50[ CALL US! 770.441.9999 ] GET our Great Expertise and Personal Service -- Just e-mail ANY competitor quote to sales@datatel360.com and DataTel 360 will BEAT it by 5% or more. Partner with DataTel 360 NOW! [ 770.441.9999 ] RENT, Yes Rent via our Managed IT Services ANY technology on the market today. We are here to be of assistance. "We are manufacturer-neutral and application specific. Our experienced certified engineers deploy and support our “complete voice & data solutions” worldwide. Celebrating 12 years of excellence. [ Subcontract work always welcomed! ] JOIN one of our Zultys Webinars, see http://datatel360.eventbrite.com/ for Details! >>>[ 770.441.9999 ] Managed IT and Telecom Services.... Anytime. Anywhere!

Request Quote or Get Help NOW!

* indicates required
() - (###) ###-####
() - (###) ###-####
My Interest?

View previous campaigns.

Events

Dial Tone/Internet

A Single Point of Contact for All Your Telecom Needs

Today's telecom industry offers more choices than ever before: traditional and basic business line (POTS), switched long distance, dedicated long distance, DSL, integrated T1, PRI SIP, Trunking, Metro E, MPLS, and DS3...But as the list keeps growing, this multitude of options can start to seem like too much of a good thing.

click below for real time quotes


If you're not sure which services are the best fit for your budget and business requirements, DataTel 360 can help.

Our certified staff of telecom consultants can do it all: analyze your needs, negotiate the best deal, manage the installation of your telecom services, and audit your billing.
«  
  »

Debunking Wireless Urban Legends, Part I – Wireless Networks Are Intrinsically Insecure

Securing a wireless network is serious business for any IT professional, but how secure do you need to be to truly protect your network from being attacked and ultimately compromised, and which techniques will best afford the desired results? WEP, WPA PSK, WPA Enterprise, WPA2 PSK, WPA2 Enterprise; with all of the wireless security standards and options available and conflicting advice of supposed wireless experts, it’s no wonder confusion reigns supreme resulting in the perpetuation of urban legends. To develop a comprehensive wireless security plan, it is essential to know the facts, so we will first discuss the various wireless security options available.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle. – Sun Tzu

Wireless security options

  • WEP (Wired Equivalent Privacy) – A deprecated wireless security protocol initially introduced in 1999 to secure 802.11 wireless networks. In 2001, many serious cryptological weaknesses were identified resulting in WEP being compromised within a matter of minutes.
  • WPA (WiFi Protected Access) – A wireless security system developed in response to the weaknesses of WEP. WPA was designed to replace WEP while the full security standard (802.11i) was being developed in the form of WPA2. WPA implements the majority of the 802.11i standard and was specifically designed to work with first generation (pre-WPA standard) wireless network interface cards.
  • WPA2 (802.11i – WiFi Protected Access) – A wireless security system utilizing the full mandatory elements of the IEEE 802.11i standard. WPA2 employs a new AES-based algorithm, CCMP, which is considered fully secure. WPA2 will not work with some older network cards.
  • PSK (Pre Shared Key) – A “shared secret” which is shared between two parties using some secured channel prior to use. PSKs may be from 8 to 63 printable ASCII characters or 64 hexadecimal digits and may be used in the following forms;
    • Password – dog679leg
    • Passphrase – Spiderman beat Batman in 1994
    • Hexadecimal string – 4E102AB2511CEE541
  • Enterprise (802.1x RADIUS authentication) – Enterprise is meant for use with an 802.1x authentication (RADIUS) server, which distributes different keys to each user after authenticating credentials. This is the most secure wireless networking technology in existence today.

Urban Legend: WEP can be cracked in a matter of minutesStatus: True

Details: Early in 2001, Ian Goldberg, a cryptologist at Montreal-based security and privacy software developer Zero-Knowledge Systems Inc., along with researchers at the University of California, Berkeley, uncovered flaws in the IEEE 802.11 standard allowing them to read WEP-protected traffic, inject traffic onto WEP-protected networks, and modify WEP-protected data. Essentially WEP is assumed to be cracked now.

Solution: Never use WEP! If for some reason you have to, add additional layers of security such as virtual private networks (VPN) or the IPSec security protocol, before allowing data to cross from a wireless network to a secure corporate system.

Urban Legend: WPA PSK & WPA2 PSK have also been cracked in a matter of minutes

Status: False

Details: When people refer to WPA being cracked, they are referring to one of two known exploits relating to the WiFi Protected Access (WPA) security standard.

The most recent exploit documented in late 2008 has to do with a TKIP (Temporal Key Integrity Protocol) algorithmflaw that was inherited from backward compatibility with WEP. This TKIP flaw allows an attack that decrypts short individual packets in 12-15 minutes and, using a QoS flaw, replay those packets with modified data.The hackercan’t crack and view all the traffic butwould probablybe ableto performARP/DNS spoofing/poisoning. This is not a WPA crack but an encryption method exploit. Luckily WPA supports two encryption methods, TKIP and AES (CCMP).

Solution: While the TKIP exploit is not very serious, the use of AES (CCMP) removes any threat of this attack.

