logging in or signing up Wireless Threats Riccardino Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 2944 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 30, 2008 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: aruganesan (17 month(s) ago) the presentation truely worth for any communication expert.kindly allow me to download this or send it tomy mail id aruganesan@hotmail.com a.ganesan,chennai Saving..... Post Reply Close Saving..... Edit Comment Close By: satyajeet.iitr (19 month(s) ago) plz let me download this ppt or you can send it in my mail id satyajeet.iitr@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: sobia8250 (23 month(s) ago) plz u should sent me kindly on Saturday plz plz its urgent plzzzzzzzzzzzzz plz understand me. Saving..... Post Reply Close Saving..... Edit Comment Close By: sobia8250 (23 month(s) ago) please allow me to download wireless ppt plzzzzzzzzzzzzzzzz Saving..... Post Reply Close Saving..... Edit Comment Close By: sobia8250 (23 month(s) ago) plz plz plz send me ur all presentation about wireless system with introduction plzzzzzzzzzzzzz Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript Slide1: Presented bySlide2: Introduction to Wireless. Wireless Threats. Wireless Security Protocols and Cryptography. Security for Wireless Devices. Wireless Technology and Application. Wireless Data Networks. Wireless Standards and Technologies. Wireless Deployment Strategies. Enabling Secure Wireless Access to Data.Slide3: Introduction To Wireless-: History of Wireless Technologies- The 1970s-The First Wireless Networks. The 1980s-Wireless Market Start to Evolve. The 1990s-Wireless Networks Mature. The Mid-1990s-OtherWireless Networks Emerge. The Late 1990s-The Wireless Internet Emerges.Slide4: State of Wireless Industry,2001 Four geographic regions to be reviewed: North America Europe Japan Asia Wireless Threats: Wireless Threats Application s are never totally secure,but you should still investigate the potential risks of wireless technologies.The Uncontrolled Terrain: The Uncontrolled Terrain •Difference between wired and wireless. Eavesdropping: Eavesdropping User Attacker Network access point Figure-:1 Wireless attacker eavesdropping on wireless communicationDsniff-:dsniff is a suite network utilities that may be used to sniff passwords,read e-mail,monitor web traffic,and perform active sniffing. See:http://monkey.org/~dugsong/dsniff: Dsniff-:dsniff is a suite network utilities that may be used to sniff passwords,read e-mail,monitor web traffic,and perform active sniffing. See:http://monkey.org/~dugsong/dsniffCommunications jamming: Communications jamming Jamming occurs when an intentional or unintentional interference over-powers the sender or receiver of a communications link. • An attacker can apply jamming in several ways. Denial of service(DOS) jamming: Denial of service(DOS) jamming Client jamming. Base station jamming.Slide11: User Jammer Network access point Figure2-: Jamming attack on wireless communicationsSlide12: User Jammer Attacker Network access point Figure3-: Jamming attack against client to hijack communicationsSlide13: User Attacker Jammer Network access point Figure4-: Jamming attack against access point to hijack communicationsInjection and Modification of Data: Injection and Modification of Data Injection attack occur when an attacker adds data to an existing connection in order to hijack the connection or maliciously send data or commands. Injection attacks can be used for DOS. Man-in-the-middle Attacks: Man-in-the-middle Attacks Insecure network(internet/wireless LAN) User SSH Server Attacker Connection to attacker Connection to attackerSlide16: Rouge client. Rouge access points. Attacker Network access point Rouge access point UserSlide17: Attack Anonymity What is War Driving ? It is the process of searching for open wireless LANS by driving around a particular area.the name comes from the term “ war dialing,“ which is an old attack method that involves repeatedly dialing different numbers to search for modems and other network entry points. Client-to-Client Attacks-: Once on a network,other network clients can be attacked directly.Slide18: Infrastructure Equipment Attacks-: Infrastructure attack is the prime target for attackers.These are sometimes referred to as stepping stones and can be used