Transcript Wireless Security - California State University, Dominguez

Wireless Security
Focus on
Encryption
Steps to secure a Wi-Fi Network
Wi-Fi at home
 Using a broadband Internet connection and
a single WAP wired and wireless clients can
access each other and the internet
 non-computer devices can access the
wireless connectivity to other devices or the
Internet
Disadvantages
 Easier to connect remotely (unwanted)
 Encryption protocol can be broken
 Passwords can be forcibly hacked
Tools to Protect a Wireless Network
 WPA/WEP
– Wi-fi Protected Access Point
– Wired Equivalent Protection
 Mac Address Filtering
 Assign Static IP Address
 Good positioning of the Wireless Access
Point/ WAP
WAP/WEP
 Wired Equivalent Protection
– 64 Bit
– 128 Bit
– 256 Bit
Increased Security
Decreased Speed
Wired Equivalent Protection
 24 bit send rate
 Total Size is based on Send rate +
encryption
 64 bits = 24 bit send + 40 bit key
 128 bits = 24 bit send + 104 bit key
 256 bits = 24 bit send + 232 bit key
– Approximately 58 hexadecimal digits
Wired Equivalent Protection
 The larger the key the more intercepted
packets it would take to break
 Warning:
– There are programs that can break these keys
– There are programs that create enough traffic of
packets to break even a 256 bit key
Mac Address Filtering
 All Wireless Cards have Mac address
 Filters can be set to allow or disallow all Mac
address listed
 This mean certain computers can be
blocked
 Or only certain computers can connect
*Note hackers can make fake Mac address to
get on
Assign Static IP Address
 Most users use DHCP technology which
allows the router to assign IP address
automatically upon connection
 This allow hacker easy access with valid IP
address
 By Assigning Static IP address access is
limited to only those valid IP address
Good positioning of the Wireless
Access Point/ WAP
 Wi-Fi signals normally reach to the exterior
of a home. A small amount of "leakage"
outdoors is not a problem, but the further
this signal reaches, the easier it is for others
to detect and exploit. Wi-Fi signals often
reach through neighboring homes and into
streets
Steps to secure a Wi-Fi Network
1) Change the default Administrator
Passowrds
2) Turn on the Encryption Protocols
3) Change the Default SSID
1) This is the Name that will be seen by wireless
devices. Default names tell intruders that the
newtork is being poorly managed and easier
to get into
Steps to secure a Wi-Fi Network
4) Enable MAC Address Filtering, this will
force unwanted guest to use programs to
create fake MAC address.
5) Disable SSID broadcast
1) This is used to create hotspot where client
come and go often. In a home there is usually
a consistent amount of people
Steps to secure a Wi-Fi Network
6) Assign Static IP address to devices
7) Enable Firewalls on Each computer and the
Router
8) Good positioning of the WAP
9) Turn off the network during extended
periods of not being used
Special Thanks Too

Google.com

About.com

Wikipedia.com