Home >Documents >Wireless and Instant Messaging

Wireless and Instant Messaging

Date post:02-Jan-2016
Category:
View:26 times
Download:2 times
Share this document with a friend
Description:
Wireless and Instant Messaging. Chapter 8. Learning Objectives. Understand security issues related to wireless data transfer Understand the 802.11x standards Understand Wireless Application Protocol (WAP) and how it works - PowerPoint PPT Presentation
Transcript:
  • Wireless and Instant MessagingChapter 8

  • Learning ObjectivesUnderstand security issues related to wireless data transferUnderstand the 802.11x standardsUnderstand Wireless Application Protocol (WAP) and how it worksUnderstand Wireless Transport Layer Security (WTLS) protocol and how it workscontinued

  • Learning ObjectivesUnderstand Wired Equivalent Privacy (WEP) and how it worksConduct a wireless site surveyUnderstand instant messaging

  • 802.11IEEE group responsible for defining interface between wireless clients and their network access points in wireless LANsFirst standard finalized in 1997 defined three types of transmission at Physical layerDiffused infrared - based on infrared transmissionsDirect sequence spread spectrum (DSSS) - radio-basedFrequency hopping spread spectrum (FHSS) - radio-basedcontinued

  • 802.11Established WEP as optional security protocolSpecified use of 2.4 GHz industrial, scientific, and medical (ISM) radio bandMandated 1 Mbps data transfer rate and optional 2 Mbps data transfer rateMost prominent working groups: 802.11b, 802.11a, 802.11i, and 802.11g

  • 802.11aHigh-Speed Physical Layer in the 5 GHz BandSets specifications for wireless data transmission of up to 54 Mbps in the 5 GHz bandUses an orthogonal frequency division multiplexing encoding scheme rather than FHSS or DSSSApproved in 1999

  • 802.11bHigher-Speed Layer Extension in the 2.4 GHz BandEstablishes specifications for data transmission that provides 11 Mbps transmission (with fallback to 5.5, 2, and 1 Mbps) at 2.4 GHz bandSometimes referred to as Wi-Fi when associated with WECA certified devicesUses only DSSSApproved in 1999

  • 802.11cWorked to establish MAC bridging functionality for 802.11 to operate in other countriesFolded into 802.1D standard for MAC bridging

  • 802.11dResponsible for determining requirements necessary for 802.11 to operate in other countriesContinuing

  • 802.11eResponsible for creating a standard that will add multimedia and quality of service (QoS) capabilities to wireless MAC layer and therefore guarantee specified data transmission rates and error percentagesProposal in draft form

  • 802.11fResponsible for creating a standard that will allow for better roaming between multivendor access points and distribution systemsOngoing

  • 802.11gResponsible for providing raw data throughput over wireless networks at a throughput rate of 22 Mbps or moreDraft created in January 2002; final approval expected in late 2002 or early 2003

  • 802.11hResponsible for providing a way to allow for European implementation requests regarding the 5 GHz bandRequirementsLimits PC card from emitting more radio signal than neededAllows devices to listen to radio wave activity before picking a channel on which to broadcastOngoing; not yet approved

  • 802.11iResponsible for fixing security flaws in WEP and 802.1xHopes to eliminate WEP altogether and replace it with Temporal Key Integrity Protocol (TKIP), which would require replacement of keys within a certain amount of timeOngoing; not yet approved

  • 802.11jWorked to create a global standard in the 5 GHz band by making high-performance LAN (HiperLAN) and 802.11a interoperable Disbanded after efforts in this area were mostly successful

  • Wireless Application Protocol (WAP)Open, global specification created by the WAP ForumDesigned to deliver information and services to users of handheld digital devicesCompatible with most wireless networksCan be built on any operating system

  • WAP-Enabled Devices

  • WAP-Enabled Devices

  • How WAP 1x WorksWAP 1.x StackSet of protocols created by the WAP Forum that alters the OSI modelFive layers lie within the top four (of seven) layers of the OSI modelLeaner than the OSI modelEach WAP protocol makes data transactions as compressed as possible and allows for more dropped packets than OSI model

  • WAP 1.x Stack Compared to OSI/Web Stack

  • Differences Between Wireless and Wired Data TransferWAP 1.x stack protocols require that data communications between clients (wireless devices) and servers pass through a WAP gatewayNetwork architectural structures

  • WAP versus Wired Network

  • The WAP 2.0 StackEliminates use of WTLS; relies on a lighter version of TLS the same protocol used on the common Internet stack which allows end-to-end security and avoids any WAP gapsReplaces all other layers of WAP 1.x by standard Internet layersStill supports the WAP 1.x stack in order to facilitate legacy devices and systems

