12_Wireless Security Presentation v6_2003

5/21/2018 12_Wireless Security Presentation v6_2003

1/49

802.11 Wireless Security

John Berti

Senior Manager

Deloitte Security and Privacy Services
http://images.google.ca/imgres?imgurl=www.net4nowt.com/uploaded_images/main_images/wifi.gif&imgrefurl=http://www.net4nowt.com/isp_news/news_article.asp%3FNews_ID%3D1316&h=180&w=300&sz=7&tbnid=jbrf7mBnb3YJ:&tbnh=66&tbnw=110&start=1&prev=/images%3Fq%3Dwifi%26hl%3Den%26lr%3D%26ie%3DUTF-8


2/49

Agenda

Introduction to WirelessWireless NetworksWireless SecurityTop 8 Security Issues with 802.11Security Controls for Wireless NetworksSummary Best PracticesFinal Thoughts


3/49

Introduction to Wireless


4/49

Cell Phones

PDAs

WLANs

The WirelessWorld

Cordless

Phones

Toys

Appliances

http://palmorder.modusmedia.com/P5/P5-80400U.htm


5/49

103Hz

106Hz

109Hz

1012Hz

1015Hz

1018Hz

1021Hz

Radio

Microwave

Infrared

Visible LightUltraviolet

X-Ray

Gamma Rays

http://www.physicsclassroom.com/Class/sound/u11l2a2.gif


6/49

The Radio Frequency Band

0 100 200 300 400 500 600 700 800 900 1GHz 3GHz 5GHz 10GHz

AM Radio (5351605 KHz)

VHF TV (174216 MHz)

FM Radio (88108 MHz)

UHF TV (512806 MHz)

Analog Cellular (824-894 MHz)

Digital Cellular (1850-1900 MHz)

Cordless Phones, Toys (900 MHz)

802.11b,g Bluetooth, Phones (2.4 GHz)

802.11a, g (5 GHz)

Unlicensed Radio Frequencies

Licensed Radio Frequencies

http://www.crtc.gc.ca/eng/welcome.htm


7/49

Wireless Networks


8/49

What is a Wireless Network

Wireless Access

Point

Demilitarized Zone

(Firewall, Web Servers)

Wireless Network

Card

Wireless Laptop

Wireless Phone

Wireless PDA

Internal

NetworkInternal Network

Wireless Networks


9/49

Wireless Network Standards

Bluetooth Intended as a replacement for cables over shorter

distances, with an effective range of up to 10 meters. 1 Mbps Date Rate 2.4 GHz Frequency Band

802.11b Extension to 802.11 Wireless LAN standard 11 Mbps Data Rate 2.4 GHz Frequency Band Digital Sequence Spread Spectrum (DSSS)

Wireless Networks


10/49

Wireless Network Standards

802.11a Extension to 802.11 Wireless LAN standard 54 Mbps Data Rate 5 GHz Frequency Band Orthogonal Frequency Division Multiplexing (OFDM)

802.11g Replacement for 802.11b with higher rate 54 Mbs Data Rate 2.4 GHz and 5 GHz Frequency Bands

Wireless Networks


11/49

Wireless Networks

802.11 Standards Comparison

WirelessStandard

802.11b 802.11a 802.11g

Popularity Widely Adopted Not Very Popular Widely Adopted

Speed 11 Mbps 54 Mbps 54 Mbps

Cost Inexpensive More Expensive Inexpensive

Frequency 2.4 GHz 5 GHz 2.4 GHz

Range 300 1750 ft 60 100 ft 100 150 ft

Public Access

Hotspots availableat most airports,

colleges and somerestaurants and

coffee shops

NoneHotspots readily

available

Compatibility 802.11b 802.11a802.11b802.11g

Comparison Data From http://www.linksys.com/edu/wirelessstandards.asp


12/49

Wireless Networks

Other task groups:

802.11e Quality of Service802.11n 100mb over Wireless802.11s Mesh Networks (Self Healing)

802.11r Fast Hand-off Re-association from AP toAP

802.11p Wi-Fi in moving vehicles


13/49

Wireless Security


14/49

Wireless Security

There are numerous risks associated with wirelesstechnology that could potentially be detrimental toan organization and its wireless infrastructure.

These risks can be categorized into 6 classes:

Eavesdropping;Transitive Trust;Impersonation or masquerading;Denial of Service;

Infrastructure;Device vulnerability;


15/49

802.1xAccess Control Complete and published standard for controlled port access Dynamically generated, session based WEP keys Both session & packet authentication User oriented authentication support Extensible Authentication Protocol (EAP) an extension to

RADIUS servers enabling wireless client authentication to the

wired LAN. Several vendors, like Cisco and 3Com, have already begunmeasures to ensure their implementations comply with thelatest draft of 802.1x standards

802.11iSecurity

100% focus on security Standard completed Provides extensions to current WEP requirements

