SlideShare una empresa de Scribd logo

Wireless Network Security

Descargar como PPTX, PDF
K
kentquirk

Presentation by Morgan Quirk and Thomas Liu at WPI

TecnologíaEmpresariales
1 de 16
Wireless Network Security Thomas Liu Morgan Quirk 1
Introduction Wireless Network BSSID: cs440x WEP Open Key: BEEFFACADE http://thomas/ 2
Today’s Topics 3 Wireless vs. Wired Wireless security concerns Why WEP is Awful Why WPA is Less Awful Good Wireless Practices
Wireless vs. Wired 4 Packet Sniffing Remote Access Multiple targets Ease of Use
Wireless Security Concerns 5 Man in the middle attacks Accidental/Malicious association Ad-hoc networks Denial of service Unauthorized network access
Attacker Incentive 6 Free internet! [Industrial] espionage General malice Fun and profit
Wired Equivalent Privacy 7 Wireless security as good as having a wire! Turns out it isn’t so great. Introduced in 1997 Deprecated in 2004 Still widely used
WEP Encryption 8
Cracking WEP 9 Sniff the air for packets Look for IV collisions Use statistical analysis Not enough packets? De-authentication attack Replay attacks Chop-chop
Wi-Fi Protected Access / TKIP 10 WEP replacement without replacing legacy hardware Soon to be deprecated TKIP – Temporal Key Protocol Mixes IV and Key instead of simple concatenation Uses sequence numbers to prevent replay attacks Message integrity check IEEE standard for WPA requires handshaking Generates a session key to be used in packet encryption
TKIP Encryption 11
TKIP: It fixes things, but it could be better 12 Still vulnerable to Chop-chop, but it takes longer. QoS packet injection
AES – Advanced Encryption Standard 13 Adopted by the U.S. government 15 competing designs, won by Rijndael Replaces parts of TKIP/WEP
The AES Process 14 Key Expansion Add Round Key Per round: Byte Substitution Shift Rows Mix Columns Add Round Key Final Round Listen, it’s complicated. http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html
Best Practices 15 Use good encryption MAC Filtering Static IPs Network separation Policy
Questions? 16

Recomendados

Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
yousef emami
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
Anshuman Biswal
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
Agris Ameriks
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
Shital Kat
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2
Fábio Afonso
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
Nilesh Sapariya
 
Wlan security
Wlan securityWlan security
Wlan security
Sajan Sahu
 
Wireless security
Wireless securityWireless security
Wireless security
paripec
 

Recomendados

Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
yousef emami
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
Anshuman Biswal
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
Agris Ameriks
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
Shital Kat
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2
Fábio Afonso
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
Nilesh Sapariya
 
Wlan security
Wlan securityWlan security
Wlan security
Sajan Sahu
 
Wireless security
Wireless securityWireless security
Wireless security
paripec
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
Prakashchand Suthar
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
Muhammad Zia
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Vishal Agarwal
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Shahid Beheshti University
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
Aurobindo Nayak
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
Nzava Luwawa
 
Wireless LAN Security
Wireless LAN SecurityWireless LAN Security
Wireless LAN Security
Abu Rayhan Ahmmed Rimu
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
Fathima Rahaman
 
WPA 3
WPA 3WPA 3
WPA 3
diggu22
 
Chapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxChapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptx
AmanuelZewdie4
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and Dragonfly
Napier University
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
Tom Isaacson
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
Paul Gillingwater, MBA
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
arushi bhatnagar
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
Tushar Anand
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
Information Technology
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
Rana assad ali
 
Mac addresses(media access control)
Mac addresses(media access control)Mac addresses(media access control)
Mac addresses(media access control)
Ismail Mukiibi
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Wlan security
Wlan securityWlan security
Wlan security
Upasona Roy
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
Gyana Ranjana
 
Securing wireless network
Securing wireless networkSecuring wireless network
Securing wireless network
Syed Ubaid Ali Jafri
 

Más contenido relacionado

La actualidad más candente

Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
Information Technology
 
Mac addresses(media access control)
Mac addresses(media access control)Mac addresses(media access control)
Mac addresses(media access control)
Ismail Mukiibi
 

La actualidad más candente (20)

WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
 
Wireless LAN Security
Wireless LAN SecurityWireless LAN Security
Wireless LAN Security
 
Wireless Network security
Wireless Network securityWireless Network security
Wireless Network security
 
WPA 3
WPA 3WPA 3
WPA 3
 
Chapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptxChapter 7 - Wireless Network Security.pptx
Chapter 7 - Wireless Network Security.pptx
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and Dragonfly
 
WPA3 - What is it good for?
WPA3 - What is it good for?WPA3 - What is it good for?
WPA3 - What is it good for?
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
 
Mac addresses(media access control)
Mac addresses(media access control)Mac addresses(media access control)
Mac addresses(media access control)
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Wlan security
Wlan securityWlan security
Wlan security
 

Destacado

Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
Ayoma Wijethunga
 
Hp Fortify Mobile Application Security
Hp Fortify Mobile Application SecurityHp Fortify Mobile Application Security
Hp Fortify Mobile Application Security
Ed Wong
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M
 
Kablosuz Ağlar ve Güvenlik Riskleri
Kablosuz Ağlar ve Güvenlik RiskleriKablosuz Ağlar ve Güvenlik Riskleri
Kablosuz Ağlar ve Güvenlik Riskleri
BGA Cyber Security
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN security
Rajan Kumar
 
