Chapter 4: Secure Wireless Networking

¡Supera tus tareas y exámenes ahora con Quizwiz!

Exam Tip - Antennas

- Because wireless antennas can transmit outside a facility, tuning and placement of antennas can be crucial for security. Adjusting radiated power through the power level controls will assist in keeping wireless signals from being broadcast outside areas under physical access control.

VPN (Over Open Wireless)

- Can use captive portals as network access control (NAC) implementations to increase communication security over public wireless networks.

- CCMP- definition - What is it used by?

- Counter Mode with Cipher Block Chaining-Message Authentication Codes Protocol (or Counter Mode with CBC-MAC Protocol. CCMP is a data encapsulation encryption mechanism designed for wireless use. - It is used by the WPA2 802.11i (AKA WPA2) standard. CCMP is the mode in which the AES cipher is used to provide message integrity. - It requires new hardware to perform the AES encryption.

- WEP definition - How does WEP work?

- Wired Equivalent Privacy. It uses a cipher to encrypt the data as it is transmitted through the air and is a part of the 802.11 protocol. - WEP works by encrypting data traveling across the network with an RC4 stream cipher. The system depends on the client and the AP having a shared secret key, ensuring that only authorized people with the proper key have access to the wireless network.

- AirSnort

- a modified sniffing program that can take advantage of IV streams to retrieve WEP keys.

- NetStumbler

- a scanning program that captures beacon frames and SSIDs of all APs.

What are the five versions of wireless protocol?

802.11a, 802.11b, 802.11g, 802.11n, 802.11ac.

Exam Tip

Although not considered the strongest security measures, renaming the SSID and disabling SSID broadcast are important concepts to know for the exam.

Exam Tip - Site Survey

Functionality of wireless networks is dependent upon radio signals. Conducting a site survey and choosing the proper antenna type and placement are important steps to ensure proper coverage of a site, including areas blocked by walls, interfering signals, and echoes.

How is the most basic form of 802.11 authentication handled?

It is handled at the access point (AP), forcing clients to perform a handshake when attempting to "associate" to the AP. Association is the process required before the AP will allow the client to talk across the AP to the network.

- What is the objective of antenna placement?

The objective of antenna placement is to maximize the coverage over a physical area and reduce low-gain areas.

Exam tip

WEP alone should not be trusted to provide confidentiality. If WEP is the only protocol supported by your AP, place it outside the corporate firewall and VPN to add more protection.

- TKIP definition - what is it used with? - How it works

- Temporal Key Integrity Protocol. It is used with WPA - TKIP works by using a shared secret combined with the card's MAC address to generate a new key, which is mixed with the IV to make per-packet keys that encrypt a single packet using the RC4 cipher used by traditional WEP. - TKIP is no longer considered secure and has been deprecated with the release of WPA2.

- 802.11i specifications

- The 802.11i standard specifies the use of the Counter Mode with CBC-MAC Protocol (in full, the Counter Mode with Cipher Block Chaining - Message Authentication Codes Protocol, or simply CCMP)

- Where is the SSID found. - How does authentication occur?

- The SSID is a unique 32-character identifier attached to the header of a packet. - Authentication occurs only if the client has all the correct parameters needed in the handshake, among them the SSID.

- Captive portal - Where and how are these most frequently used?

- Captive portal refers to a specific technique of using an HTTP client to handle authentication on a wireless network. - Frequently employed in public hotspots, a captive portal opens a web browser to an authentication page. This occurs before the user is granted admission to the network. - The access point uses this simple mechanism by intercepting all packets and returning the web page for login. The actual web server that serves up the authentication page can be in a walled-off section of the network.

- High gain vs low gain

- High gain is a narrow, focused beam and is more susceptible to interference or loss of signal. Low gain usually is omnidirectional, but also is broadcast outside areas under physical control.

- IV definition

- Initialization Vector - The IV is the primary reason for the weaknesses in the WEP. The IV is sent in the plaintext part of the message, and because the total keyspace is approximately 16 million keys, the same key will be reused.

- Advantages of WPA using TKIP

- It overcomes the WEP weakness by using a key on only one packet as opposed to all. - It can be retrofitted to current hardware with only a software change, unlike Advanced Encryption Standard (AES) and 802.1x

- MAC Filter - Where is it employed? - Wired vs wireless networks.

- MAC filtering is the selective admission of packets based on a list of approved Media Access Control (MAC) addresses. - MAC filters are employed on switches. - MAC addresses are harder for attackers to find on wired networks. On wireless networks, MAC addresses can be seen and therefore easily spoofed.

Site survey steps

- Mapping the floor plan, testing for RF interference, testing for RF coverage, and analysis of material via software. - After deploying the APs, the site is surveyed again, mapping the results versus the predicted, watching signal strength and signal-to-noise rations.

- SSID definition

- Service Set Identifier. This is the authentication function.

- What is a beacon frame?

- The beacon frame's purpose is to announce the wireless network's presence and capabilities so that WLAN cards can attempt to associate to it.

Omnidirectional antennas - Weakness?

- These are the most common type of antenna that comes with standard Access Points. They cover the greatest area per antenna. - The weakness occurs in corners and hard-to-reach areas, as well as boundaries of a facility where directional antennas are needed to complete coverage.

- Why are SSIDs not secure? - What exacerbates the insecurity of SSIDs?

- They are sent in plaintext in the packets and any sniffer can find them. - Most wireless APs broadcast a beacon frame that contains the SSID.

Site survey

- When developing a coverage map for a complex building site, you need to take into account a wide variety of factors, particularly walls, interfering sources, and floor plans.

- WPA defitiion

- Wi-Fi Protected Access - this is the first standard to be used in the market to replace WEP.

- WPA2 definition - How it works

- Wi-Fi Protected Access 2 (AKA IEEE 802.11i) is the standard for security in wireless networks. - It uses 802.1x to provide authentication and uses the Advanced Encryption Standard (AES) as the encryption protocol. It uses AES block ciphers which is a significant improvement over WEP and WPA RC4 streams.

- WPS definition - Attributes

- Wi-Fi Protected Setup is a network security standard that was created to provide users with an easy method of configuring wireless networks. - Designed for home and small business networks. It uses an eight-digit PIN to configure wireless devices. - WPS consists of a series of Extensible Authentication Protocol (EAP) messages and has been shown to be susceptible to brute-force attack.


Conjuntos de estudio relacionados

Ten Top Tips on Queen Anne (1702-1714)

View Set

ENGINEERING STUDY GUIDE FOR INTERIM

View Set