Authentication algorithm yet to be determined

Advanced Encryption Standard (AES) - block cipher encryption algorithm

Wireless Security


16/49

Wireless Security

Wired Equivalent Privacy (WEP) is the standard for WLAN encryption It is not widely used (50% of networks dont use it) Easily broken It uses shared keys

For more details on WEP Cracking see the paper by Scott Fluhrer, ItsikMantin, and Adi Shamir.http://www.drizzle.com/%7Eaboba/IEEE/rc4_ksaproc.pdf

Newer WLAN equipment will support Wi-Fi Protected Access (WPA)standards Subset of WLAN security standards based on 802.11i working group

WPA TKIP Changing of keys WPA2 - Advanced Encryption Standard (AES)


17/49

Problems with WEP

1. WEP is hardly used!

In this scan donerecently on my wayto work only 15 ofthe 45 access pointsdetected used WEP.

Thats only 33%.

Note: Some of thesenetworks mayactually use othermethods ofencrypting data such

as VPN


18/49

Problems with WEP

2. WEP Can Be Cracked

The IV is sent as plaintext with the encrypted packet. It can besniffed.

XOR is a simple process that can be easily used to deduce anyunknown value if the other two values are known

The first byte of transmitted data is always the same, giving an

attacker knowledge of both the plaintext and ciphertext.(The SNAP header, which equals AA in hex or 170decimal.)

A certain format of IVs are known to be weak. By targetingattacks on packets with weak IVs the amount of data and analysis

needed to derive the shared key is greatly reduced.By combining the above observations about the implementationof WEP, hackers have developed tools that can obtain the sharedkey after collecting approximately 500,000 to 2,000,000 packetswith < 1 minute cracking time.


19/49

Problems with WEP

3. WEP uses a Shared Key

Using shared keys is impractical on large networks

Key management is very difficult (Difficult to ensure keys can beperiodically changed)

Knowledge of the shared key is disseminated

Inevitably someone will incorrectly configure a wireless device

IndexNetwork

Type ESSIDBSSID (MAC

address) Channel Cloaked WEPDataRate

Max SignalStrength

1 Access Point 00:01:xx:xx:xx:xx 11 No Yes 11 62

2 Access Point 00:01:xx:xx:xx:xx 0 No No 0 69

3 probe wlan 00:01:xx:xx:xx:xx 0 No No 11 71

4 probe wlan 00:01:xx:xx:xx:xx 0 No No 11 73

5 unknown wlan 00:01:xx:xx:xx:xx 0 No No 11 60

6 unknown !OUxxxxxx 00:40:xx:xx:xx:xx 6 No No 11 71


20/49

WPA Security

WiFi Protected Access (WPA) originally a temporary answer to flaws inWEP. At the heart of WPA is TKIP (Temporary Key Integrity Protocol) whichuses re-keying to get away from the problems inherent in static WEP.


21/49

WPA Security

Adds authentication through one of two methods1) Pre-shared Key (PSK), which is similar to WEP, fine for small networks2) 802.1x authentication, uses a backend authentication server such asRADIUS


22/49

Top 8 Security Issues with 802.11


23/49

Wireless Lan VulnerabilitiesSubtopics

Detection Eavesdropping Modification Injection

Hijacking WLAN Architecture Radio Frequency

ManagementCorporate

Intranet

Internet


24/49

Detection & Eavesdropping

Detection WLAN will generateand broadcastdetectable radio

waves for a greatdistance

Eavesdropping WLAN signals

extend beyondphysical securityboundaries


25/49

Eavesdropping

Service Set Identifier (SSID) may be broadcasted. SSID string may identify your organization.


26/49

Eavesdropping

Standard Wired Equivalent Privacy (WEP)encryption is often not used. When used, WEP is flawedand vulnerable. Nouser authentication in WEP.

Clear Text Passwords

IP Addresses

Company Data


27/49

Modification, Injection & Hijacking

Modification Standard Wired Equivalent Privacy (WEP)

encryption has no effective integrity protection. Injection

Static WEP keys can be determined by analysis.

Adversaries can attach to the network withoutauthorization. Hijacking

Adversaries can hijack authenticated sessionsprotected only by WEP.


28/49

Security Architecture

Firewall

Internal Network

Internet

DMZ

WLAN Architecture

Rogue AP


29/49

Radio Frequency Management

Poor RF managementwill lead tounnecessary

transmission of yourRF signal intounwanted areas.

Also consider otherdevices which may

cause interference.

Building A

Parking Lot

Wireless LAN Security Controls


30/49

Wireless LAN Security ControlsSubtopics

1. SSID Broadcasting2. MAC Address Filtering3. Security Architecture4. Radio Frequency Management

5. Encryption6. Authentication7. New Wireless LAN Security Protocols


31/49

SSID Broadcasting

Disablethe broadcasting of the SSID.Not possible on all Access PointsEasily bypassed

Only useful on low-value networksSSID should also not be easily correlated toyour organization name


32/49

MAC Address Filtering

Some Access Points allow the administratorto specify which link layer (MAC) addressescan attach.

