5. How 802.11 Works Designed to integrate easily with existing wired networks 802.11 uses CSMA/CA to access the medium Each device has a unique 48bit MAC address just like the 802.3 Ethernet
6. 802.11 Modes of Communication Infrastructure All client adapters associate with the Access point. Each client adapter only communicates with the Access Point Ad-Hoc Wireless client adapters communicate with each other directly
7. Nature of The Medium Unlike on wired networks, all communications are essentially broadcasts This makes passive sniffing and MITM easier Therefore encryption of data is key to secure communication
14. 802.11 Inbuilt Security Wired Equivalent Privacy (WEP) Uses RC4 Stream cipher for encryption WiFi Protected Access (WPA or TKIP) Uses RC4 Stream cipher for encryption WPA2 Uses AES Block cipher for encryption
15. Wired Equivalent Privacy (WEP) So damn popular in Malaysia WEP implementation has many flaws WEP encryption is easily broken Client side attacks on WEP make it even easier
16. Wireless Security A False sense of Security Demo 1: WEP key pwnage within a few minutes
17. Wi-Fi Protected Access (WPA) WPA or TKIP is more secure than WEP WPA-PSK is the easiest to implement WPA-PSK is susceptible to an offline brute-force attack WPA2 uses AES and is so far considered secure
19. Most Obvious Wi-Fi Threat Solution: Use of strong wireless authentication and encryption in Wi-Fi OPEN and WEP are a BIG NO WPA can be used, but not enterprise grade. Use WPA2 which is enterprise graded. SSID and MAC access control can be evaded
20. Wi-Fi or No Wi-Fi Cannot Address Unmanaged Devices Threats From Unmanaged Devices
30. WiFi Hotspots Hotspots offer unencrypted connectivity MITM & sniffing is very easily implemented Tools like SSL strip can nullify HTTPS protection (lol) Use of VPN or higher layer encryption is recommended
31. DoS Attacks Wireless DoS attacks are inevitable for WiFi Spoofed disconnects Spoofed connection floods Hogging wireless medium Even Cisco MFP and 802.11w are vulnerable to DoS attacks Google “Auto immunity disorder in Wireless LANs”
35. Wireless Security A False sense of Security Demo 2: Cuz I’m a Man In The Mirror
36. Conclusion Wi-Fi warrants new security controls in enterprise networks For both Wi-Fi and no Wi-Fi networks Perceived as high priority item today Also a regulatory compliance requirements Strong authorization and encryption (WPA2) is essential for authorized Wi-Fi Prevents eavesdropping and unauthorized access Another layer of security in the form of WIPS (Wireless Intrusion Prevention System) is essential for comprehensive protection Prevents Rogue AP’s, ad-hoc connection, misassociations, cracking exploits, DoS attacks Compliance monitoring Performance monitoring and troubleshooting as added benefits
37. Questions? I don’t bring my name card. I love trees. email: mysiddiq@gmail.com Thanks for listening May your next day be more secure