By Mohammed Alqahtani

1
(802.11) Security

• By Mohammed Alqahtani

2
What is 802.11 ?

• IEEE 802.11 is a set of standards carrying out
  WLAN computer communication in frequency bands.
• 802.11 standards are created by the IEEE
  Standards Committee (IEEE 802).
• Peer-to-peer or via access point
• It is used in most wireless network , in public
  WLAN i.e. Airports, hotels, coffee shops and
  private WLAN.

3
Types of IEEE 802.11

• IEEE 802.11 (1997)
• IEEE 802.11a(1999)
• IEEE 802.11b(1999)
• EEE 802.11g(2003 )
• IEEE 802.11n(currently)

4
Types of IEEE 802.11 Cont

• IEEE 802.11c Developing the interoperability
  between devices
• IEEE 802.11d Support the roaming
• IEEE 802.11e Developing QoS
• IEEE 802.11f to adjust inter-AP hand offs
• IEEE 802.11i Developing WLAN security

5
How it works

• authentication and make association with client
  to the access point must be set prior to
  communicating
• Authentication communications between a
  supplicant software on a client device,
  authenticator (guard) wireless access point
  AP, and authentication server server uses
  RADIUS and EAP protocols.
• The supplicant must identity itself to be
  validated and authorized by sending request
  message user name / password / digital
  certificate to the authenticator.
• -Tithe authenticator forwards the message to the
  authentication server to verify. If the
  information was valid similer to the cop in the
  database the supplicant access to resources
  located on the network .

6
802.11 Vulnerabilities AND Risks

• Key distribution problem Shared key everyone
  has the same key.
• Easy to guess the password if it was generated by
  the key .
• WEP with its known Weak encryption .
•  Insertion attack
• Unauthorized AP on legitimate networks.
• Unauthorized clients i.e. war driving .
• Denial Jamming of service (,flood bogus , radio
  frequency ) .

7
802.11 Vulnerabilities AND Risks 2

• Interception and monitoring of wireless traffic
  
• In WALN must be in the range of WLAN .
• Sniffing usually happens in first part of the
  session password / user name .
• If an attacker get to AP , the attacker can have
  all the traffic because of broadcasting on WLAN
  to each hub.
• Evil Twin An attacker Laure clients to connect
  to another the network by creating unauthorized
  AP nearby the wireless clients ,so the user get
  access to the attackers servers . The clinte
  might send out some significant info .
• Using the traffic possibly get traffic into a
  connection commands on behalf of a trusted user
  to hijack session.

8
802.11 Vulnerabilities AND Risks 3

• ad hoc mode attacks in Client-to-client
• Misconfiguration in SSID all clintes in the AP
  have the same SSID to communicate . Mostly acts
  as a single key or password so that it is weak
  protection.

9
What to do to solve

• Sharing the files as less as you can.
• Using WEP Encryption even it is weak but to make
  it harder to attack .
• Set the AP with Password .
• Using MAC address for allowing the Access and
  control connection .
• The SSID not to broadcast if its possible .
• Avoid setting AP nearby the walls.
• Using RADIUS Remote Authentication Dial In User
  Service .
• Dont use non-upgradable equipment , to catch up
  with updates.
• Use NetStumbler to figure out if there is an
  illegal AP is founded .
• Set AP in DMS , create VPN tunnel to get into
  your network .

10
What to do to solve

• There some useful in the implemented internet .

11
References

• http//en.wikipedia.org/wiki/IEEE_802.11
• http//www.ieee802.org/11/
• http//www.drizzle.com/aboba/IEEE/
• http//www.wardrive.net/
• Wireless LAN Security, 802.11/Wi-Fi
  http//www.wardrive.net/security/links .
• Your 802.11 Wireless Network has No Clothes
  http//www.drizzle.com/aboba/IEEE/wireless.pdf .
• Wireless Network Security 802.11, Bluetooth and
  Handheld Devices http//www.itsec.gov.cn/docs/20
  090507161834185644.pdf
• http//documents.iss.net/whitepapers/wireless_LAN_
  security.pdf
• http//h20331.www2.hp.com/Hpsub/downloads/Wireless
  _Security_rev2.pdf

12
Questions