Exam Objectives Fast Track

Previous page
Table of content
Next page

Introduction to the Wireless LAN

  • Wireless Equivalent Privacy (WEP) is the security method used in IEEE 802.11 WLANs, and Wireless Transport Layer Security (WTLS) provides security in WAP networks.

  • WEP provides for two key sizes: 40-bit and 104-bit secret keys. These keys are concatenated to a 24-bit initialization vector (IV) to provide either a 64- or 128-bit key for encryption.

  • WEP uses the RC4 stream algorithm to encrypt its data.

  • 802.11 networks use two types of authentication: open system authentication and shared-key authentication.

  • There are two types of 802.11 network modes: ad hoc and infrastructure. Ad hoc 802.11 networks are peer-to-peer in design and can be implemented by two clients with wireless network cards. The infrastructure mode of 802.11 uses Access Points (APs) to provide wireless connectivity to a wired network beyond the AP.

  • To protect against some rudimentary attacks that insert known text into the stream to attempt to reveal the key stream, WEP incorporates a checksum in each frame. Any frame not found to be valid through the checksum is discarded.

  • Used on its own, WEP does not provide adequate WLAN security.

  • To be effective, WEP must be implemented on every client as well as every AP.

  • WEP keys are user definable and unlimited. They do not have to be predefined and can and should be changed often.

  • Despite WEP's drawbacks, you should implement the strongest version of WEP available and keep abreast of the latest upgrades to the standards.

  • The IEEE 802.1x specification uses the Extensible Authentication Protocol (EAP) to provide for client authentication.

Wireless LAN Security Issues

  • Examining the common threats to both wired and wireless networks provides a solid understanding in the basics of security principles and allows the network administrator to fully assess the risks associated with using wireless and other technologies.

  • Threats can come from simple design issues, where multiple devices utilize the same setup, or intentional denial of service attacks, which can result in the corruption or loss of data.

  • Malicious users aren't the source of all threats. Threats can also be caused by a conflict of similar resources, such as 802.11b networks and cordless telephones.

  • With wireless networks going beyond the border of the office or home, chances are greater that users' actions might be monitored by a third party.

  • Electronic eavesdropping, or sniffing, is passive and undetectable to intrusion detection devices.

  • Tools that can be used to sniff networks are available for Windows (such as Ethereal and AiroPeek) and UNIX (such as TCPDump and ngrep).

  • Sniffing traffic allows attackers to identify additional resources that can be compromised.

  • Even encrypted networks have been shown to disclose vital information in cleartext, such as the network name, that can be received by attackers sniffing a WLAN.

  • Any authentication information that is broadcast can often be simply replayed to services requiring authentication (NT Domain, WEP authentication, and so on) to access resources.

  • The use of virtual private networks (VPNs), Secure Sockets Layer (SSL), and Secure Shell (SSH) helps protect against wireless interception.

  • Due to the design of TCP/IP, there is little that you can do to prevent MAC/IP address spoofing. Static definition of MAC address tables can prevent this type of attack. However, due to significant overhead in management, this prevention is rarely implemented.

  • Wireless network authentication can be easily spoofed by simply replaying another node's authentication back to the AP when attempting to connect to the network.

  • Many wireless equipment providers allow end users to redefine the MAC address for their cards through the configuration utilities that come with the equipment.

  • External two-factor authentication such as Remote Access Dial-In User Service (RADIUS) or SecureID should be implemented to additionally restrict access requiring strong authentication to access the wireless resources.

  • Due to the design of TCP/IP, some spoof attacks allow attackers to hijack, or take over, network connections established for other resources on the wireless network.

  • If an attacker hijacks the AP, all traffic from the wireless network gets routed through the attacker, so the attacker can then identify passwords and other information that other users are attempting to use on valid network hosts.

  • Many users are susceptible to man-in-the-middle attacks, often entering their authentication information even after receiving many notifications that SSL or other keys are not what they should be.

  • Rogue APs can assist an attacker by allowing remote access from wired or wireless networks. These attacks are often overlooked as faults in a user's machine, allowing attackers to continue hijacking connections with little fear of being noticed.

  • Many wireless networks that use the same frequency within a small space can easily cause network disruptions and even DoS for valid network users.

  • If an attacker hijacks the AP and does not pass traffic on to the proper destination, all users will be unable to use the network.

  • Flooding the wireless network with transmissions can prevent other devices from utilizing the resources, making the wireless network inaccessible to valid network users.

  • Wireless attackers can utilize strong and directional antennas to attack the wireless network from a great distance.

  • An attacker who has access to the wired network can flood the wireless AP with more traffic than it can handle, preventing wireless users from accessing the wired network.

  • Many new wireless products utilize the same wireless frequencies as 802.11 networks. A simple cordless telephone can create a DoS situation for the network.

Configuring Windows Client Computers for Wireless LAN Security

  • Windows XP provides support for 802.1x protection on wireless networking connections.

  • Windows XP integrated wireless networking into the operating system to a high degree. Windows XP takes control of your network connection in most cases.

  • Windows 2000 does not offer the high degree of integrated wireless networking that Windows XP does.

  • Both Windows 2000 and Windows XP can support WEP 64 and WEP 128 as well as any third-party solutions on the market.


Previous page
Table of content
Next page
MCSE. MCSA Implementing & Administering Security in a Windows 2000 Network Study Guide Exam 70-214
MCSE/MCSA Implementing and Administering Security in a Windows 2000 Network: Study Guide and DVD Training System (Exam 70-214)
ISBN: 1931836841
EAN: 2147483647
Year: 2003
Pages: 162
Authors: Will Schmied, Thomas W. Shinder
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Inside Network Security Assessment: Guarding Your IT Infrastructure
Developing Tablet PC Applications (Charles River Media Programming)
SQL Hacks
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Programming Microsoft ASP.NET 3.5
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy