Professional Documents
Culture Documents
Introduction to Wireless LANs Wireless LAN Technology Threats and Vulnerabilities of Wireless LAN War driving, its configuration Encryption Hazards How to protect your Wireless LAN Securing Rogue Access points Conclusion
Wireless LAN is a flexible communication system implemented as an extension to a wired LAN ,using electromagnetic waves to transmit and receive data over air, minimizing the need for wired connections. It combines data connectivity with user mobility and through simplified configuration enables movable LANs.
drivers are mobility and accessibility Easily change work locations in the office Internet access at airports and cafes,etc Increased Productivity Improved collaboration No need to reconnect to the network Ability to work in more areas No need to wire hard-to-reach areas
Key
No cable to pull. Eliminates current architecture obstacles. Few transmitters/receivers for multiple for users.
Installation flexibility
The network goes where wires cannot. Not constrained by expensive walls. Easy to add more computers and devices.
Reduced cost-of-ownership
Mobile devices are less expensive than computer workstations. Can Run Errands and stay in touch. No need to build wiring closets.
Mobility
Access to real-time information. Supports productivity. Provides service opportunities. Promotes flexibility.
Scalability
Spans a variety of topologies. Configurations are easily changed. Works over great distances. Effective for wide range of user communities.
Small number of users with local needs. Full infrastructure networks roaming over a broad area.
Cost
Wireless network cards cost 4 times more than wired network cards. The access points are more expensive than hubs and wires. Access points pick up the signals of adjacent access points or overpower their signal.
Environmental Conditions
Susceptible to weather and solar activity. Constrained by buildings, trees, terrain. Slower bandwidth. Limit to how much data a carrier wave can transmit without lost packets impacting performance.
http://www.Compaq.com
Less Capacity
Corporate
Education
Connectivity to the University Network for collaborative class activities. Ability to access research sources without requiring a hard point.
Narrowband Technology. Spread Spectrum. Frequency-Hopping spread Spectrum Technology Direct Sequence Spread spectrum Infrared Technology
Someone could block the entire radio communication channel by transmitting junk on certain frequencies and anonymously stage a denial of service attack from your network. Someone can plant viruses on your system. Change Web pages. The latest high-profile hacking method is called war driving, whereby hackers find unprotected WLANs by driving around with a laptop and 802.11 Ethernet card .
Regardless of the technology, WLAN security will always be limited because users will sidestep security features . Thus,its the weakest link in an IT infrastructure to steal corporate data. As the number of WLAN cards grows, so will the opportunities for hackers to break into wireless networks
Sniffing and War Driving Rogue Networks Policy Management MAC Address SSID WEP
Default installation allow any wireless NIC to access the network Drive around (or walk) and gain access to wireless networks Provides direct access behind the firewall Heard reports of an 8 mile range using a 24dB gain parabolic dish antenna
Network users often set up rogue wireless LANs to simplify their lives Rarely implement security measures Network is vulnerable to War Driving and sniffing and you may not even know it
Full network access or no network access Need means of identifying and enforcing access policies
Can control access by allowing only defined MAC addresses to connect to the network This address can be spoofed Must compile, maintain, and distribute a list of valid MAC addresses to each access point Not a valid solution for public applications
SSID is the network name for a wireless network. WLAN products common defaults: 101 for 3COM and tsunami for Cisco The more people that know the SSID, the higher the likelihood it will be misused. Changing the SSID requires communicating the change to all users of the network
Designed to be computationally efficient, self-synchronizing, and exportable Vulnerable to attack All users of a given access point share the same encryption key Data headers remain unencrypted so anyone can see the source and destination of the data stream
WEP uses the RC4 encryption algorithm, which uses the same key to scramble and descramble the packets . Dedicated hackers could still compromise the network, most likely due to weak encryption and the reuse of encryption keys. . If your key management system cycles through the same set of keys in a predictable manner, determined hackers can gather data from your LAN traffic and correlate it with the keys to help decipher the encryption.
Find unsecured access points Use personal firewall software Physically Secure Laptops Biometrics Using Hardware Tokens
Wireless LANs are very useful and convenient, but current security state not ideal for sensitive environments. Cahners In-Stat group has projected that the number of wireless LAN cards will grow up from 2.6 million in 2000 to 11.8 million in 2003 . Growing use and popularity require increased focus on security