Wireless communication
Wireless communicationWireless communication
Wireless communication
Darshan Maru
 

Destacado (15)

Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Securing wireless network
Securing wireless networkSecuring wireless network
Securing wireless network
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
 
Hp Fortify Mobile Application Security
Hp Fortify Mobile Application SecurityHp Fortify Mobile Application Security
Hp Fortify Mobile Application Security
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
Kablosuz Ağlar ve Güvenlik Riskleri
Kablosuz Ağlar ve Güvenlik RiskleriKablosuz Ağlar ve Güvenlik Riskleri
Kablosuz Ağlar ve Güvenlik Riskleri
 
Cisco project ideas
Cisco project ideasCisco project ideas
Cisco project ideas
 
Wireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best PracticesWireless LAN Security, Policy, and Deployment Best Practices
Wireless LAN Security, Policy, and Deployment Best Practices
 
IEEE 802.11
IEEE 802.11IEEE 802.11
IEEE 802.11
 
Wireless networking
Wireless networkingWireless networking
Wireless networking
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN security
 
Wireless communication
Wireless communicationWireless communication
Wireless communication
 
Network security
Network securityNetwork security
Network security
 

Similar a Wireless Network Security

A comparitive analysis of wireless security protocols (wep and wpa2)
A comparitive analysis of wireless security protocols (wep and wpa2)A comparitive analysis of wireless security protocols (wep and wpa2)
A comparitive analysis of wireless security protocols (wep and wpa2)
pijans
 
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Dr. Amarjeet Singh
 

Similar a Wireless Network Security (20)

A comparitive analysis of wireless security protocols (wep and wpa2)
A comparitive analysis of wireless security protocols (wep and wpa2)A comparitive analysis of wireless security protocols (wep and wpa2)
A comparitive analysis of wireless security protocols (wep and wpa2)
 
A framework for securing wireless home networks 1
A framework for securing wireless home networks 1A framework for securing wireless home networks 1
A framework for securing wireless home networks 1
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be Jeopardized
 
chapter 7 -wireless network security.ppt
chapter 7 -wireless network security.pptchapter 7 -wireless network security.ppt
chapter 7 -wireless network security.ppt
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
 
Module 6 Wireless Network security
Module 6 Wireless Network securityModule 6 Wireless Network security
Module 6 Wireless Network security
 
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
Solving Downgrade and DoS Attack Due to the Four Ways Handshake Vulnerabiliti...
 
Wireless security
Wireless securityWireless security
Wireless security
 
Analysis Of Security In Wireless Network
Analysis Of Security In Wireless NetworkAnalysis Of Security In Wireless Network
Analysis Of Security In Wireless Network
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
null Pune meet - Wireless Security
null Pune meet - Wireless Securitynull Pune meet - Wireless Security
null Pune meet - Wireless Security
 
A Survey On Wireless security
A Survey On Wireless securityA Survey On Wireless security
A Survey On Wireless security
 
Cit877[1]
Cit877[1]Cit877[1]
Cit877[1]
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Wpa2 psk security measure
Wpa2 psk security measureWpa2 psk security measure
Wpa2 psk security measure
 
Unit 5 presentation
Unit 5 presentationUnit 5 presentation
Unit 5 presentation
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 

Último

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Último (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 

Wireless Network Security

  • 1. Wireless Network Security Thomas Liu Morgan Quirk 1
  • 2. Introduction Wireless Network BSSID: cs440x WEP Open Key: BEEFFACADE http://thomas/ 2
  • 3. Today’s Topics 3 Wireless vs. Wired Wireless security concerns Why WEP is Awful Why WPA is Less Awful Good Wireless Practices
  • 4. Wireless vs. Wired 4 Packet Sniffing Remote Access Multiple targets Ease of Use
  • 5. Wireless Security Concerns 5 Man in the middle attacks Accidental/Malicious association Ad-hoc networks Denial of service Unauthorized network access
  • 6. Attacker Incentive 6 Free internet! [Industrial] espionage General malice Fun and profit
  • 7. Wired Equivalent Privacy 7 Wireless security as good as having a wire! Turns out it isn’t so great. Introduced in 1997 Deprecated in 2004 Still widely used
  • 9. Cracking WEP 9 Sniff the air for packets Look for IV collisions Use statistical analysis Not enough packets? De-authentication attack Replay attacks Chop-chop
  • 10. Wi-Fi Protected Access / TKIP 10 WEP replacement without replacing legacy hardware Soon to be deprecated TKIP – Temporal Key Protocol Mixes IV and Key instead of simple concatenation Uses sequence numbers to prevent replay attacks Message integrity check IEEE standard for WPA requires handshaking Generates a session key to be used in packet encryption
  • 12. TKIP: It fixes things, but it could be better 12 Still vulnerable to Chop-chop, but it takes longer. QoS packet injection
  • 13. AES – Advanced Encryption Standard 13 Adopted by the U.S. government 15 competing designs, won by Rijndael Replaces parts of TKIP/WEP
  • 14. The AES Process 14 Key Expansion Add Round Key Per round: Byte Substitution Shift Rows Mix Columns Add Round Key Final Round Listen, it’s complicated. http://www.moserware.com/2009/09/stick-figure-guide-to-advanced.html
  • 15. Best Practices 15 Use good encryption MAC Filtering Static IPs Network separation Policy