  • Additional WAP 2.0 FeaturesWAP PushUser agent profileWireless Telephony ApplicationExtended Functionality Interface (EFI)Multimedia Messaging Service (MMS)

  • Quick QuizWhat is the frequency used by 802.11b?Which 802.11 subgroup uses the 5 GHz band?Which wireless application protocol standard maps more closely to the OSI model?The brief time in which WAP 1.x data is not encrypted at all is called the _______

  • Wireless Transport Layer Security (WTLS) ProtocolProvides authentication, data encryption, and privacy for WAP 1.x usersThree classes of authenticationClass 1Anonymous; does not allow either the client or the gateway to authenticate each otherClass 2Only allows the client to authenticate the gatewayClass 3Allows both the client and the gateway to authenticate each other

  • WTLS Protocol: Steps of Class 2 AuthenticationWAP device sends request for authentication Gateway responds, then sends a copy of its certificate which contains gateways public key to the WAP deviceWAP device receives the certificate and public key and generates a unique random valueWAP gateway receives encrypted value and uses its own private key to decrypt it

  • WTLS Security ConcernsSecurity threats posed by WAP gap

  • Wired Equivalent Privacy (WEP)Optional security protocol for wireless local area networks defined in the 802.11b standardDesigned to provide same level of security as a wired LANNot considered adequate security without also implementing a separate authentication process and providing for external key management

  • Wireless LAN (WLAN)Connects clients to network resources using radio signals to pass data through the etherEmploys wireless access points (AP)Connected to the wired LANAct as radio broadcast stations that transmit data to clients equipped with wireless network interface cards (NICs)

  • How a WLAN Works

  • APs

  • NICs

  • How WEP WorksUses a symmetric key (shared key) to authenticate wireless devices (not wireless device users) and to guarantee integrity of data by encrypting transmissionsEach of the APs and clients need to share the same keyClient sends a request to the AP asking for permission to access the wired networkcontinued

  • How WEP WorksIf WEP has not been enabled (default), the AP allows the request to passIf WEP has been enabled, client begins a challenge-and-response authentication process

  • WEPs WeaknessesProblems related to the initialization vector (IV) that it uses to encrypt data and ensure its integrityCan be picked up by hackersIs reused on a regular basisProblems with how it handles keys

  • Other WLAN Security LoopholesWar drivingUnauthorized users can attach themselves to WLANs and use their resources, set up their own access points and jam the networkWEP authenticates clients, not usersWireless network administrators and users must be educated about inherent insecurity of wireless systems and the need for care

  • Conducting a Wireless Site SurveyConduct a needs assessment of network usersObtain a copy of the sites blueprintDo a walk-through of the siteIdentify possible access point locationsVerify access point locationsDocument findings

  • Instant Messaging (IM)AOL Instant Messenger (AIM)MSN MessengerYahoo! MessengerICQInternet Relay Chat (IRC)

  • Definition of IMUses a real-time communication modelAllows users to keep track of online status and availability of other users who are also using IM applicationsCan be used on both wired and wireless devicesEasy and fastcontinued

  • Definition of IMOperates in two models:Peer-to-peer modelMay cause client to expose sensitive informationPeer-to-network modelRisk of network outage and DoS attacks making IM communication unavailable

  • Problems Facing IMLack of default encryption enables packet sniffingSocial engineering overcomes even encryption

  • Technical Issues Surrounding IMFiles transfersApplication sharing

  • Legal Issues Surrounding IMPossible threat of litigation or criminal indictment should the wrong message be sent or overheard by the wrong personCurrently immune to most corporate efforts to control itMust be monitored in real time

  • Blocking IMInstall a firewall to block ports that IM products use; IM will be unavailable to all employeesLimited blocking not currently possible

  • Cellular Phone Simple Messaging Service (SMS)Messages are typed and sent immediatelyProblemsTracking inappropriate messagesRisk of having messages sniffed

  • Chapter SummaryEfforts of IEEE, specifically 802.11x standards, to standardize wireless securitySecurity issues related to dominant wireless protocolsWAPConnects mobile telephones, PDAs, pocket computers, and other mobile devices to the InternetWEPUsed in WLANscontinued

  • Chapter SummaryWTLS protocolConducting a site survey in advance of building a WLANSecurity threats related to using (IM)

  • Quick QuizTrue or False: When using WTLS, the gateway initiates the authentication process.True or False: The IV is a source of security concern

Popular Tags:

Click here to load reader

Embed Size (px)
Recommended