Wireless Secuity and Design

1
Wireless Secuity and Design

• Introductions
• Mike Danahy and Steve Mylander
• Today
• Wireless design
• Part I Wireless Fundamentals
• Part II Wireless Threats
• Part III Tools of the Trade
• Part IV Wireless Security

2
Wireless Design and Security

• Wireless Funamentals
• Taken from the book Maximum Wireless Security
  by Cyrus Peikari Seth Fogie
• Access Points
• WAP11 SOHO (Small Office and Home Office) AP
• Really like this AP because it has 2 antenas.
• Setup Almost all APS are the same on ip address
• 192.168.0.1, admin for the login and admin for
  the password
• CHANGE THIS IMMEDIATELY
• do not need to change it to work off the shelf
  philosophy

3
Wireless Design and Security

• Wireless Funamentals
• Antennas
• HEART AND SOUL OF YOUR WIRELESS
• Hertz unit to measure radio frequency coming off
  of an antenna.
• One Frequency or hertz is the number of waves
  propogated in one second.
• FM Radio station using 103.5 mega Hertz or 103.5
  mhz is a wave of 103,500,000
• AM Redio Station 1050 AM is 1,050,000 herts or
  1050 khz
• Lower the frequency the longer the distance.

4
Wireless Design and Security

• Wireless Funamentals
• Antennas
• In many situations, a lower power signal
  transmitted using a good antenna can arrive at
  its destination with more accuracy than a
  high-powered signal transmitted using a poor
  antenna. Antennas are rated by the amount of gain
  that they provide
• GAIN is the increase in power you get by using a
  directional antenna
• GAIN Measured in db or deciblesdbi and dbd
• CB antena compared to 2.4ghz antenna 34' and 2.2'

5
Wireless Design and Security

• Wireless Funamentals
• Antennas
• In wireless there are 2 types of antennas
• OMNI-Directional and Directional
• Flashlight analogy
• OMNI-Directional are not truly Omni-directional
• great for covering a wide area (not long)?
• SMISMCO10 is an omni-directional antenna designed
  for medium- to long-range multipoint applications
• TechnoLab Log Periodic Yagi at
  http//www.technolab-inc.com/
• http//www.youtube.com/watch?vhNFKbcJ_WK8
• http//www.metacafe.com/watch/837885/wifi_antenna_
  hack

6
Wireless Design and Security

• Wireless Funamentals
• Antennas
• Directional Antennas are great for Focusing
• point to point connection
• SigMax Circular Yagi Signull SMISMCY12. This
  Yagi antenna from TechnoLab is truly one of a
  kind. Its low profile and small design make it a
  great indoor directional antenna. In addition, by
  placing this antenna on the outer perimeter of a
  building, you can easily create
  building-to-building links.
• http//www.engadget.com/2005/11/15/how-to-build-a-
  wifi-biquad-dish-antenna
• http//www.l-com.com/item.aspx?id22571
• http//www.youtube.com/watch?vkq3htRMNmssfeature
  related

7
Wireless Design and Security

• Wireless Funamentals
• Antennas
• Directional Antennas are great for Focusing
• DON'T MAKE YOUR OWN
• Purchase Aps with attached antennas
• Purchase a recommended antenna
• PRE and POST tests.

8
Wireless Design and Security

• Wireless Fundamentals
• 802.11 Protocol
• Defines all wifi or wireless standards for data
  communications.
• 802.1a The first wireless standard
• Operates at the 5 ghz range
• Sunset now. Not enough distance.
• FHSS (Frequency Hoping Spread Spectrum)?
• DSSS (Direct-sequence Spread Spectrum)?
• There is a difference
• Bluetooth (fhss)?
• 802.1b-802.1g Most widely used today
• 802.1n Discussion on Ratification
• NOTE please change this to 802.1i with 802.1x
  being the authentication component and the 802.1n
  being the actual wireless radio on top of it all.

9
Wireless Design and Security

• Wireless Fundamentals
• Interference
• the 1 6 11 rule
• some aps adjust automatically can be good
• interference from
• bluetooth.
• microwaves and mobile phones (not cell phones)?
• other
• demands the use of spread spectrum analyzer
• placement of the aps.
• other (discussion)?

10
Wireless Design and Security

• Wireless Security
• EVERYTHING IS BASED ON 5 SECURITY PRINCIPLES
• CONFIDENTIALITY Render the information
  un-intelligible except by authorized entities.
• INTEGRITY Data has not been altered in an
  unauthorized manner since it was created,
  transmitted or stored
• AUTHENTICATION Verify the identity of the user
  or system that created information
• AUTHORIZATION upon proving identity, the
  individual is then provided with the key or
  password that will allow access to some resources
• NON-REPUDIATION Ensures that the sender cannot
  deny sending the message

11
Wireless Design and Security

• Wireless Security
• EVERYTHING IS BASED ON THESE 5 PRINCIPLES
• PKI or Public Key Infrastructure
• symmetric vs asymmetric keys
• Public, Private keys and certificates.
• an explanation maybe
• WEP
• Only does one known symmetric key between AP and
  user.
• very week IV (initialization vector) and no data
  integrity.
• Want WEP safer with WEP key IV value MAC
  Address (tkip).
• temporal key integrity protocol.

12
Wireless Design and Security

• Wireless Security
• WEP continued
• DEMO on hacking pretty easy
• http//ethicalhack.org/vids/kismac-vid.php
• https//www.grc.com/passwords.htm
• kismac and others will also crack WPS encryption
• Remember password length does not matter with wep
  and it is everything in WPA or enhanced WEP
• 802.1n will take in Confidence, Integrity,
  Authentication, Authorization and
  non-repudiation.
• 802.1x
• demands the use of a radius server (Well almost).