• With Wireless Networking, no cables or wires are

needed to network your computers and share

your Internet connection.
• WLANs offer a quick and effective extension of a
wired network or standard LAN.
• With a simple access point attached to the wired
network, personal computers, laptops, handheld
devices, printers, and other network devices can
connect with the wired network at broadband
speeds.
ACCESS POINT
BRIDGE
NIC
ANTENNA
AAA SERVER
NMS SERVER
WIRELESS LAN SECURITY

• Wireless LANs, because of their broadcast nature, require the

addition of:
User authentication
Data privacy
• Authenticating wireless LAN clients.

Client Authentication Process

 WLAN Authentication
• Types Of Authentication
 Open Authentication
• The authentication request
• The authentication response
 Shared Key Authentication
• requires that the client configure a static WEP key
 Service Set Identifier (SSID)
 MAC Address Authentication
• MAC address authentication verifies the client’s MAC
address against a locally configured list of allowed
addresses or against an external authentication server
WLAN Authentication Vulnerabilities
• SSID
An eavesdropper can easily determine the SSID with the use of an
802.11 wireless LAN packet analyzer, like Sniffer Pro.

• Open Authentication
Open authentication provides no way for the access point to
determine whether a client is valid.

• Shared Key Authentication Vulnerabilities

The process of exchanging the challenge text occurs over the
wireless link and is vulnerable to a man-in-the-middle attack

• MAC Address Authentication Vulnerabilities

A protocol analyzer can be used to determine a valid MAC
address
 WIRELESS LAN SECURITY
Component of WLAN Security
• The Authentication Framework (802.1X)
• The EAP Authentication Algorithm
 Mutual Authentication
 User-Based Authentication
 Dynamic WEP Keys

• Data Privacy with TKIP (Temporal Key Integrity Protocol )

 A message integrity check (MIC
 Per-packet keying
 Broadcast Key Rotation
Anyone within the geographical network
range of an open, unencrypted wireless
network can 'sniff' or record the traffic, gain
unauthorized access to internal network
resources as well as to the internet.
If router security is not activated or if the
owner deactivates it for convenience, it
creates a free hotspot.
 Security breaching sequence

Find the network

Study its traffic

Study Security
mechanisms

ATTACK!!!!!!!!
(i.e. Decrypt the
packets)
DOS

BEFOREATTACK
 Access point is busy handling attackers request

AFTERATTACK
 Rogue WLANs:- Unauthorized, “rogue” wireless
LANs are clearly a foreseeable internal risk to the
security, confidentiality, and integrity of customer
information.
 Insecure WLANs:- Insecure wireless LANs are a
recognized security risk. While wireless LANs are
often deployed for their productivity benefits,
security is often an afterthought.
 WLAN Policy violation:- WLAN policy violations
are a recognized internal risk to the security,
confidentiality, and integrity of customer
information.
 Network Eavesdropping:- Because wireless
communication is broadcast over radio waves,
eavesdroppers who merely listen to the airwaves
can easily pick up unencrypted messages.
Additionally, messages encrypted with the Wired
Equivalent Privacy (WEP) security protocol.
 Theft of WLAN credentials :-The theft of an
authorized WLAN user’s identity poses one the
greatest threats. Service Set Identifiers (SSIDs) that
act as crude passwords and Media Access Control
(MAC) addresses that act as personal identification
numbers are often used to verify that clients are
authorized to connect with an access point.
Insertion attacks.
Interception & unauthorized monitoring.
Jamming.
Client to client attacks.
Brute force attacks.
Encryption attacks.
Misconfigurations.
 There are three principle ways to secure a
wireless lan .
1.) For closed networks (home users and
organization)configure access restrictions in
the access points.
2.) For commercial providers it should to be
isolated wireless network.
3.) End to end encryption.
A WLAN has some specific advantages:
It is easier to add or move workstations.
It is easier to provide connectivity in areas where it
is difficult to lay cable.
Installation is fast and easy, and it can eliminate
the need to pull cable through walls and ceilings.
Access to the network can be from anywhere within
range of an access point.
Portable or semi permanent buildings can be
connected using a WLAN.
WLANs also have some disadvantages:
As the number of computers using the network
increases, the data transfer rate to each computer will
decrease accordingly.
As standards change, it may be necessary to replace
wireless cards and/or access points.
Lower wireless bandwidth means some applications
such as video streaming will be more effective on a
wired LAN.
Security is more difficult to guarantee and requires
configuration.
Devices will only operate at a limited distance from an
access point.
Like most advances, wireless LANs poses
both opportunities and risks. The technology
can represent a powerful complement to an
organization’s networking capabilities,
enabling increased employee productivity and
reducing IT costs.
 Defense against WPA/ WPA2 attacks
• Extremely Complicated keys can help
• Passphrase should not one from dictionary, so
use uncommon-senseless words.
• Key should be more than 20 chars with
combination of special chars, numbers,
alphabets. Change them at regular intervals.
 Security Checkboxes

1. WPAinstead of WEP
2. WPA2 Enterprise implementation
3. Place APat securedlocation.
4. Centralized authentication & UpdateDrivers
regularly.
5. Changing default SSIDafter Configuring
WLAN
6. Firewall policies & Router accessPassword
 Security Checkboxes(contd…)

1. MAC add. Filtering

2. Encryption at AccessPoint
3. Packet Filtering between AP
4. Network Strength configuration.
5. Use Ipsec’s for encryption on WLANS
6. Check out for Rogue AccessPoints
Wi-Fi Security Auditing Tools

• AirMagnet Wifi Analyzer

• AirDefense
• Adaptive wireless IPS
• ARUBARFProtectWIPS
• And many others…