SlideShare ist ein Scribd-Unternehmen logo

Wireless Security.ppt

Als PPT, PDF herunterladen
M
Mavaz

Details about wireles security

Technologie
1 von 17
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin
What is WEP ? • Wireless connections need to be secured since the intruders should not be allowed to access, read and modify the network traffic. • Mobile systems should be connected at the same time. • Algorithm is required which provides a high level of security as provided by the physical wired networks. • Protect wireless communication from eavesdropping, prevent unauthorized access.
Security Goals of WEP: • Access Control  Ensure that your wireless infrastructure is not used. • Data Integrity  Ensure that your data packets are not modified in transit. • Confidentiality  Ensure that contents of your wireless traffic is not leaked.
Understanding WEP • WEP relies on a secret key which is shared between the sender (mobile station) and the receiver (access point). • Secret Key : packets are encrypted using the secret key before they are transmitted. • Integrity Check : it is used to ensure that packets are not modified in transit
Understanding WEP contd… • To send a message to M: – Compute the checksum c(M). Checksum does not depend on the secret key ‘k’. – Pick a IV ‘v’ and generate a key stream RC4(v,k). – XOR <M,c(M)> with the key stream to get the cipher text. – Transmit ‘v’ and the cipher text over a radio link.
How WEP Works Key Stream = RC4(v,k) Message CRC Transmitted Data XOR Cipher Text V Plain Text
How WEP works ? • WEP uses RC4 encryption algorithm known as “stream cipher” to protect the confidentiality of its data. • Stream cipher operates by expanding a short key into an infinite pseudo-random key stream. • Sender XOR’s the key stream with plaintext to produce cipher text. • Receiver has the copy of the same key, and uses it to generate an identical key stream. • XORing the key stream with the cipher text yields the original message.
Attack types • Passive Attacks – To decrypt the traffic based on statistical analysis (Statistical Attack) • Active Attacks – To inject new traffic from authorized mobile stations, based on known plaintext. • Active Attacks – To decrypt the traffic based on tricking the access point • Dictionary Attacks – Allow real time automated decryption of all traffic.
Wireless Networks and Security 1) What are Wireless Networks? • A wireless network is the way that a computer is connected to a router without a physical link. 2) Why do we need? • Facilitates mobility – You can use lengthy wires instead, but someone might trip over them. 3) Why security? • Attacker may hack a victim’s personal computer and steal private data or may perform some illegal activities or crimes using the victim’s machine and ID. Also there's a possibility to read wirelessly transferred data (by using sniffers)
Wireless Networks and Security Three security approaches: 1. WEP (Wired Equivalent Privacy) 2. WPA (Wi-Fi Protected Access) 3. WPA2 (Wi-Fi Protected Access, Version 2) WPA also has two generations named Enterprise and Personal.
WEP (Wired Equivalent Privacy) • Encryption: – 40 / 64 bits – 104 / 128 bits 24 bits are used for IV (Initialization vector) • Passphrase: – Key 1-4 – Each WEP key can consist of the letters "A" through "F" and the numbers "0" through "9". It should be 10 hex or 5 ASCII characters in length for 40/64-bit encryption and 26 hex or 13 ASCII characters in length for 104/128-bit encryption.
WPA/WPA2 Personal • Encryption: – TKIP – AES • Pre-Shared Key: – A key of 8-63 characters • Key Renewal: – You can choose a Key Renewal period, which instructs the device how often it should change encryption keys. The default is 3600 seconds
Attacking WEP • iwconfig – a tool for configuring wireless adapters. You can use this to ensure that your wireless adapter is in “monitor” mode which is essential to sending fake ARP (Address Resolution Protocol) requests to the target router • macchanger – a tool that allows you to view and/or spoof (fake) your MAC address • airmon – a tool that can help you set your wireless adapter into monitor mode (rfmon) • airodump – a tool for capturing packets from a wireless router (otherwise known as an AP) • aireplay – a tool for forging ARP requests • aircrack – a tool for decrypting WEP keys
How to defend when using WEP • Use longer WEP encryption keys, which makes the data analysis task more difficult. If your WLAN equipment supports 128-bit WEP keys. • Change your WEP keys frequently. There are devices that support "dynamic WEP" which is off the standard but allows different WEP keys to be assigned to each user. • Use a VPN for any protocol, including WEP, that may include sensitive information. • Implement a different technique for encrypting traffic, such as IPSec over wireless. To do this, you will probably need to install IPsec software on each wireless client, install an IPSec server in your wired network, and use a VLAN to the access points to the IPSec server.
How to defend when using WPA • Passphrases – the only way to crack WPA is to sniff the password PMK associated with the handshake authentication process, and if this password is extremely complicated it will be almost impossible to crack • Passphrase Complexity – select a random passphrase that is not made up of dictionary words. Select a complex passphrase of a minimum of 20 characters in length and change it at regular intervals
Common defense techniques • Change router default user name and password • Change the internal IP subnet if possible • Change default name and hide broadcasting of the SSID (Service Set Identifier) • None of the attack methods are faster or effective when a larger passphrase is used. • Restrict access to your wireless network by filtering access based on the MAC (Media Access Code) addresses • Use Encryption
Summary • Change all possible default router settings • Use encryption (WPA/WPA2) • Use long and complex keys/passphrases

Empfohlen

AleksandrDoroninSlides.ppt
AleksandrDoroninSlides.pptAleksandrDoroninSlides.ppt
AleksandrDoroninSlides.ppt
ImXaib
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
al-sari7
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
tardeep
 
Wifi
WifiWifi
Wifi
TheSmit Chheda
 
chapter 8.ppt
chapter 8.pptchapter 8.ppt
chapter 8.ppt
KidaneKenenisa1
 
Wireless and how safe are you
Wireless and how safe are youWireless and how safe are you
Wireless and how safe are you
Marcus Dempsey
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)
akruthi k
 

Empfohlen

AleksandrDoroninSlides.ppt
AleksandrDoroninSlides.pptAleksandrDoroninSlides.ppt
AleksandrDoroninSlides.ppt
ImXaib
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
al-sari7
 
wi-fi technology
wi-fi technologywi-fi technology
wi-fi technology
tardeep
 
Wifi
WifiWifi
Wifi
TheSmit Chheda
 
chapter 8.ppt
chapter 8.pptchapter 8.ppt
chapter 8.ppt
KidaneKenenisa1
 
Wireless and how safe are you
Wireless and how safe are youWireless and how safe are you
Wireless and how safe are you
Marcus Dempsey
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)
akruthi k
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
Shah Sheikh
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M
 
Unit08
Unit08Unit08
Unit08
Nurul Nadirah
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian
 
Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008
ClubHack
 
Wireless Security (1).ppt
Wireless Security (1).pptWireless Security (1).ppt
Wireless Security (1).ppt
EvaBlessed
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
Tom Isaacson
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
Shashank Srivastava
 
IP Protocol Security
IP Protocol SecurityIP Protocol Security
IP Protocol Security
David Barker
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
Fathima Rahaman
 
Wireless lan security(10.8)
Wireless lan security(10.8)Wireless lan security(10.8)
Wireless lan security(10.8)
SubashiniRathinavel
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
Nilesh Sapariya
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
Shivam Singh
 
Wi fi pentesting
Wi fi pentestingWi fi pentesting
Wi fi pentesting
Mihir Shah
 
Wpa3
Wpa3Wpa3
Wpa3
Bhavya Dashora
 
Wireless hacking and security
Wireless hacking and securityWireless hacking and security
Wireless hacking and security
Adel Zalok
 
Topic 4.0 wireless technology
Topic 4.0 wireless technologyTopic 4.0 wireless technology
Topic 4.0 wireless technology
Atika Zaimi
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
UC San Diego
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
Virendra Thakur
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacks
Huda Seyam
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
 

Weitere ähnliche Inhalte

Ähnlich wie Wireless Security.ppt

5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian
 
Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008
ClubHack
 
IP Protocol Security
IP Protocol SecurityIP Protocol Security
IP Protocol Security
David Barker
 

Ähnlich wie Wireless Security.ppt (20)

DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
Unit08
Unit08Unit08
Unit08
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008
 
Wireless Security (1).ppt
Wireless Security (1).pptWireless Security (1).ppt
Wireless Security (1).ppt
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
IP Protocol Security
IP Protocol SecurityIP Protocol Security
IP Protocol Security
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
 
Wireless lan security(10.8)
Wireless lan security(10.8)Wireless lan security(10.8)
Wireless lan security(10.8)
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
 
Wi fi pentesting
Wi fi pentestingWi fi pentesting
Wi fi pentesting
 
Wpa3
Wpa3Wpa3
Wpa3
 
Wireless hacking and security
Wireless hacking and securityWireless hacking and security
Wireless hacking and security
 
Topic 4.0 wireless technology
Topic 4.0 wireless technologyTopic 4.0 wireless technology
Topic 4.0 wireless technology
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacks
 

Kürzlich hochgeladen

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Kürzlich hochgeladen (20)

