Introduction to Wireless LANs Wireless LAN Technology Threats and Vulnerabilities of Wireless LAN War driving, its configuration Encryption Hazards How to protect your Wireless LAN Securing Rogue Access points Conclusion

 Wireless LAN is a flexible communication system implemented as an extension to a wired LAN ,using electromagnetic waves to transmit and receive data over air, minimizing the need for wired connections.  It combines data connectivity with user mobility and through simplified configuration enables movable LANs.

drivers are mobility and accessibility Easily change work locations in the office Internet access at airports and cafes,etc Increased Productivity Improved collaboration No need to reconnect to the network Ability to work in more areas No need to wire hard-to-reach areas
Key

Installation speed and simplicity

No cable to pull. Eliminates current architecture obstacles. Few transmitters/receivers for multiple for users.

Installation flexibility

The network goes where wires cannot. Not constrained by expensive walls. Easy to add more computers and devices.

Reduced cost-of-ownership

Mobile devices are less expensive than computer workstations. Can Run Errands and stay in touch. No need to build wiring closets.

Mobility

Access to real-time information. Supports productivity. Provides service opportunities. Promotes flexibility.

Scalability

Spans a variety of topologies. Configurations are easily changed. Works over great distances. Effective for wide range of user communities.
Small number of users with local needs. Full infrastructure networks roaming over a broad area.

Cost

Wireless network cards cost 4 times more than wired network cards. The access points are more expensive than hubs and wires. Access points pick up the signals of adjacent access points or overpower their signal.

Signal Bleed Over

Environmental Conditions

Susceptible to weather and solar activity. Constrained by buildings, trees, terrain. Slower bandwidth. Limit to how much data a carrier wave can transmit without lost packets impacting performance.
http://www.Compaq.com

Less Capacity

Corporate

Mobile networking for e-mail, file sharing, and web browsing.

Education

Connectivity to the University Network for collaborative class activities. Ability to access research sources without requiring a hard point.

  

 

Narrowband Technology. Spread Spectrum. Frequency-Hopping spread Spectrum Technology Direct Sequence Spread spectrum Infrared Technology

    

IEEE 802.11 IEEE 802.11b IEEE 802.11a IEEE 802.11e HiperLAN/2

  

Someone could block the entire radio communication channel by transmitting junk on certain frequencies and anonymously stage a denial of service attack from your network. Someone can plant viruses on your system. Change Web pages. The latest high-profile hacking method is called war driving, whereby hackers find unprotected WLANs by driving around with a laptop and 802.11 Ethernet card .

Regardless of the technology, WLAN security will always be limited because users will sidestep security features . Thus,its the weakest link in an IT infrastructure to steal corporate data. As the number of WLAN cards grows, so will the opportunities for hackers to break into wireless networks 

     

Sniffing and War Driving Rogue Networks Policy Management MAC Address SSID WEP

 

Default installation allow any wireless NIC to access the network Drive around (or walk) and gain access to wireless networks Provides direct access behind the firewall Heard reports of an 8 mile range using a 24dB gain parabolic dish antenna

Basic Configuration of War Driving

 

Network users often set up rogue wireless LANs to simplify their lives Rarely implement security measures Network is vulnerable to War Driving and sniffing and you may not even know it

 

Full network access or no network access Need means of identifying and enforcing access policies

 

Can control access by allowing only defined MAC addresses to connect to the network This address can be spoofed Must compile, maintain, and distribute a list of valid MAC addresses to each access point Not a valid solution for public applications

SSID is the network name for a wireless network. WLAN products common defaults: 101 for 3COM and tsunami for Cisco The more people that know the SSID, the higher the likelihood it will be misused. Changing the SSID requires communicating the change to all users of the network

 Designed to be computationally efficient, self-synchronizing, and exportable  Vulnerable to attack  All users of a given access point share the same encryption key  Data headers remain unencrypted so anyone can see the source and destination of the data stream

WEP uses the RC4 encryption algorithm, which uses the same key to scramble and descramble the packets . Dedicated hackers could still compromise the network, most likely due to weak encryption and the reuse of encryption keys. . If your key management system cycles through the same set of keys in a predictable manner, determined hackers can gather data from your LAN traffic and correlate it with the keys to help decipher the encryption.

    

Find unsecured access points Use personal firewall software Physically Secure Laptops Biometrics Using Hardware Tokens

TCP Fingerprinting (Nmap):

Wireless LANs are very useful and convenient, but current security state not ideal for sensitive environments. Cahners In-Stat group has projected that the number of wireless LAN cards will grow up from 2.6 million in 2000 to 11.8 million in 2003 . Growing use and popularity require increased focus on security