3. Today’s Topics 3 Wireless vs. Wired Wireless security concerns Why WEP is Awful Why WPA is Less Awful Good Wireless Practices
4. Wireless vs. Wired 4 Packet Sniffing Remote Access Multiple targets Ease of Use
5. Wireless Security Concerns 5 Man in the middle attacks Accidental/Malicious association Ad-hoc networks Denial of service Unauthorized network access
6. Attacker Incentive 6 Free internet! [Industrial] espionage General malice Fun and profit
7. Wired Equivalent Privacy 7 Wireless security as good as having a wire! Turns out it isn’t so great. Introduced in 1997 Deprecated in 2004 Still widely used
9. Cracking WEP 9 Sniff the air for packets Look for IV collisions Use statistical analysis Not enough packets? De-authentication attack Replay attacks Chop-chop
10. Wi-Fi Protected Access / TKIP 10 WEP replacement without replacing legacy hardware Soon to be deprecated TKIP – Temporal Key Protocol Mixes IV and Key instead of simple concatenation Uses sequence numbers to prevent replay attacks Message integrity check IEEE standard for WPA requires handshaking Generates a session key to be used in packet encryption