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 

Wireless Security.ppt

  • 1. Attack and Defense in Wireless Networks Presented by Aleksandr Doronin
  • 2. What is WEP ? • Wireless connections need to be secured since the intruders should not be allowed to access, read and modify the network traffic. • Mobile systems should be connected at the same time. • Algorithm is required which provides a high level of security as provided by the physical wired networks. • Protect wireless communication from eavesdropping, prevent unauthorized access.
  • 3. Security Goals of WEP: • Access Control  Ensure that your wireless infrastructure is not used. • Data Integrity  Ensure that your data packets are not modified in transit. • Confidentiality  Ensure that contents of your wireless traffic is not leaked.
  • 4. Understanding WEP • WEP relies on a secret key which is shared between the sender (mobile station) and the receiver (access point). • Secret Key : packets are encrypted using the secret key before they are transmitted. • Integrity Check : it is used to ensure that packets are not modified in transit
  • 5. Understanding WEP contd… • To send a message to M: – Compute the checksum c(M). Checksum does not depend on the secret key ‘k’. – Pick a IV ‘v’ and generate a key stream RC4(v,k). – XOR <M,c(M)> with the key stream to get the cipher text. – Transmit ‘v’ and the cipher text over a radio link.
  • 6. How WEP Works Key Stream = RC4(v,k) Message CRC Transmitted Data XOR Cipher Text V Plain Text
  • 7. How WEP works ? • WEP uses RC4 encryption algorithm known as “stream cipher” to protect the confidentiality of its data. • Stream cipher operates by expanding a short key into an infinite pseudo-random key stream. • Sender XOR’s the key stream with plaintext to produce cipher text. • Receiver has the copy of the same key, and uses it to generate an identical key stream. • XORing the key stream with the cipher text yields the original message.
  • 8. Attack types • Passive Attacks – To decrypt the traffic based on statistical analysis (Statistical Attack) • Active Attacks – To inject new traffic from authorized mobile stations, based on known plaintext. • Active Attacks – To decrypt the traffic based on tricking the access point • Dictionary Attacks – Allow real time automated decryption of all traffic.
  • 9. Wireless Networks and Security 1) What are Wireless Networks? • A wireless network is the way that a computer is connected to a router without a physical link. 2) Why do we need? • Facilitates mobility – You can use lengthy wires instead, but someone might trip over them. 3) Why security? • Attacker may hack a victim’s personal computer and steal private data or may perform some illegal activities or crimes using the victim’s machine and ID. Also there's a possibility to read wirelessly transferred data (by using sniffers)
  • 10. Wireless Networks and Security Three security approaches: 1. WEP (Wired Equivalent Privacy) 2. WPA (Wi-Fi Protected Access) 3. WPA2 (Wi-Fi Protected Access, Version 2) WPA also has two generations named Enterprise and Personal.
  • 11. WEP (Wired Equivalent Privacy) • Encryption: – 40 / 64 bits – 104 / 128 bits 24 bits are used for IV (Initialization vector) • Passphrase: – Key 1-4 – Each WEP key can consist of the letters "A" through "F" and the numbers "0" through "9". It should be 10 hex or 5 ASCII characters in length for 40/64-bit encryption and 26 hex or 13 ASCII characters in length for 104/128-bit encryption.
  • 12. WPA/WPA2 Personal • Encryption: – TKIP – AES • Pre-Shared Key: – A key of 8-63 characters • Key Renewal: – You can choose a Key Renewal period, which instructs the device how often it should change encryption keys. The default is 3600 seconds
  • 13. Attacking WEP • iwconfig – a tool for configuring wireless adapters. You can use this to ensure that your wireless adapter is in “monitor” mode which is essential to sending fake ARP (Address Resolution Protocol) requests to the target router • macchanger – a tool that allows you to view and/or spoof (fake) your MAC address • airmon – a tool that can help you set your wireless adapter into monitor mode (rfmon) • airodump – a tool for capturing packets from a wireless router (otherwise known as an AP) • aireplay – a tool for forging ARP requests • aircrack – a tool for decrypting WEP keys
  • 14. How to defend when using WEP • Use longer WEP encryption keys, which makes the data analysis task more difficult. If your WLAN equipment supports 128-bit WEP keys. • Change your WEP keys frequently. There are devices that support "dynamic WEP" which is off the standard but allows different WEP keys to be assigned to each user. • Use a VPN for any protocol, including WEP, that may include sensitive information. • Implement a different technique for encrypting traffic, such as IPSec over wireless. To do this, you will probably need to install IPsec software on each wireless client, install an IPSec server in your wired network, and use a VLAN to the access points to the IPSec server.
  • 15. How to defend when using WPA • Passphrases – the only way to crack WPA is to sniff the password PMK associated with the handshake authentication process, and if this password is extremely complicated it will be almost impossible to crack • Passphrase Complexity – select a random passphrase that is not made up of dictionary words. Select a complex passphrase of a minimum of 20 characters in length and change it at regular intervals
  • 16. Common defense techniques • Change router default user name and password • Change the internal IP subnet if possible • Change default name and hide broadcasting of the SSID (Service Set Identifier) • None of the attack methods are faster or effective when a larger passphrase is used. • Restrict access to your wireless network by filtering access based on the MAC (Media Access Code) addresses • Use Encryption
  • 17. Summary • Change all possible default router settings • Use encryption (WPA/WPA2) • Use long and complex keys/passphrases

Hinweis der Redaktion

  1. TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs
  2. The passphrase is the password that we are giving to our network- to our AP. The PSK is the passphrase but he (the PSK) took it and translate it to 256 bits of string. In WPA/WPA2/personal the PMK is the PSK
  3. PMK- Pairwise Master Key: The passphrase is the password that we are giving to our network- to our AP. The PSK is the passphrase but he (the PSK) took it and translate it to 256 bits of string. In WPA/WPA2/personal the PMK is the PSK