Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Wireless Security_Example v0.2

No description
by

Faham Usman

on 22 May 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Wireless Security_Example v0.2

Information Security
Wireless Security
Awareness Campaign
Agenda
Salim is your Cyber Security Advisor.
Aims at promoting, building and ensuring a safer & secure cyber environment and culture in the UAE.
About aeCERT
One of the initiatives of the UAE Telecommunications Regulatory Authority.
aeCERT is the United Arab Emirates Computer Emergency Response Team.
About aeCERT
Wireless Technology
Wireless Router Security
Best Practices
Stats
Public Wireless Threats
Wireless Network Security Threats
aeCERT
Salim (aeCERT)
@salim_aecert
For more information
www.aecert.ae
info@aecert.ae
Questions
http://blog.botrevolt.com/wireless-network-security-infographic/

Encryption type must match router settings.
User cannot connect to router unless they know the password.
http://blog.botrevolt.com/wireless-network-security-infographic/

80%
http://blog.botrevolt.com/wireless-network-security-infographic/

25% OF
HOUSEHOLDS IN THE WORLD
USE WIRELESS CONNECTIONS
439 MILLION HOUSEHOLDER
IP Spoofing
Unauthorized Client Access
Denial of Service (DoS)
A malicious attacker can use multiple techniques to affect a wireless network after gaining its access such as:
Here is MAC address on your Android Phone
Your phone has an
IP address and a MAC address
BELKIN F5D6130
LINKSYS WRTP54G
NETGEAR DG834G
USER NAME: ADMIN
PASSWORD: PASSWORD
USER NAME: NONE
PASSWORD: MINIAP
USER NAME: ADMIN
PASSWORD: ADMIN
05
04
Evil Twin Access Point
Eavesdropping
A wireless access point that poses as a legitimate access point but is actually a rogue access point used to gather personal and corporate information.

Unauthorized interception of private communication.
03
02
01
MAC Spoofing
Rogue Access Points
War Driving
The process of changing MAC address of a network device on a Network Interface Controller (NIC) card.
An unauthorized access point installed on a secure network which is not managed by the network administrator.
The process of accessing wireless access points while moving in a vehicle using wireless devices such as laptop, smartphone, tablets, etc.
Wireless technology provides simpler and faster way to connect
to network.

Physical cables are inconvenient for end users to manage.

Physical cables provide access control to the network.

Before the age of wireless technology we had to use physical
cables to connect to the internet.

04
03
02
01
Wireless Technology
http://blog.botrevolt.com/wireless-network-security-infographic/

19% USERS CHOOSE WEP
WPA 2
WPA
WEP

POOR

LEVEL OF SECURITY
HIGH

http://blog.botrevolt.com/wireless-network-security-infographic/

1. SOUTH KOREA
5. JAPAN
10. AUSTRALIA
3. GERMANY
7. ITALY
2. UK
4. FRANCE
9. SPAIN
8. USA
6. CANADA
Attacker listens to the sniffed traffic

Out to Internet
Data
Attacker uses hacking software to listen to the traffic
Intended Destination

Smart Phone

Attack Router

Fake Webpage

Change Configuration
in Router
Florida State University Wireless Network
Student accesses homepage of university
Redirected to unethical website
Attacker hacks wireless network of University
My University’s Router
My Neighbor’s Router
Mauro’s Router

Andrea’s Router
A Smartphone
Configured as a Router
Many to choose from if you live in area with many people.
Each router broadcasts its SSID (name)
PC with Cable Connection

Internet

Wireless Router

Smartphone
Radio Signal (2.4 Ghz Or 5 Ghz)

LAN Cable
LAN Cable

Cable or DSL modem
Direct attack on your computer

5

Bandwidth shortages

2

1
1
Service violations

Abuse by malicious users

OVER 100 MILLION PUBLIC WIFI HOTSPOTS
77%
OF THOSE WHO USE FREE WI-FI HAVE EXPERIENCED
CYBER CRIME
http://blog.botrevolt.com/wireless-network-security-infographic/

Disable file sharing, when you are in a public area.

Only connect to trusted Wi-Fi Networks in public areas.

Ensure that all of your confidential activity is encrypted

04
02
01
In public areas like cafés or shops, look for signs telling you which wireless networks are the legitimate ones.

RESTAURANTS

LIBRARIES

HOTELS

MOST POPULAR PUBLIC WI-FI SPOTS
05
04
03
02
Identify users who are authorized to install wireless network infrastructure equipment such as access points, wireless gateways, etc.
Identifying the kind of access required by each user to access the wireless network.
Identifying the users connecting to the wireless network.
02
01
The policy should address the following:

Devising and implementing wireless network security policy is the best security measure in protecting wireless networks.
07
06
05
Change your router password periodically and update the router software frequently.
Be sure to change the default administrative login and password on your Wi-Fi access point at home.
09
08
Make sure any wireless routers or access points you buy support the latest wireless encryption standards such as WPA/WPA2.
Enable MAC address filtering on your Wi-Fi access point and exclude the MAC address of their device(s) from those allowed access.
Enable WPA2 encryption on your Wi-Fi access point
How does Wireless Work?
Wireless Network SSID
Wireless Router Security
Wireless Network Security Threats
This will cause you problems such as:
Anyone with a wireless-enabled computer within range of your wireless access point can access your wireless network.
2
3

4

Monitoring of your activity

Wireless Network Security Threats
Improperly configured access point
Wireless networks can be a security threat due to.
Rogue access points
Ad hoc wireless network
Honey pot access points
Access point MAC spoofing
1
2
3
4
5
Attack: Wifi Hacking with Aircrack-ng
Real Incident
Source: http://www.nydailynews.com/news/national/student-hacks-school-wireless-network-redirects-users-porn-site-article-1.1286260

Mac Address Spoofing attack
Router Redirection
Compromised Wireless Network
MITM (Man in the Middle)
Types of Wireless Threats
Using wireless networks in a public place can expose you to some threats such as:

War Driving
Rogue Access Points
Evil Twin Access Point
02
01
05
Eavesdropping
04
MAC Spoofing
03
Types of Wireless Threats
Types of Wireless Threats
Wireless Security Stats
Wireless Security Stats
Wireless Security Stats
51%
49%
Wireless Security Stats
OF HOUSEHOLDS STILL HAVE THEIR ROUTERS SET ON DEFAULT PASSWORD
Wireless Security Stats
Wireless Security Stats
TYPE OF ENCRYPTION
Wireless Security Stats
Wireless Security Stats
89%
11%
Wireless Security Stats
AIRPORT

Wireless Security Best Practices
03
Wireless Network Security Policy
Wireless Network Security Policy
Defining configuration (software and hardware) for any
device accessing wireless network.
Defining the conditions for using wireless devices.
Defining guidelines on reporting security incidents.
Defining guidelines for using secure method of communication.
01
Segregate the kind of information that can and cannot be shared
over wireless network.
Full transcript