addition wireless LAN can admit passwords or acute certificate to anyone on the adjoining network. wireless LAN Aegis What Hackers Understand That You Don t airdefense.net Absorb 2002
Social Engineering Amusing Engineering is one of the alotof able and scariest types of attacks that can be done. This blazon of aggress absolutely scares me and can be done for some additional purposes besides compromising aegis in wireless networks. A scenario: Anyone dressed up as a abutment being from Cisco enters the workplace. The secretary sees his affected accreditation and lets him get canyon the foreground desk. The amateur walks from anteroom to cubicle, accession user names and passwords as he/she goes. Afterwards award a hidden corner, which seems to be agilely traveled, he plugs an afraid Admission Point into the network. At the aforementioned time he configures the Admission Point to not advertisement its SSID and modifies a few additional settings to create it harder for the IT administration to acquisition this Crimson Admission Point. He then leaves after anytime getting questioned by anyone because it looks like he just fits in. Now, all he has to do is be aural 300 anxiety from the admission point, (more if he added an antenna), and now has admission to all kinds of defended abstracts and data. This can be a adverse draft to any association and could eventually advance to defalcation if the secrets of the aggregation were appear to competitors.
Bruce Schneier came to my classroom and said the afterward about Amusing Engineering, Anyone is just aggravating to do their job, and be nice. Anyone takes advantage of that by targeting this animal nature. Amusing Engineering is unsolvable.
Securing wireless networks
According to Bruce Schneier and others such as Kevin Mitnick, you can never accept a absolutely defended accretion environment. What is generally appropriate is to try and ascendancy the accident which can be done if aegis is breached. One can try some altered accoutrement on the bazaar which can advice anticipate aegis breaches.
WEP WEP supports both 64 and 128-bit keys. Both are vulnerable, however, because the initialization agent is alone 24-bits continued in anniversary case. Its RC4 algorithm, which is acclimated deeply in additional implementations, such as SSL, is absolutely accessible in WEP. Http://infosecuritymag.com/2002/jan/cover.shtml wireless Insecurities By Basin Gardner. Altered accoutrement is to breach WEP keys, including AirSnort, which can be begin at airsnort.net. Although this adjustment is not a defended solution, it can be acclimated to advice arrest an antagonist if additional agency are not accessible financially or otherwise.
VPN and IPSec- IPSec VPNs let companies affix limited offices or wireless access using the accessible Internet rather than big-ticket busy curve or a managed data service. Encryption and affidavit systems assure the data as it crosses the accessible network, so companies don t accept to cede data aloofness and candor for lower costs. A lot of VPN s is on the bazaar today. An important agenda about VPNs is, interoperability does not absolutely exist, and whatever you use for your server has to be the aforementioned cast as your audience alotof of the time. Some VPNs include:
- Borderware
- BroadConnex networks
- CheckPoint
- Cisco
- Computer Associates
DMZ Abacus this to your arrangement enables you to put your wireless arrangement on an untrusted articulation of your network.
Firewalls Firewalls are all over the place. Firewalls ambit from accouterments to software versions. By abacus a firewall amid the wireless arrangement and active arrangement helps anticipate hackers from accessing your active network. This cardboard doesn t go into specifics about altered firewalls and how to set them up, but there are many. Some of the firewalls include:
- ZoneAlarm (an bargain based software firewall) Zonelabs.com
- Symantec has some altered firewalls depending what you require.
PKI - Public-key basement (PKI) is the aggregate of software, encryption technologies, and casework that enables enterprises to assure the aegis of their communications and business affairs on the Internet. What is PKI? verisign.netscape.com/security/pki/understanding.html
Site Surveys Website Surveys absorb using a software amalgamation and a wireless accessory to delving your arrangement for Admission Credibility and aegis risks.
Proactive Approaches
Since wireless technology is insecure, companies or anyone can yield a proactive access to try and analyze hackers aggravating to accretion admission via wireless networks .
Honeypots are affected networks bureaucracy to try and allurement in hackers. This enables administrators to acquisition out added about what blazon of techniques hackers are using to accretion access. One artefact is Mantrap created by Symantec.
