Scribd
Upload
51 views

Introduction To Wireless Security

The document provides an overview of wireless security and how authentication, encryption, and integrity help secure wireless networks. It discusses how anyone within range can intercept wireless signals and how different authentication methods like pre-shared keys can help secure a wireless network but pose problems if a device is stolen. Stronger authentication using usernames and passwords is preferable in that case.

Uploaded by

Ahmed Jaha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
51 views

Introduction To Wireless Security

The document provides an overview of wireless security and how authentication, encryption, and integrity help secure wireless networks. It discusses how anyone within range can intercept wireless signals and how different authentication methods like pre-shared keys can help secure a wireless network but pose problems if a device is stolen. Stronger authentication using usernames and passwords is preferable in that case.

Uploaded by

Ahmed Jaha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Introduction to Wireless Security

Wireless networks are complex; there are many technologies and protocols required to
offer a stable wireless network to end-users. It also sounds scary to transmit data through
the air, where everyone can listen to it.

Wired networks feel secure; after all, you can’t easily listen to this traffic. You could
connect to a switchport, but the only unicast traffic you’ll see is the traffic between your
computer and the switch. You will see multicast and broadcast traffic from within the
VLAN, though.
Anyone can see the data that travels through the air, which is why wireless security is
so important. Someone can monitor wireless traffic, and you won’t even notice that it’s
happening.
In the 802.11 service sets lesson, you learned how wireless clients associate with APs.
All wireless traffic has to go through the AP, instead of directly between the sender and
receiver. Anyone in range of the AP or other wireless clients can receive the signal.
This can be a problem. For example, imagine we have a user who sends a password to a
remote server:
The wireless user transmits a password to the remote server. Because the attacker is in
range of our wireless network, he can capture the password.
How can we securely transmit data through the air and ensure that it remains private and
is not tampered with? The 802.11 standard offers security mechanisms that
provide authentication, encryption, and integrity. In this lesson, I’ll give you an
overview of these three items.
Authentication
To use a wireless network, the wireless client has to discover a BSS. APs advertise
beacons with their SSID, and the wireless client selects the wireless network she wants to
connect to and associates with the AP. By default, authentication is open, which means
everyone is welcome.

You probably want to authenticate your wireless clients, though. If you have a corporate
network, you don’t want just anyone to join the network. Only legitimate users should be
able to use your wireless network. After all, the wireless network might be connected to
the wired network where you can access all corporate resources.
What if you have guest users? If you want to offer a guest wireless network, you should
configure a second SSID, linked to a VLAN with restricted access.
APs can authenticate wireless clients before they associate with the AP. This
keeps rogue clients away from our wireless network.
There are many options for wireless authentication. You are probably familiar with the
most common choice, a pre-shared key. We configure the pre-shared key on the AP.
Any wireless client that wants to join the wireless network has to enter the pre-shared
key.
What happens when someone steals one of the wireless clients? That’s a problem because
of two main reasons:
 The attacker has access to your pre-shared key:
o And can now connect to the wireless network from any device.
o And can decrypt traffic from other clients connected to the same wireless
network.
 You need to configure a new pre-shared key on the AP and all wireless clients.
There are stronger authentication options where we ask users for a username and
password instead. This helps. When a device is stolen, at least you can pinpoint which
username was compromised and reset the password for that username. You don’t have to
reset the pre-shared key and configure it on all wireless clients.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy