Post on 20-Jan-2016
Securing your wireless LANSecuring your wireless LAN
Paul DeBeasiVP Marketing
Email: pdebeasi@legra.com
Pop quiz At the end of this presentation you will…
A. Think you are an expert in all aspects of wireless security.
B. Decide that WLANs can never be secure enough for enterprise deployment.
C. Become aware of WLAN security risks and approaches for risk mitigation.
D. Need a no-whip, triple-shot, cappuccino.
Wireless vulnerabilities
• Theft of service– No security – Key derivation – MAC spoofing– Rogue WLANs – Default SSID– Ad-hoc networks
• Session hijacking – Man in the middle attacks
• Deny/degrade service– RF interference/jam– Bit flipping– Disassociation attack – EAP attacks
• Network eavesdropping – RF Monitors
• Infrastructure attack– Default passwords
Security Concepts
Authentication
Something you are, you have, you know
Data Privacy
Keeping your data hidden from prying eyes
Data Integrity
Prevent data tampering
Authorization
Control access to network resources
Evolution of WLAN security
WEP
• Wired Equivalent Privacy– Protect from eavesdropping
• “Good enough” privacy– U.S. export control law
restrictions in 1999
• Network-wide shared key– All packets encrypted
IV(24 bits)
WEP Key(40 or 104 bits)
RC4
Key stream
Clear text
XOREncrypted text
What’s wrong with WEP? (a lot!)
• Turned off by default– Plug and praypray mobility
• Authentication– No user authentication
• Encryption– WEP key can be broken in a few hours
• Data integrity– CRC (cyclic redundancy check) susceptible to bit flipping
• Difficult to update keys– Must manually change every station
WEP/802.11 recommendations • Turn on WEP
– Better than no security at all
• Change default SSID – And, don’t use a name like “finance-network”
• Disable SSID beaconing – Make it difficult for attackers to find your WLANs
• Change default key– And, change the key frequently
• Use MAC address filtering – More useful for small deployments
Evolution of WLAN security
802.1x and EAP
Campus
Network
Authentication Server
Supplicant Authenticator
• 802.1x defines EAPOL (Extensible Authentication Protocol over LAN)
– Provides centralized authentication and dynamic key exchange
– EAP packets carried at the MAC layer, embedded in RADIUS commands
• EAP is extensible
– Most common examples: EAP-TLS, EAP-TTLS, EAP-LEAP, EAP-PEAP
EAPOL RADIUS
EAP- (TLS, TTLS, PEAP, LEAP)
802.1x and EAP – benefits
• Centralized authentication – Per user authentication and resource allocation – Authentication server and supplicant authenticate each other– Effectively eliminates Man-in-the-middle attacks
• Centralized key management – Derived unique per user session key
• Centralized policy control– Session time-out and automatic key redistribution (“dynamic WEP”)– VLAN assigned by the Authentication server
Campus
Network
Authentication Server
Supplicant Authenticator
EAP Types – variations on a theme• EAP over TLS (EAP-TLS)
– IETF standard (RFC 2716)– Uses digital certificates for both user and server
• EAP over Tunneled TLS (EAP-TTLS)– IETF draft (Funk), only the server needs to have a certificate – Supports password or token based authentication within a protected tunnel
• Protected EAP (PEAP)– IETF draft (Cisco, Microsoft, RSA), only the server needs to have a certificate – Supports various EAP-encapsulation methods within a protected tunnel
• Cisco LEAP– Proprietary solution for mutual authentication – Supports various EAP-encapsulation methods within a protected tunnel– Vulnerable to ASLEAP dictionary attack
Virtual private networks
• An alternative approach– Treats wireless as an “un-trusted” network – IETF standard - layer 3 authentication & encryption
• Challenges– Vulnerable at layer 2
• Rogue AP• Layer 2 session hijacking • DOS attacks against wireless stations or VPN device
– Can be difficult to manage and to scale
Campus
Network
VPN ServerClient software
IPSec
Comparing the options TLS TTLS PEAP LEAP IPSec
Encrypt RC4 RC4 RC4 RC4 3DES/AES
User Keys Yes Yes Yes Yes Yes
Client software
Many FUNK, MeetingH
Many Cisco Many
Auth. Server software
Many FUNK, MeetingH
Many Cisco Many
Client certificates
Req. Optional Optional No Optional
Server certificates
Req. Req. Req. No Optional
Cisco, Microsoft,RSA supported
802.1x and VLANs
• Centralized policy control– Per-user VLAN Policy improves traffic control
– Timer-based key rotation reduce WEP key risk
Wireless switch
Engineering
Marketing
Engineering
Marketing
MarketingEngineering
Authentication Server
- VLAN ID- re-key
802.1x, VLAN, VPN & EAP Recommendations
• 802.1x– Strongly recommended to deploy 802.1x– Provides centralized management/policy control
• VPN– If you chose to use VPNs then be sure to use 802.1x too
• VLAN– Deploy per-user VLAN policy via the authentication server
• EAP– Consider EAP-TLS if certificate infrastructure in place– Avoid LEAP if standards-based solutions are important– TTLS and PEAP are very similar/competing approaches
Evolution of WLAN security
Wi-Fi Protected Access (WPA)
• Authentication– 802.1x port based authentication at layer 2– Works with EAP methods
• Data Privacy– TKIP (Temporal Key Integrity Protocol)
– Bigger Initialization Vector; 48 bits versus 24 bits
– Per-user keying & key rotation with every packet
– Requires hardware acceleration • Data integrity
– MIC (Message Integrity Code) algorithm – Fixes flaws in the CRC algorithm used in WEP.
WPA
IEEE 802.11iDraft 3
802.1xTKIPMIC
WPA recommendations
• Use it if you can– Many devices/NICs do not yet support WPA
• Network interface cards – Ensure the card supports WPA, some never will
• Operating systems– Microsoft XP supports WPA– See Meetinghouse and Funk for other OS clients
• Authentication servers– Make sure they support EAP types
• Network infrastructure – Make sure the hardware supports WPA
Evolution of WLAN security
802.11i / WPA2• The future of 802.11 security
– Still in draft form at the IEEE 802.11i working group
– Expected to be complete in 2004
• Uses Advanced Encryption Standard (AES) encryption– Approved by NIST (National Institute of Standards and Technology)
– As secure as 3DES, but requires less computational power
– Includes integrated data integrity
– Also known as the “Rjindael” algorithm
• Make sure that new hardware is 802.11i-ready– Must support AES cryptography acceleration now
Checklist for securing your WLAN WEP
Turn on WEP, change key Change default SSID Disable SSID beacon
802.1x, VLAN, VPN Use 802.1x with PEAP Use L2 security if using VPN Integrates with your VLAN’s
WPA Require WPA certification Don’t use pre-shared keys Look for hardware acceleration
IEEE 802.11i (WPA2) Uses new AES cipher Not yet standardized Use 802.11i-ready equipment
Pop Quiz answer is… C. Become aware of WLAN security risks
and approaches for risk mitigation.
Useful links• http://www.legra.com
– Security white papers and resource center • http://wlanswitch.com
– WLAN BLOG with vendor neutral commentary & links to other useful sites • http://www.drizzle.com/~aboba/IEEE/
– The unofficial 802.11 security page• http://www.netstumbler.com/
– Commonly used “war driving” tool• http://wepcrack.sourceforge.net/
– Commonly used tool to break WEP keys • http://www.wifialliance.com/opensection/certified_products.asp
– WiFi Alliance list of certified products • http://www.unstrung.com/document.asp?doc_id=41185
– “Look before you leap” article that discusses how LEAP was cracked.