Computer Networks. Types of Wireless Network Attacks - 1 Insertion attacks: When a wireless device...
-
date post
21-Dec-2015 -
Category
Documents
-
view
214 -
download
0
Transcript of Computer Networks. Types of Wireless Network Attacks - 1 Insertion attacks: When a wireless device...
Types of Wireless Network Attacks - 1
• Insertion attacks: When a wireless device connects to an access point without authorization
• Interception /monitoring of wireless traffic: The network traffic across a WLAN is intercepted and monitored without authorization.
• Mis-configuration: Many access points ship in an unsecured configuration
WLAN Security
• WEP: Wired Equivalent Privacy• WPA: Wi-Fi Protected Access• WPA2: Best protection for home WLAN.
WEP: Wired Equivalent Privacy
• Purpose:– Protect wireless network from eavesdropping.– Prevent unauthorized access to the network
• How Does It Work– A secret key between laptop and access point– The secret key to encrypt packets
• Length of Key– 64-bit encryption– 128-bit encryption
WPA: Wi-Fi Protected Access
• Two types of WPA– WPA-PSK (WPA Personal) - Home &Small Offices– WPA-RADIUS (WPA Enterprise) – Large Organizations
• WPA-PSK: Pre-Shared Key– Extra-strong encryption– Encryption keys are automatically changed • after a specified period of time• after a specified number of packets
• Implements a subset of IEEE 802.11i.
WPA2: Wi-Fi Protected Access
• WPA2: Best protection for home WLAN.– Fully compatible with IEEE 802.11i security
standard.– Stronger encryption protocol– Not all wireless cards and access points support– WPA2 certification is mandatory for all new devices
wishing to be Wi-Fi certified.
What is the Internet?
• The Internet involves millions of computers, connected in complex ways to a maze of local and regional networks
Origins of the Internet
• 1969• Department of Defense established experimental
network connecting 4 research computers (UCLA, Stanford Research Institute (SRI) , UC@Santa Barbara and U. of Utah.
• Called ARPANET• 1980s National Science Foundation involved
– Only scientific, research and academic institutions (no commercial traffic)
Other Developments…
• 1989 - E-mail connectivity thru CompuServe and MCI Mail
• 1991 – move towards private sector– National Access Points (NAPs)– Internet Service Providers (ISPs)
• Communication coordinated through national and international organizations (standards)
Who Owns the Internet?• No one company or country can be considered as owner
of Internet– Ownership shared among various entities
• Coordination:– Internet Society (ISOC)– Internet Engineering Task Force (IETF)– Internet Architecture Board (IAB)
• In the US – – ICANN – Internet names and port numbers (Internet Corporation for Assigned Names and Numbers)
Cost ($$$$)…
• Revenue is required to offset expenses – Servers, routers, communication lines, etc.
• Costs must be covered by users– Companies, organizations and individuals– AOL – subscribers charges monthly fee
Internet Address
Domain Name
Logical name for computing system www.scranton.edu
Top-Level Domain (suffix)
ICANN
IP Number
32-bit address (4 part decimal #)
ARIN (American Registry for Internet Numbers)/ RIPE / APNIC
132.161.33.60
Internet Address…
• Ethernet Address– 48-bit address built into machine or Ethernet
board– Refers to specific board in a local computer
Addressing
• Domain Name Server (local)• Network Information Server (wider area)– Maintain databases with domain names and IP
numbers in binary format
Domain Name
IP Number (logical)
Ethernet Address (physical)
Laptops
• Static IP address– Specified manually and entered into network
tables• Dynamic IP address – Dynamic Host Configuration Protocol (DHCP)– Ask network for an IP address when you turn it on
(from a pool of available addresses)• IP address changes each time computer is used
Web Browsers
• Internet Explorer, Mozilla, Netscape Navigator, Firefox
• System of communicating Web documents– Hypertext Transfer Protocol (HTTP)
• Formatting instructions called:– HTML (Hypertext Markup Language)
How info is transmitted?
• Uniform Resource Locator (URL)
http://www.cs.uofs.edu/~bi/2005f-html/cil102/chap-sum.html
Hypertext Transfer Protocol
Domain name of the Web server
Directory path
Web page
What info is transmitted?
• Each time you access the Web, the browser sends the following to the Web server– The IP address of your machine
• Often it can identify your town or ISP– The web server’s IP address– The OS you use on your machine– The browser you use
• Goto http://www.cs.grinnell.edu/~walker/fluency-book/web-info.php
to see how much info is sent to the Web server
What are Cookies?
• Have you ever gone to a website that seemed to remember you?
• Websites use cookies to store info about you on your own computer– When you visit such a website, it stores info as cookies (that
appear as files) on your computer– Next you visit the same website, your browser sends over all the
cookies stored by that website• What info is stored in cookies?
– In theory, anything the website wants to– Normally, it is about how you used the website– A website could store your id, password, etc in cookies if it has that
info.
What are Cookies?
• The positive side of cookies– A Web server can use cookies to streamline and
personalize your interactions with it– A browser is supposed to send cookies only to the Web
server who stored them.• The negative side of cookies– Companies may use cookies to store info for other
purposes without your permission– There are ways for a Web server to get cookies that
were stored by other Web servers.
What defenses against Cookies
• For the website you visit, especially, those websites you need to register, check:– How will the company use the info you supply?– Will the company share info with others?– Can you limit access of other to this info?– What protections are in place to keep this info?
What defenses against Cookies
• If you use a computer at work or school, cookies would be stored on school or company’s computer:– System administrators or managers may read your
cookies files• View your organization’s privacy policy
– Technicians may inadvertently access your cookies, when your computer was sent for repair, for example.
– Best way to protect yourself, delete cookies. • Almost every browser has a function you can use to delete
cookies.
How secure is info during transmission
• When you use the Internet, all data you put on the network is visible to computers on the same Ethernet, as discussed in the Network chapter.
• When your data need to be passed from one segment to another segment of the network, the intermediate computers can read your data.
• Thus, info is not secure at all when transmitted on the Internet.
How secure is info during transmission
• One way to protect yourself is encrypt info that you want to be confidential– When data is encrypted, it can still be copied or
intercepted by other computers, however, they would not know what it means.
– When a good encryption is used, it may take years, decades to break the code
• When shopping (or passing private info) on the Web, make sure the website uses HTTPS protocol.– HTTPS: Secure HTTP, which asks the browser to
encrypt the data before it is transmitted and the server decrypts data upon receiving.
Data Availability• Data in memory is volatile.• Data in storage is non-volatile so it is always
available– As long as it isn’t trashed accidentally or
deliberately.• So, when using software (Word, etc.) save
often.
Data Availability
• BACK UP IMPORTANT DATA– Often
• Specifically what should YOU do with your data.– At least once per semester, back up your entire
computer if it is at all convenient.• I use a removable hard disk• They are currently cheap
Data Security
• Secure data is data that is difficult for OTHERS to access.
• There are two basic methods of securing data:– Password systems– Encryption
Password Systems
• Username and Password – Good systems will not tell you which one is wrong if one of them is.
• Usernames are often given to you so you have no choice as to what to use.
• Most people choose their own passwords.
Choosing Passwords
• Make it long.• Use both letters and digits, maybe even
special symbols• Use upper and lower case.• Example: dsitBtitw5 (dr sidbury is the best
teacher in the world 5)• Example: P=2*(L+w)
Cryptography/Encryption
• Ebub jt fodpefe tp uibu ju epfto’u mppl opsnbm.
• Data is encoded so that it doesn’t look normal.
What are viruses?
• Unwanted and unanticipated programs• May damage a computer or degrade its performance• Viruses may appear:
– As an email attachment– In another program– In user data files (MS Word Macros)– On disk in a place that is routinely activated.– A virus cannot be spread without a human action
• Worms– Similar to viruses– Have capability to travel without any human action– e.g., send a copy of itself to everyone in your email address book,
then send to everyone in the receiver’s addr book
How to detect viruses?
• Anti-virus programs compare each file against known viruses
• A computer may be set up in such a way that no disk files can be accessed until virus scanning has been completed.
• A new virus may not be known by the anti-virus program until the virus information is available to the anti-virus program
• Be proactive in getting information of new viruses for the anti-virus program
How to protect yourself?
• Be sure anti-virus software is running on your computer and keep the virus info up to date
• Do not execute (open) any program (file) downloaded from the Internet without first having it scanned for viruses.
• Be cautious before allowing your Web browser to run programs behind the scenes
• Save all your email attachments to hard disk and scan them for viruses before open them
• Do not run any macro in Word documents or Excel spreadsheets unless you know they are reliable
• Install and configure firewalls if your computer is connected to the Web.
Firewalls
• A firewall controls/monitors traffic from one system to another one.– The systems may be individual computers or networks.
• A firewall can block unauthorized access to your computer while permitting authorized communications
• Most computers which you buy have a built in firewall. You should configure them or you will not be able to use software correctly.