to bypass access controls.network devices such as routers,switches,backup servers, and log servers are prime targets.there are many attacks depending on switch,but they break down into three main categories- Switch attacks MAC attacks Router attacks Slide19: Attacker Equipment-: The equipment used by the casual attacker can minimally consist of a wireless network interface. This can either be a Wireless Ethernet network interface card (NIC). GPRS. CDPD(Cellular Digital Packet Data). PCMCIA(Personal Computer Memory Card International Association).Slide20: Roaming Issues-: Major difference between a wireless and wired environment is end point mobility.the concept of roaming on CDMA,GSM and WIRELESS ETHERNET are all very similarSlide21: Cryptographic Threats-: WEP is a cryptographic mechanism designed to provide security for 802.11 networks. CDMA,GSM and Wireless Ethernet networks have employed cryptographic mechanisms in order to deter eavesdropping. An example of the implementation of the RC4 algorithm in WEP has revealed weaknesses that enable an attacker to completely recover the key after capturing minimal network traffic.Slide22: Wireless Security Protocol and Cryptography: One thing how to remove the fear,uncertainty, and doubt,commonly referred to as FDU, in wireless security solutions.Slide23: Equivalent OSI Model & Internet Model OSI Model Internet Model Application layer Presentation layer Session layer Application layer Transport layer Transport layer Network layer Internet layer Data link layer Physical layer Network interface layerSlide24: Cryptography It is the process or skill of communicating in or deciphering secret writings or ciphers. There are three primary areas where cryptography is used to solve security problems: Authentication Encryption Integrity Slide25: SSL/TLS It was originally designed to solve the security problems with web browsers. SSH-: SSH is much like SSL/TLS in operation from a high level. It uses a public-key exchange to secure the initial connection and negotiates a symmetric key for data transfer during the session. Protocol or program ? Terminal Access and File Transfer Port ForwardingSlide26: WTLS It is based on SSL/TLS.WTLS is used by wireless application protocol (WAP) devices. Three classes can be negotiated during the handshake process WTLS class 1 – no certificates WTLS class 2- server certificate only WTLS class 3- client and server certificatesSlide27: WEP WEP is the security mechanism included in the 802.11 standard and is designed to provide confidentiality and authentication services. WEP is based on RC4 algorithm 802.1x It is a layer 2 protocol that can be used to a number of operations. Basic purpose of 802.1x is to authenticate users and can optionally be used to establish encryption keys. When connection is established,only 802.1x traffic is allowed to pass.Slide28: Security Considerations for Wireless Devices Physical Security-: Be Aware Look it Up ¶ Information Leakage. ¶ Device Security Features. ¶ Application Security.Slide29: Detailed Device Analysis Laptops PDAs Handsets Cellular Networks What are the network operator’s primary security goals ? Authentication Privacy Data and voice integrity performance Slide30: What specific security risks and threats must cellular networks contend with ? Network and systems availability Physical protection Fraud GSM Security It is a symmetric key system.GSM uses three security algorithms. A3-:Used to authenticate a handset to a GSM network. A5/1 or A5/2-:A block cipher algorithm used to encrypt voice and data after a successful authentication.A5/1 is primarily used in western Europe;A5/2 is utilized in other parts of world. A8-:Used to generate symmetric encryption keys. Slide31: Wireless Data Network CDPD -:Security Vulnerabilities No mutual authentication Local key storage Mobitex It is a wireless data technology developed by Eriksson.it a packet-based switching technology and capable of throughput rates up to 8 Kbps.Its data is transmitted in 512-bytes blocks .Slide32: GPRS Security Issues-: The single biggest security threat to GPRS is the network’s connection to public networks means that wireless networks are susceptible to attack from the back end. Anther significant is GPRS is packet and IP based. GPRS is now facing threats as wired network DOS IP address spoofingSlide33: WAP security architecture WAP Gateway Internet WAP-enabled Handset Wireless Network CDMA, GSM, TDMA Web server WTLS SSLSlide34: Wireless Standards and Technologies Current and Future Technologies ¬Infraded ¬Radio ¬Spread spectrum ¬Ofdm Slide35: Current and Future StandardsSlide37: IEEE 802.15 TG1 TG2 TH3 TG4Slide38: IEEE 802.16 TG1 TG2 TG3 Slide39: IEEE 802.1X It is an approved standard that provides network port authentication. Basically,the standard defines an authentication framework using a variety of protocols(such as EAP or RADIUS) for all 802-based LANS-both wire and wireless.this technology is already available in windows-xp and with Cisco’s LEAP. KEY ASPECTS-: -Use of 128-bit keys for RC4 data encryption,encryption key rotation,and the blocking of any network activity until after successful user authentication. -also,with 802.1x, there is no need to have static WEP keys distributed to the stations. Slide40: WIRELESS DEPLOYMENT STRATEGIESSlide41: Common Wireless Network Applications Physical security considerations Site survey. Equipment placement. RF containment.Slide42: Network Security Considerations Physical and data link layer security controls Authentication protocol,typical RADIUS Authentication server Ethernet EAP using 802.1x User Access point Figure-: High-level 802.1x diagramSlide43: VPN Tunneling E-mail server VPN Gateway Remote Access User Corporate application Corporate network IPSec Tunnel internet Fig-:VPN architectureSlide44: Intrusion Detection Systems(IDSs) Hub or switch mirror port Fig-: IDS Architecture NIDS Sensor server server server serverSlide45: Enabling Secure Wireless Access to Data Most wireless data services were based on simple informational queries such as stock quotes,weather,traffic and travel schedules. Operators chose these services for several reasons(both business and technical). Consumer demand. Bandwidth. Low security. Informational versus transactional.Slide46: Corporations were attracted to wireless data for five reasons: Improved productivity. Alignment with the growing mobility of customer and employees. Quantifiable return on investment(ROI). Improved customer service. Competitive advantage.Slide47: Planning for Wireless Data Once your organization has decided to offer a wireless data,five key questions should be answered. What is your organization’s current wireless usage ? Are you using multiple carriers for wireless voice services ? What departments,user groups,and geographic regions are currently wirelessly enabled ? What are your top three goals for adding wireless data ? Lastly,how do you plan to measure success ?Slide48: Potential Wireless Application Scenarios Informational query wireless architecture WAP Gateway(Network operator) Internet Content provider SSL/HTML Cell phone or PDA WTLS/WMLSlide49: Transaction Wireless Architecture Wireless Policies Wireless logistics policies. Wireless security policies. Slide50: Wireless Logistics Policies. What criteria are used to define which end user are authorized to utilize cell phones ? Are there any specific restrictions on usage of cell phones ? What happen when cell phone users leave the company,either involuntarily or voluntarily ? Is your organization supporting wireless voice,wireless data,or both ? What training and end-user education will be provided ? Lastly,what are the punishments of abuse or violation of the wireless policy ? Slide51: Wireless security policies Develop procedures for lost or stolen wireless devices. Apply local device protection. Minimize usage of unauthorized wireless devices. Define data encryption procedures. Define data storage procedures. Define authentication procedures. Define synchronization procedures.Slide52: Wireless Future 3G Networks. Overall Success Financial . Revenue diversification. Technical challenges. Expectation management. Closer collaboration. But Wait, There’s More-Introducing Fourth-Generation (4G) Networks.Slide53: 4G has several significant advantages-: Lower cost. Utilizes existing technologies. Simple financial model. Figure-:4G environmentSlide54: PSTN Internet Wireless operator network 2G/2.5G PC wireless modem card 802.11 Interface Wireless Handset Wired Network Internet Wireless LAN Bluetooth or Infrared You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Wireless Threats Riccardino Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 2944 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 30, 2008 This Presentation is Public Favorites: 1 Presentation Description No description available. Comments Posting comment... By: aruganesan (17 month(s) ago) the presentation truely worth for any communication expert.kindly allow me to download this or send it tomy mail id aruganesan@hotmail.com a.ganesan,chennai Saving..... Post Reply Close Saving..... Edit Comment Close By: satyajeet.iitr (19 month(s) ago) plz let me download this ppt or you can send it in my mail id satyajeet.iitr@gmail.com Saving..... Post Reply Close Saving..... Edit Comment Close By: sobia8250 (23 month(s) ago) plz u should sent me kindly on Saturday plz plz its urgent plzzzzzzzzzzzzz plz understand me. Saving..... Post Reply Close Saving..... Edit Comment Close By: sobia8250 (23 month(s) ago) please allow me to download wireless ppt plzzzzzzzzzzzzzzzz Saving..... Post Reply Close Saving..... Edit Comment Close By: sobia8250 (23 month(s) ago) plz plz plz send me ur all presentation about wireless system with introduction plzzzzzzzzzzzzz Saving..... Post Reply Close Saving..... Edit Comment Close loading.... See all Premium member Presentation Transcript Slide1: Presented bySlide2: Introduction to Wireless. Wireless Threats. Wireless Security Protocols and Cryptography. Security for Wireless Devices. Wireless Technology and Application. Wireless Data Networks. Wireless Standards and Technologies. Wireless Deployment Strategies. Enabling Secure Wireless Access to Data.Slide3: Introduction To Wireless-: History of Wireless Technologies- The 1970s-The First Wireless Networks. The 1980s-Wireless Market Start to Evolve. The 1990s-Wireless Networks Mature. The Mid-1990s-OtherWireless Networks Emerge. The Late 1990s-The Wireless Internet Emerges.Slide4: State of Wireless Industry,2001 Four geographic regions to be reviewed: North America Europe Japan Asia Wireless Threats: Wireless Threats Application s are never totally secure,but you should still investigate the potential risks of wireless technologies.The Uncontrolled Terrain: The Uncontrolled Terrain •Difference between wired and wireless. Eavesdropping: Eavesdropping User Attacker Network access point Figure-:1 Wireless attacker eavesdropping on wireless communicationDsniff-:dsniff is a suite network utilities that may be used to sniff passwords,read e-mail,monitor web traffic,and perform active sniffing. See:http://monkey.org/~dugsong/dsniff: Dsniff-:dsniff is a suite network utilities that may be used to sniff passwords,read e-mail,monitor web traffic,and perform active sniffing. See:http://monkey.org/~dugsong/dsniffCommunications jamming: Communications jamming Jamming occurs when an intentional or unintentional interference over-powers the sender or receiver of a communications link. • An attacker can apply jamming in several ways. Denial of service(DOS) jamming: Denial of service(DOS) jamming Client jamming. Base station jamming.Slide11: User Jammer Network access point Figure2-: Jamming attack on wireless communicationsSlide12: User Jammer Attacker Network access point Figure3-: Jamming attack against client to hijack communicationsSlide13: User Attacker Jammer Network access point Figure4-: Jamming attack against access point to hijack communicationsInjection and Modification of Data: Injection and Modification of Data Injection attack occur when an attacker adds data to an existing connection in order to hijack the connection or maliciously send data or commands. Injection attacks can be used for DOS. Man-in-the-middle Attacks: Man-in-the-middle Attacks Insecure network(internet/wireless LAN) User SSH Server Attacker Connection to attacker Connection to attackerSlide16: Rouge client. Rouge access points. Attacker Network access point Rouge access point UserSlide17: Attack Anonymity What is War Driving ? It is the process of searching for open wireless LANS by driving around a particular area.the name comes from the term “ war dialing,“ which is an old attack method that involves repeatedly dialing different numbers to search for modems and other network entry points. Client-to-Client Attacks-: Once on a network,other network clients can be attacked directly.Slide18: Infrastructure Equipment Attacks-: Infrastructure attack is the