Download WLAN Site Surveys and Security Considerations

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Distributed firewall wikipedia , lookup

Registered jack wikipedia , lookup

Wake-on-LAN wikipedia , lookup

IEEE 1355 wikipedia , lookup

Computer security wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Wireless USB wikipedia , lookup

Wi-Fi wikipedia , lookup

Extensible Authentication Protocol wikipedia , lookup

Policies promoting wireless broadband in the United States wikipedia , lookup

IEEE 802.11 wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Wireless security wikipedia , lookup

Transcript
Wireless LAN
Site Surveys and Security Considerations
Gary Zavitz
[email protected]
eLearning…Wired and Wirelessly!
Experience
 WBT and ILT training experience
 Producer, Developer of Virtual Webinars
 Wireless Computing Instructor
 Telecom Management Certification
 Chair of Sheridan College Telecom Alumni Association
eLearning…Wired and Wirelessly!
A Warehouse Without Wires
The client has expanded warehouse
operations into a large area, that lacks
existing wiring. The ceiling is very high, and
the floor is thick concrete. It will be quite
expensive to install traditional data wiring.
They have some fork lifts whose operators
use mobile terminals which need LAN
connectivity.
Think about what type of area this
represents, and what design considerations
might need to be made.
eLearning…Wired and Wirelessly!
Why a site survey?
 Determine actual coverage area
 Determine number of wireless cells needed
 Determine location of access point and/or
wireless servers
eLearning…Wired and Wirelessly!
Wireless – planning considerations
Number of total and simultaneous users
Average and maximum bandwidth needed
Degree of user roaming
Site survey input
Location of AP’s to maximize connectivity and
bandwidth (distance/density/overlap)
 Frequency/channel usage (1,6,11 nonoverlapping)
 Redundancy





eLearning…Wired and Wirelessly!
Barriers and attenuation of signals
RF Barrier description
Air
Wood
Plaster
Synthetic material
Asbestos
Glass
Water
Bricks
Marble
Paper rolls
Concrete
Bulletproof glass
Metal
RF Barrier severity Examples
Minimal
Low
partitions
Low
inner walls
Low
partitions
Low
ceilings
Low
windows
Medium
damp wood , aquarium
Medium
inner and outer walls
Medium
inner walls
High
paper on a roll
High
floors, outer walls
High
security booths
Very high
desks, metal partitions
eLearning…Wired and Wirelessly!
Security Concerns
We are concerned and need
what ever wireless solution
is deployed to be secure.
We’d like to have an easy to
manage, centralized system
for updating keys, and
validating AP’s and clients.
Using MAC based filters at
each of the AP’s is too much
of a hassle.
eLearning…Wired and Wirelessly!
wLAN Security - Wired Equivalency
Privacy
 WEP : symmetric encryption (shared key),
defines method but not how to share and
distribute/manage keys
 RC4 algorithm (40+24 bits keys) WIFI
compliant
 104 + 24 bits proprietary (non IEEE
standard/non WiFi scope) but interoperable
implementations (i.e. Lucent/Cisco, others)
Phy - Header
Preamble
PLCP Header
MAC Header and Payload
MAC Header
Payload
CRC
Encrypted
Init Vector 24 bits
Cyphertext
ICV 32 bits
eLearning…Wired and Wirelessly!
wLAN Security - WEP issue?
 Goal was to address equivalent physical security as with
fixed network
 Should be used with other measures above and beyond to
achieve data privacy
 40 or 104 bit encryption, length of 24 bit init vector, sent as
clear text, was concern of Berkeley article
 Single Key per Network
– multiple keys for Receive to allow key change-over
 Most AP (Cisco, etc.) products support Radius based MAC
authentication
eLearning…Wired and Wirelessly!
Encryption
Wired Equivalent Privacy
 “64 WEP” standard available
– 40-bit secret key + 24-bits Initialization Vector (IV)
– IEEE 802.11 standard
 “128RC4” available
– 104-bit secret key + 24-bits Initialization Vector (IV)
– Not IEEE 802.11 compliant
 When WEP is enabled, Shared Key Authentication is enabled
eLearning…Wired and Wirelessly!
Overview of 802.11b Security
Vulnerabilities








Compromise of encryption key
Theft of hardware is equivalent to theft of key
Packet spoofing, disassociation attack
Rogue AP
Known plain-text attack
Brute force attack
Passive monitoring
Replay attack
eLearning…Wired and Wirelessly!
Wireless – Security
Recommendations
 Change default SSID, password, SNMP settings
 Avoid temping SSID names that identify hacker targets
 Configure as “Closed System” to not broadcast SSID
beacons or answer probes from clients set to “ANY”
 Minimize coverage beyond desired areas
 Use tools for periodic site surveys to spot “rogue” AP’s
 Consider limiting access based on MAC if practical
 Place APs in DMZ based VLAN and have clients VPN in
 Consider IPSec
 AP’s not in public accessible areas
 Address WEP Weaknesses via Key Rotation, 802.1x, WEP 2
(802.11i),VPN Overlay
eLearning…Wired and Wirelessly!
802.1x, Security and Encryption
 802.1x is purely an authentication standard and is a “Standard
for Port Based Network Access Control”
 802.1x applies to wired and wireless networks
 802.1x defines methods for authentication and key distribution
plus other things
 802.1x is usable with currently standardized authentication/key
distribution schemes (i.e. - RADIUS/ Kerberos)
 802.1x is a work in progress
 Usable with currently standardized authentication/key
distribution schemes (i.e. - RADIUS/ Kerberos)
 Does not specify MAC level encryption type (I.e. WEP40/104 or
other), so independent of it
 However, 802.1x can be used to set WEP keys
– Addresses Key Distribution problem
– Permits rapidly changing, individual WEP keys
– WEP is still required for encryption
eLearning…Wired and Wirelessly!
Access Control
RADIUS Access Control (RAC)
 Extension to existing Access Control system to make it
more usable for large networks
 Access Control table does not reside in each Access Point
but in a RADIUS server:
– Server device that communicates with APs using RFC
2138 defined RADIUS protocol definition. (RADIUS =
Remote Authentication Dial-In User Service)
 Network administrator needs to manage one Access
Control table which rather then one for each AP
 RAC will overcome the limitation of the 497 entries that
an AP-based Access Control Table can hold at maximum
eLearning…Wired and Wirelessly!
Secure Wireless LAN Architecture
eLearning…Wired and Wirelessly!
And if you don’t believe secure
wireless communications is
important…
eLearning…Wired and Wirelessly!
eLearning…Wired and Wirelessly!
Thank You
Gary Zavitz
[email protected]
416-347-9251
eLearning…Wired and Wirelessly!