Prior to the TKIP exploit, In late 2004, many headlines stated incorrectly that WPA had been cracked. In reality, the standard had never been cracked, but the WPA PSK implementation with a weak “shared secret” had been cracked. Here is how it works; a hacker uses a tool to scan the wireless airwaves for access points and wireless clients. When he finds a wireless client, he kicks him off the target access point by injecting DeAuth packets between them. Then the hacker watches as the client re-associates, completing the handshake with the access point. In doing so, he recovers the encrypted “shared secret” (The PSK). Now the hacker has captured the encrypted key file on his computer, but he must use a brute force dictionary attack to actually get a working PSK and gain access to network resources.

A dictionary attack varies from a brute force attack slightly. Where a brute force will simply try every combination of characters in a password, a dictionary attack will use a list of common words and pass phrases first to try and guess a password. The hacker will most likely try a dictionary attack first hoping for a quick break. If the password is randomly generated, he will be forced to use the brute force method.

The time it takes a brute force attack to guess a password is a function of the computing power (Number of attempts per second), and the length of the random password. For instance, if a hacker can test 100 words per second, and you used a single character random password consisting of a-z, A-Z, and 1-0 (72 characters) it would take approximately .72 seconds to crack it.

72^1 character combinations / 100 character combinations per second = .72 seconds

If we move form a single character to an eight character random password we get the following

72^8 character combinations / 100 character combinations per second = 7222041363087.36 seconds or approximately 319,849 years.

Once the hacker has successfully guessed your password, he will have the plain text PSK and will be able to freely access your network resources.

Solution: If you use WPA or PWA2 PSK, make sure you use a long random key. Most experts recommend a 20 character key for minimum security, but you may use a key up to 63 characters long for very high security. There are many random WPA key generators on line, use one to ensure a truly random key. Finally, rotate your keys annually, this will ensure your WPA PSK network is very secure.

Urban Legend: Using “wireless LAN best practices” such as SSID suppression, MAC address filtering. Static IP address schemes and RF signal suppression makes my network even more secure.

Status: False

Details: Many so called wireless experts would have you believe that using widely published “wireless LAN best practices” in conjunction with 802.11 wireless security measures will make your network even more secure by making it harder to detect or creating multi-layered security. These practices include;

  • SSID suppression
  • MAC address filtering
  • Static IP address schemes
  • RF signal suppression or shaping

The fact is that an experienced hacker using freely available hacking tools will automatically defeat these measures in a matter of seconds. In reality, there is no layered security and these measures only create a false sense of security and cost valuable IT resources.

In addition to this, SSID suppression can make your wireless network less secure because it forces your wireless clients to actively probe for the SSID, broadcasting continuously wherever you go. This can make you vulnerable to an evil twin attack or data seepage, which gives valuable information that can be used by a hacker in social engineering.

Solution: Don’t waste time or resources on these “wireless LAN best practices”, they will not help secure your network, and may even make your network less secure in the end.

Urban Legend:Our wireless infrastructure is the most vulnerable segment of our network.

Status: Most likely false

Details: In nearly every site I have worked on, the most vulnerable segment of the network has universally been the hard wired copper/fiber segment.

  • Physical Security -It is infinitely easier to plug a device into an unsecured switch than it is to break wireless encryption schemes, and in most sites, finding an unsecured switch is child’s play. Any hacker worth his or hersalt will be able to gain access to your network once given physical access to your network devices (Switches/Firewalls/Routers).
  • Outdated Firmware/Extraneous Services - An unpatched network appliance, server, or workstationwith a connection to the Internet is a siren’s call to malicious hackers. Mostexploiteddevicesthat I have seen have been the result of system administrators notdiligently patching their appliances (Servers/Switches/Firewalls/Routers)and/or leaving unnecessary services running in the background to be exploited.
  • Weak Passwords/Social Engineering - Many hackers prefer to attack what they consider theAchilles heel in most organizations directly either through brute force dictionary attacks, phishing &dumpster diving. Weak password policies allow users to keep easy-to-remember passwords for years for convenience sake resulting in easy access for hackers with the will and determination to methodicallygather information via social engineering.
  • Remote Users VPN Connection To Network With Compromised Workstation – No matter how secure you make your network, it is only as secure asthe leasthardened segment; and for most organizations that segment resides in the homes of their off-site employees. An off-site employee’s laptop or workstation may suffer from a lack of security patches, weak passwords, vulnerability to phishing and other social engineering attacks. As a result, a potentially compromised workstation may be allowed unfettered access to asecure network’s resources whenever a VPN connection is established.

Solution: Department IT policies are ineffective if not followed stringently and ubiquitously. Implementation of strong security policies can mitigate these weaknesses makinga hardenedwireless network the weakest segment of your network.

In conclusion, a wireless network can be effectively secured using either WPA or WPA2 Enterprise or WPA or WPA2 PSK with a randomly generated key of 20 characters. Anyone who tells you anything else is just perpetuating a wireless urban legend.

Author: Lawrence Allhands
Article Source: EzineArticles.com
Provided by: Programmable Pressure Cooker

Related posts:

  1. Advantages of Wireless (Wi-Fi) Networks Over Wired LAN Networks
  2. Wireless Security GSM – LAN and Wi-Fi Networks
  3. Wireless Networks – The Main Problems And How To Avoid Them
  4. Wireless Networking Made Easy – Learn How To Setup a Wireless Network At Home – Part One Of Three
  5. Setting Up a Secure Wireless Network – Part 3
January 30th, 2010 | Category: cabling atlanta

You must be logged in to post a comment.