Professional Documents
Culture Documents
Wireless Security
Wireless Security
鈺松國際資訊有限公司
cclin@iss.com.tw
Agenta
• Wireless Introduction
• Wireless security issue
• Wardriving and LIVE DEMO(Maybe)
• Countermesure
What’s not coverd
• 802.1X
• Algorithm of crypto
Introduction
• Wireless Security
• Wireless Technologies
• Network Topologies
Wireless Security
Wireless
WirelessApplications
Applications((WAP,
WAP,I-mode,
I-mode,Messaging,
Messaging,Voice
Voice
Application
& Service Over
Overwireless
wirelessnetwork,
network,location-based services))
location-basedservices
Physical Wireless
WirelessStandards
Standards((802.11a,
802.11a,802.11b,
802.11b,AX.25,
AX.25,3G,
3G,CDPD,
CDPD,
layer GPRS,
GPRS,Radio,Microwave,
Radio,Microwave,Laser,
Laser,Bluetooth, 802.15))
Bluetooth,802.15
Mobile
MobileDevices
Devices((PDA,
PDA,Notebook,
Notebook,Cellular
CellularPhone,
Phone,Pager,
Pager,
Devices
Handheld
HandheldPC,
PC,Wearable Computers))
WearableComputers
Network Topologies
AD Hoc Infrastructure
Why Wireless?
• No cable plant
– Lower cost
– Rapid deployment
• Enhanced mobility
• Information Exposure
• Weak Authentication/Authorization
• Application Level Attack
• Denial-of-Service Attack
• Auditing
• Policy/Procedure
Information Exposure
• 黑客的日子一天比一天好過。Granite Island
Group 公司總裁詹姆士•艾金森(James
Atkinson)指出,「要入侵無線區域網絡所需
要的專業知識門檻相當高」
Wardialing
• 目的
– 找尋 modem access point
• 方法
– 以 PC+modem 撥打指定範圍電話
– 可配合 bluebox
• 目的
– 找尋 Wi access point
• 方法
– 以 PC+802.11b adapter進行搜尋,以步行或使用
交通工具進行
Warchalking
Why Wardriving?
• Penetration ☺
– 內部有 wireless AP,可透過 AP進入到公司內部
– AP並未整合進 Security policy,有機會可以
bypass ACL
– 案例
Live Demo
Netstumbler
• DEMO
Wireless Vulnerability Scanner
• Firewall
– Separate the wireless network
• VPN
– Protecting access to your wireless network
– 802.1x
• Protecting Access Points
– Directional antenna
– ACL on management interface
• Intrusion detection
Conclusion