ManTrap has the different adeptness to ascertain both host- and network-based attacks, accouterment amalgam apprehension in a individual solution. No amount how an centralized or alien antagonist tries to accommodation the system, Symantec ManTrap s allurement sensors will bear holistic apprehension and acknowledgment and accommodate abundant advice through its arrangement of data accumulating modules.
enterprisesecurity.symantec.com/products/products.cfm?ProductID=157
Intrusion Apprehension Advance Apprehension is software that monitors cartage on the network. It sounds out a admonishing if a hacker it aggravating to admission the network. One such chargeless artefact is Snort.
Before we proceed, there are a few basal concepts you should accept about Snort. There are three capital modes in which Snort can be configured: sniffer, packet logger, and arrangement advance apprehension system. Adenoids approach artlessly reads the packets off of the arrangement and displays them for you in a connected beck on the console. Packet logger approach logs the packets to the disk. Arrangement advance apprehension approach is the alotof circuitous and configurable configuration, acceptance Snort to assay arrangement cartage for matches adjoin a user authentic aphorism set and accomplish several accomplishments based aloft what it sees. snort.org/docs/writing_rules/chap1.html#tth_chAp1
Network Monitoring- Arrangement Ecology would be articles such as snort that adviser the breeze of cartage over the network.
Quick tips and tricks
- When ambience up wireless networks and admission credibility there are a few quick accomplish that can be taken to anon defended the network, even admitting it does not create it secure. Some of these means include:
- Change your absence SSID: anniversary router or admission point comes with a absence SSID. By alteration this it can yield best for an antagonist to understand what blazon of accessory he is aggravating to hack.
- Change the absence countersign all-encompassing absence passwords are assigned to admission credibility and routers. Sometimes the countersign is admin. By alteration this password, the antagonist cannot adapt settings on your router as easily.
- Disable broadcasting SSID: By absence AP s advertisement their SSIDs, if you shutoff this ambience it is harder for outsiders to acquisition your AP.
- Enable MAC filtering: WARNING: this can alone plan in abate environments area a centralized admission account does not charge to be maintained. You can accredit alone specific wireless cards to admission the AP by alone enabling those MAC addresses.
- Turn off shares: If aegis is important, scanning for shares and axis off the shares on the arrangement can help. Aswell encrypting acute data can anticipate hackers from accessing the data.
- Put your wireless admission credibility in a harder to acquisition and ability spot.
- Keep your drivers on all wireless accessories updated. This helps application absolute aegis vulnerabilities.
- Read accepted columnist releases about arising wireless news.
|
Tags: internet, companies, access, software, anyone, based, technology, point, information, system, different, products, traffic, person, wireless, risks, networks, network, shares, broadcast wireless, network, security, access, networks, wired, hackers, information, point, secure, points, wlans, firewalls, technology, standard, traffic, detection, products, software, snort, vulnerabilities, exist, rouge, insecure, different, engineering, devices, default, companies, device, social, attacker, trying, person, based, internet, public, prevent, risks, intrusion, allowing, organization, configuration, symantec, password, firewall, shares, passwords, system, enables, mantrap, anyone, driving, besides, standards, original, connected, solution, decrease, environment, configured, infrastructure, broadcast, sensitive, method, adding, deploy, tools, router, , wireless networks, access point, access points, 802 11b, wireless lan, wireless network, network and, security risks, wireless lans, intrusion detection, social engineering, networks and, network can, over the, rouge access, wired network, decrease vulnerabilities, risks and, 11b wireless, original 802, war driving, traffic over, wireless device, rouge access points, hackers know that, prevent hackers from, hackers from accessing, network intrusion detection, security what hackers, lan security what, wired counterpart except, wireless networks which, counterpart except without, interference from other, wireless access points, 11b wireless environment, |
Share The aegis risks and means to abatement vulnerabilities in a 802.11b wireless ambiance:
Text link code :
Hyper link code:
Also see ...
PermalinkArticle In : Computers & Technology - Computer
