1. ๏Wireless security is the prevention of
unauthorized access or damage to
computers using wireless networks.
๏Network supported by radio
communications
๏Wireless networks are exposed to
speciallized attacks
๏concerns for wireless security are similar
to those found in a wired environment
2. no inherent physical protection
๏ฝ โ physical connections between devices are replaced by
logical associations
๏ฝ โ sending and receiving messages do not need physical
access to the network
๏ฝ infrastructure (cables, hubs, routers, etc.)
broadcast communications
๏ฝ โ wireless usually means radio, which has a broadcast
nature
๏ฝ โ transmissions can be overheard by anyone in range
๏ฝ โ anyone can generate transmissions,
๏ฝ โข which will be received by other devices in range
๏ฝ โข which will interfere with other nearby transmissions and
may prevent their
๏ฝ correct reception (jamming)
3. ๏ฝ eavesdropping is easy
๏ฝ injecting bogus messages into the network is
easy
๏ฝ replaying previously recorded messages is
easy
๏ฝ illegitimate access to the network and its
services is easy
๏ฝ denial of service is easily achieved by
jamming
4. confidentiality
๏ฝ โ messages sent over wireless links must be
encrypted
authenticity
๏ฝ โ origin of messages received over wireless
links must be verified
replay detection
๏ฝ โ freshness of messages received over
wireless links must be checked
5. integrity
๏ฝ โ modifying messages on-the-fly (during radio
transmission) is not so easy,
๏ฝ but possible โฆ
๏ฝ โ integrity of messages received over wireless
links must be verified
access control
๏ฝ โ access to the network services should be
provided only to legitimate
๏ฝ entities
๏ฝ โ access control should be permanent
๏ฝ protection against jamming
6. ๏ฝ part of the IEEE 802.11 specification
goal
๏ฝ โ make the WiFi network at least as secure as a
wired LAN (that
๏ฝ has no particular protection mechanisms)
๏ฝ โ WEP has never intended to achieve strong
security
๏ฝ โ (at the end, it hasnโt achieved even weak
security)
services
๏ฝ โ access control to the network
๏ฝ โ message confidentiality
๏ฝ โ message integrity
7. ๏ฝ WEP relies on a secret key which is shared
between the sender (mobile station) and the
receiver (access point).
๏ฝ Secret Key : packets are encrypted using the
secret key before they are transmitted.
๏ฝ Integrity Check : it is used to ensure that
packets are not modified in transit
8. โฆ Wi-Fi Protected Access (WPA)
๏ set of security mechanisms that eliminates most
802.11 security issues
๏ Wi-Fi Protected Access (WPA) and Wi-Fi Protected
Access II (WPA2) are two security protocols and
security certification programs developed by the Wi-Fi
to secure wireless computer networks
๏ based on the current state of the 802.11i standard
9. ๏ฝ Wired Equivalent Privacy (WEP) and WEP2
๏ฝ Media access control (MAC) addresses:
configuring access points to permit only
particular MAC addresses onto the network.
Easy to implement, but fairly easy to defeat.
๏ฝ VPNs: using a VPN to encrypt data on
wireless networks. VPNs require a lot of
management and client configuration.
๏ฝ User authentication
๏ฝ The Temporal Key Integrity Protocol (TKIP)
[IEEE 802.11i]
10. ๏ฝ Change default names
๏ฝ Add passwords to all devices
๏ฝ Disable broadcasting on network hubs
๏ฝ Don't give the network a name that identifies your
company
๏ฝ Move wireless hubs away from windows
๏ฝ Use the built-in encryption
๏ฝ Disable the features you don't use
๏ฝ Put a firewall between the wireless network and
other company computers
๏ฝ Encrypt data
๏ฝ Regularly test wireless network security