Increasing Security for Wired and Wireless Networks
-
Upload
jian-lastino -
Category
Documents
-
view
213 -
download
0
Transcript of Increasing Security for Wired and Wireless Networks
-
7/24/2019 Increasing Security for Wired and Wireless Networks
1/11
Increasing Security For WireWireless Networks
DELA CRUZ, LASTINO , LIM , PADRONES
-
7/24/2019 Increasing Security for Wired and Wireless Networks
2/11
Introduction
Since the start of the digital age ,network security has been one of the
aspects of system administration . The purpose of network security is to protect the network and its comp
unauthorized access and misuse. An unsecured network may suffer from :
Data LossIdentity TheftReduced System PerformanceUnreliable ConnectivityUnauthorized Access
-
7/24/2019 Increasing Security for Wired and Wireless Networks
3/11
Outline
Security Measures For Wired and Wireless Networks SSID Hiding MAC ID Filtering 802.11i Security (WPA2 Encryption) End to End Encryption Software Tokens RF Shielding
Best Practices for Home NetworksBest Practices for Commercial/Enterprise Networks
-
7/24/2019 Increasing Security for Wired and Wireless Networks
4/11
Service Set Identifier (SSID) Hiding
Security : Low
Disables Broadcasting of SSID (Access Point Name) Simply configured at router Hidden SSIDs can be discovered by software such as NetStumbler Applied to Wireless Connections Connecting to hidden access points is tedious
-
7/24/2019 Increasing Security for Wired and Wireless Networks
5/11
MAC ID Filtering
Security : Low
Blocks unwanted users from accessing your network Configured at router
WLAN administrator must configure the list of clients that will be allowed
Can be easily bypassed using spoofing MAC spoofing is a technique to change a factory-assigned MAC addre
Tedious
-
7/24/2019 Increasing Security for Wired and Wireless Networks
6/11
802.11i Protocol
Security : Low
Has WPA and WPA2 Encryption Wifi Alliance Wi-Fi Protected Access (WPA) -
Key mixing function to generate per packet key Sequence Number to protect against reply attack 64-bit message integrity check (MIC) Uses the same RC4 encryption
Robust Security Network (RSN) or WPA2 Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) AES encryption with counter mode
-
7/24/2019 Increasing Security for Wired and Wireless Networks
7/11
End to End Encryption
Security : Medium
Encryption done at Application Layer. Makes use of Application Layer protocols such as SSH and SSL. Must make use of strong, user-defined passwords.
SSH - Secure Shell . Uses username/password authentication for conneestablishment.
SSL - Secure Socket Layer. Used to connect to secure servers for transfe
information.
-
7/24/2019 Increasing Security for Wired and Wireless Networks
8/11
USB Tokens
Security: High
Physical devices that authenticates users to access to wireless network Generates encrypted keys that are time synced with authentication se Expensive These portable tokens plug into a computers USB port either directly o
extension cable. When users attempt to login to applications via the dVPN/WLAN or Web portal, they will be prompted to enter their unique the entered PIN number matches the PIN within the USB Token, the ap
digital credentials are passed to the network and access is granted. Pstored on the token are encrypted for added security.
-
7/24/2019 Increasing Security for Wired and Wireless Networks
9/11
RF Shielding
Security: High
Applying specialized wall paint that attenuates wifi signal. Ideal for enterprise applications Prevents intruders from receiving signals from non-controlled areas ( pa
-
7/24/2019 Increasing Security for Wired and Wireless Networks
10/11
Best Practices For Home Networks
Use wired connections as much as possible
Use MAC Filtering (best for wired) Turn on Firewall for every device if possible Use WPA2 Encryption for wireless access points Update Anti-Virus software and other threat detection software
-
7/24/2019 Increasing Security for Wired and Wireless Networks
11/11
Best Practices For Commercial/Enterprise Networks
Use strong Encryption and Authentication Physically Secure the APs (Access Points) Physically Secure the network Keep the network up-to-date Train Employees about data security Implement Network Access Control across all workstations