|
|
|
|
WEP (Wireless Equivalent Privacy)
encryption |
|
unique and common shared secrets |
|
changing the shared secret often, key
exchange secured by vendor specific solution |
|
IPSEC / VPN, encrypting traffic on IP
level, the authentication of user to network and the network to user |
|
MAC address access filtering in WLAN
access point (AP) |
|
Vendor specific solutions like Lucent’s
”closed network” setting. |
|
Legislation concerning deliberate
interference of telecommunications |
|
|
|
|
|
There are several known weaknesses in
the structure of WEP encryption |
|
WEP shared secret is useless when it’s
common knowledge |
|
WEP key exchange is not yet a defined
standard, different vendors have implemented their own solution that usually
are not interoperable. |
|
MAC address can be faked very easily
=> additional authentication is required |
|
Radio DoS attacks may only be prevented
by legislation, radio interference from other devices cannot be prevented,
only avoided |
|
The only methods to authenticate radio
network on non-IP level to user are network id (essid) and the possible
shared secret |
|
Replay attacks may be prevented to some
extent with WEP but the network is as vulnerable as every other IP network |
|
|
|
|
|
Network management that can determine
overloaded access points and based on e.g. GPS coordinates of the access
points also pinpoint the area where the disturbance is |
|
Some radio interference can be avoided
by careful radio network planning, using licensed frequencies, |
|
VPN/IPSEC client and security gateway |
|
IPSEC protected traffic between routers |
|
Filters, firewall / class of service
rules, traffic shaping in (wireless) routers |
|
The selection of secure management /
dynamic routing protocol |
|
Filtering out routing/management
protocols in routers that may be potentially dangerous |
|
|
|
|
|
Most of the vendor products available
on market today do not have the features needed to handle the threats or
implement the solutions => need for customized/homemade network elements |
|
VPN IPSEC implementations and their
interoperability (key exchange and authentication) |
|
Faked servers and services can still
cause trouble within one cell => need for network elements that can handle
also this kind of problems, and also need of user education |
|
Double tunneling if two VPNs are used,
one to secure access through radio way and other to connect for example
company intranet |
|
What if some devices / users do / can
not have an interoperable VPN client installed? |
|
How to create and combine public access
to this scenario? |
|
|
|
|
|
|
|
Denial of service attack sources are
more easy to find as the average public access zone may be only one cell,
network management also helps |
|
Public Access Controller (PAC) and
related vendor solutions |
|
use WWW (https) secured authentication
and MAC address based access filtering |
|
the usage of VPN client for corporate
access after the PAC has opened the hole to Internet |
|
limit the access to Internet only to
few ports (WWW, IMAP, etc.) => attacking hosts in Internet does not seem
to be feasible |
|
use real IP addresses if possible |
|
|
|
|
WEP cannot be used |
|
shared keys cannot be used |
|
how to do the WEP key exchange with
multiple vendor products |
|
Authentication |
|
WWW authentication may be the only
feasible method |
|
MAC address by itself is not reliable
nor does every card have a smart card reader embedded into them => more
authentication is needed |
|
Accounting |
|
how to bill random users (paying with
credit card for access)? |
|
combined GSM/WLAN billing is a pretty
good idea, how to do it with every vendor’s card? |
|
VPN trouble |
|
with NAT |
|
interoperability |
|
key distribution is hard |
|
for every terminal there’s not a client |
|
users cannot be ”forced” to use just
one single vendor solution |
|
|
|
Esittele yksi WLAN-verkoissa
käytettävän WEP-algoritmin heikkous ja sitä vastaan toimiva hyökkäys sekä
niiden periaatteet. Miksi heikkous on heikkous ja kuinka hyökkäys käyttää
heikkoutta hyväkseen? |
|
Millä tavoin voit torjua WLAN-verkoissa
radiotien salakuuntelun uhkaa? |
|
Sinulle on annettu tehtäväksi
suunnitella WLAN-pääsyalue yhtiön työntekijöille yhtiön sisäiseen verkkoon,
minkälainen on suunnittelemasi verkon rakenne ja mitä ratkaisuja käytät
tietoturvallisuuden varmistamiseen. Torjutut uhat ja perustelut ratkaisuille
mukaan. |
|
Julkisten pääsyalueiden suojaamisen
IPSEC:llä ja muilla VPN-tekniikoilla liittyy useita ongelmia. Esittele näistä
muutamia. |
|
Tehtävänäsi on suunnitella julkinen
WLAN-pääsyalue Internet-palveluntarjoajan käyttöön. Piirrä pääsyalueen verkon
rakenne laitteineen ja analysoi mitkä turvallisuusuhat olet pystynyt
välttämään, mitä et ja miksi? |