prime target for attackers.These are sometimes referred to as stepping stones and can be used to bypass access controls.network devices such as routers,switches,backup servers, and log servers are prime targets.there are many attacks depending on switch,but they break down into three main categories- Switch attacks MAC attacks Router attacks Slide19: Attacker Equipment-: The equipment used by the casual attacker can minimally consist of a wireless network interface. This can either be a Wireless Ethernet network interface card (NIC). GPRS. CDPD(Cellular Digital Packet Data). PCMCIA(Personal Computer Memory Card International Association).Slide20: Roaming Issues-: Major difference between a wireless and wired environment is end point mobility.the concept of roaming on CDMA,GSM and WIRELESS ETHERNET are all very similarSlide21: Cryptographic Threats-: WEP is a cryptographic mechanism designed to provide security for 802.11 networks. CDMA,GSM and Wireless Ethernet networks have employed cryptographic mechanisms in order to deter eavesdropping. An example of the implementation of the RC4 algorithm in WEP has revealed weaknesses that enable an attacker to completely recover the key after capturing minimal network traffic.Slide22: Wireless Security Protocol and Cryptography: One thing how to remove the fear,uncertainty, and doubt,commonly referred to as FDU, in wireless security solutions.Slide23: Equivalent OSI Model & Internet Model OSI Model Internet Model Application layer Presentation layer Session layer Application layer Transport layer Transport layer Network layer Internet layer Data link layer Physical layer Network interface layerSlide24: Cryptography It is the process or skill of communicating in or deciphering secret writings or ciphers. There are three primary areas where cryptography is used to solve security problems: Authentication Encryption Integrity Slide25: SSL/TLS It was originally designed to solve the security problems with web browsers. SSH-: SSH is much like SSL/TLS in operation from a high level. It uses a public-key exchange to secure the initial connection and negotiates a symmetric key for data transfer during the session. Protocol or program ? Terminal Access and File Transfer Port ForwardingSlide26: WTLS It is based on SSL/TLS.WTLS is used by wireless application protocol (WAP) devices. Three classes can be negotiated during the handshake process WTLS class 1 – no certificates WTLS class 2- server certificate only WTLS class 3- client and server certificatesSlide27: WEP WEP is the security mechanism included in the 802.11 standard and is designed to provide confidentiality and authentication services. WEP is based on RC4 algorithm 802.1x It is a layer 2 protocol that can be used to a number of operations. Basic purpose of 802.1x is to authenticate users and can optionally be used to establish encryption keys. When connection is established,only 802.1x traffic is allowed to pass.Slide28: Security Considerations for Wireless Devices Physical Security-: Be Aware Look it Up ¶ Information Leakage. ¶ Device Security Features. ¶ Application Security.Slide29: Detailed Device Analysis Laptops PDAs Handsets Cellular Networks What are the network operator’s primary security goals ? Authentication Privacy Data and voice integrity performance Slide30: What specific security risks and threats must cellular networks contend with ? Network and systems availability Physical protection Fraud GSM Security It is a symmetric key system.GSM uses three security algorithms. A3-:Used to authenticate a handset to a GSM network. A5/1 or A5/2-:A block cipher algorithm used to encrypt voice and data after a successful authentication.A5/1 is primarily used in western Europe;A5/2 is utilized in other parts of world. A8-:Used to generate symmetric encryption keys. Slide31: Wireless Data Network CDPD -:Security Vulnerabilities No mutual authentication Local key storage Mobitex It is a wireless data technology developed by Eriksson.it a packet-based switching technology and capable of throughput rates up to 8 Kbps.Its data is transmitted in 512-bytes blocks .Slide32: GPRS Security Issues-: The single biggest security threat to GPRS is the network’s connection to public networks means that wireless networks are susceptible to attack from the back end. Anther significant is GPRS