EasilybypassedDoes not scaleOnly useful for low-value networks


33/49

Security Architecture

Firewall

Internal Network

Internet DMZ (VPN Server)

DMZ (VPN Server)

Firewall


34/49

Radio Frequency Management

Building A

Parking Lot

Use a scanner to determine yourRF footprintMonitor interference sources


35/49

Wireless Encryption

Static WEP keys are insufficientfor manynetworksNew secure protocols exist for WLANprotection

Layered VPNis a common solution for WLANnetworks


36/49

Subtopics

Wireless LAN Security Mechanisms:

Access Control Authentication Encryption Integrity

802.11 Wireless LAN Security Protocols: 802.1X / Dynamic WEP Wi-Fi Protected Access (WPA) Wi-Fi Protected Access 2 (WPA2)


37/49

Authentication

Wireless LAN needs an authenticated key exchangemechanism

Most secure WLAN implementations use ExtensibleAuthentication Protocol (EAP)

Many EAP methodsare availableOne factorinclude EAP-MD5, LEAP, PEAP-MSCHAP,

TTLS-MSCHAP, EAP-SIMTwo factormethods include EAP-TLS, TTLS withOTP, and PEAP-GTC

Need mutual authentication


38/49

Encryption

Static WEPDynamic WEPTemporal Key Integrity Protocol (TKIP)Uses RC4Stream Cipher with 128 bit per-packetkeys

Counter-Mode-CBC-MAC Protocol (CCMP)Uses Advanced Encryption Standard (AES) with128 bit keys


39/49

Integrity Protection

WEP has no cryptographically strongintegrityprotectionTKIP uses a new Message Integrity Codecalled Michael

CCMP uses AESin CBC-MAC mode


40/49

802.11 Security Solutions

802.1xDynamic WEP

Wi-FiProtectedAccess

Wi-FiProtectedAccess 2

Access Control 802.1X 802.1X or Pre-

Shared Key

802.1X or Pre-

Shared Key

Authentication EAP methods EAP methodsor Pre-SharedKey

EAP methodsor Pre-SharedKey

Encryption WEP TKIP (RC4) CCMP (AESCounter Mode)

Integrity None Michael MIC CCMP (AESCBC-MAC)


41/49

Tools and Techniques


42/49

Hacker Tools and Techniques

Discovery

Association Polling Set SSID to Any on Client Card automatically associates with the strongest AP Default setting for most wireless clients

* Reason that Fake APs are a threat to unsuspecting clients

Scan Mode Polling Send a Scan Request to the card, receive a Scan response back with AP info Card keeps track of received beacon packets and probe requests Will detect both APs as well as adhoc networks Will only detects Access Points that are configured to Beacon the SSID Technique used by Netstumbler


43/49


Discovery

Monitor Mode Protocol Analysis Sets card into monitor mode and analyzes beacons and probes Will detect closed APs & wireless nodes Allows access to information such as SSID, Authentication Mechanisms,

Encryption Types, Speeds, etc. Used by tools like Kismet


44/49


Discovery Tools

Netstumbler Latest version of NetStumbler requires Windows 2000, Windows XP, orbetter.

The Proxim models 8410-WD and 8420-WD are known to work. The8410-WD has also been sold as the Dell TrueMobile 1150, CompaqWL110, Avaya Wireless 802.11b PC Card, and others.

Most cards based on the Intersil Prism/Prism2 chip set also work. Most 802.11b, 802.11a and 802.11g wireless LAN adapters should

work on Windows XP. Some may work on Windows 2000 too. Many ofthem report inaccurate Signal strength, and if using the "NDIS 5.1"card access method then Noise level will not be reported.


45/49


Discovery Tools

Kismet Runs on Linux Cards must be capable of running in RF-Monitor Mode Can also be setup with drones to use it as a wireless intrusion

detection solution.
http://www.kismetwireless.net/index.shtml


46/49

Summary Best Practices


47/49

Summary Best Practices

Understand and respect the fact that WLANs are difficult to manage

Implement WLAN policies and management processes Treat your WLAN like the Internet and run a VPN connection over it Change the default vendor-set SSID for access points and for WLAN

terminals Use Port access-control to protect WLANs from unauthorized access Use at least WEP encryption (128-bit ), and some other access control

mechanism (RADIUS) Ensure that access points are not broadcasting their SSIDs Scan for, and make it known to employees that they are not permitted

to install rogue access points Utilize WLAN network cards that support password-protection of

attribute changes Deploy real-time, content-level security measures (such as antivirus

firewalls) in conjunction with each WLAN access point


48/49

Deployment Considerations

Site Survey Think vertical and horizontal!

Layer Security Secure Access Point Use Secure Protocols (802.1x, IPSEC, SSL, etc) Access Controls

Logging, Monitoring, and Alerting Mechanisms How do you know you are being attacked?

Education and Awareness


49/49

12_Wireless Security Presentation v6_2003

Documents

Transcript of 12_Wireless Security Presentation v6_2003