is packet and IP based. GPRS is now facing threats as wired network DOS IP address spoofingSlide33: WAP security architecture WAP Gateway Internet WAP-enabled Handset Wireless Network CDMA, GSM, TDMA Web server WTLS SSLSlide34: Wireless Standards and Technologies Current and Future Technologies ¬Infraded ¬Radio ¬Spread spectrum ¬Ofdm Slide35: Current and Future StandardsSlide37: IEEE 802.15 TG1 TG2 TH3 TG4Slide38: IEEE 802.16 TG1 TG2 TG3 Slide39: IEEE 802.1X It is an approved standard that provides network port authentication. Basically,the standard defines an authentication framework using a variety of protocols(such as EAP or RADIUS) for all 802-based LANS-both wire and wireless.this technology is already available in windows-xp and with Cisco’s LEAP. KEY ASPECTS-: -Use of 128-bit keys for RC4 data encryption,encryption key rotation,and the blocking of any network activity until after successful user authentication. -also,with 802.1x, there is no need to have static WEP keys distributed to the stations. Slide40: WIRELESS DEPLOYMENT STRATEGIESSlide41: Common Wireless Network Applications Physical security considerations Site survey. Equipment placement. RF containment.Slide42: Network Security Considerations Physical and data link layer security controls Authentication protocol,typical RADIUS Authentication server Ethernet EAP using 802.1x User Access point Figure-: High-level 802.1x diagramSlide43: VPN Tunneling E-mail server VPN Gateway Remote Access User Corporate application Corporate network IPSec Tunnel internet Fig-:VPN architectureSlide44: Intrusion Detection Systems(IDSs) Hub or switch mirror port Fig-: IDS Architecture NIDS Sensor server server server serverSlide45: Enabling Secure Wireless Access to Data Most wireless data services were based on simple informational queries such as stock quotes,weather,traffic and travel schedules. Operators chose these services for several reasons(both business and technical). Consumer demand. Bandwidth. Low security. Informational versus transactional.Slide46: Corporations were attracted to wireless data for five reasons: Improved productivity. Alignment with the growing mobility of customer and employees. Quantifiable return on investment(ROI). Improved customer service. Competitive advantage.Slide47: Planning for Wireless Data Once your organization has decided to offer a wireless data,five key questions should be answered. What is your organization’s current wireless usage ? Are you using multiple carriers for wireless voice services ? What departments,user groups,and geographic regions are currently wirelessly enabled ? What are your top three goals for adding wireless data ? Lastly,how do you plan to measure success ?Slide48: Potential Wireless Application Scenarios Informational query wireless architecture WAP Gateway(Network operator) Internet Content provider SSL/HTML Cell phone or PDA WTLS/WMLSlide49: Transaction Wireless Architecture Wireless Policies Wireless logistics policies. Wireless security policies. Slide50: Wireless Logistics Policies. What criteria are used to define which end user are authorized to utilize cell phones ? Are there any specific restrictions on usage of cell phones ? What happen when cell phone users leave the company,either involuntarily or voluntarily ? Is your organization supporting wireless voice,wireless data,or both ? What training and end-user education will be provided ? Lastly,what are the punishments of abuse or violation of the wireless policy ? Slide51: Wireless security policies Develop procedures for lost or stolen wireless devices. Apply local device protection. Minimize usage of unauthorized wireless devices. Define data encryption procedures. Define data storage procedures. Define authentication procedures. Define synchronization procedures.Slide52: Wireless Future 3G Networks. Overall Success Financial . Revenue diversification. Technical challenges. Expectation management. Closer collaboration. But Wait, There’s More-Introducing Fourth-Generation (4G) Networks.Slide53: 4G has several significant advantages-: Lower cost. Utilizes existing technologies. Simple financial model. Figure-:4G environmentSlide54: PSTN Internet Wireless operator network 2G/2.5G PC wireless modem card 802.11 Interface Wireless Handset Wired Network Internet Wireless LAN Bluetooth or Infrared