Setup and Security

Topics to be covered
How to setup a wireless internet connection
How to add a computer to a wireless network
Connecting to the network.
Securities like WPA and WEP
Setting up your wireless router.
Setting Up a wireless internet
connection
Click

Click

Select

Select .
Click Next> to continue
 Enter the Network (SSID) name
 Click on Manually assign a network Key
 Click next to continue
Click setup the network manually.
Click setup a new wireless network.
Then click next
Enter the WEP key
Click finish to complete the setup.
Adding a computer
Computer can be added to the network by running
the setup again with same SSID.
Going to Slide 7 and selecting add a new computer or
device.
Or going to slide 6 and selecting the option of use a
USB flash drive
Connecting to network.
Right click on the wireless icon and click “view
available networks”
 Click on your network and
then click connect.

 If it’s a secured network

you will have to enter
your WEP or WPA key to
get connected.
Ad-hoc Connection
As discussed in the previously ad-hoc connection is a
peer to peer connection
You don’t require a router to start a ad-hoc
connection.
Both the devices should have wireless capability.
Ad-hoc connection can also be utilized for internet
connection sharing (ICS)
Securities.
For a wireless network you have to make sure that
your wireless connection is secured.
Secured wirless connection means that your network
in protected with authentication like WEP or WPA
WEP means Wired Equivalent Protection which uses
either a 64 bit of 128 bit authentication to protect
your network.
WPA means Wi-Fi Protected Access which is the
latest in security. It uses TKIP (Temporal Key
Integrity Protocol) for the security.
WEP (Wired Equivalent Protection)
 Wired Equivalent Privacy (WEP) is a deprecated algorithm to
secure IEEE 802.11 wireless networks.
 Wireless networks broadcast messages using radio and are thus more
susceptible to eavesdropping than wired networks. When introduced
in 1999, WEP was intended to provide confidentiality comparable to
that of a traditional wired network.
 It can be used for a standard 64 bit protection or an 128 bit protection
as well
 Standard 64-bit WEP uses a 40 bit key (also known as WEP-40).
 A 128-bit WEP key is almost always entered by users as a string of 26
hexadecimal (base 16) characters (0-9 and A-F). Each character
represents four bits of the key. 26 digits of four bits each gives 104 bits;
adding the 24-bit IV produces the final 128-bit WEP key.
Modes of WEP
authentication.
 Two methods of authentication can
be used with WEP: Open System
authentication and Shared Key
authentication
 The sender and the recipient do
not share a secret key. Each party
generates its own key-pair and asks
the receiver to accept the (usually
randomly) generated key. Once
accepted, this key is used for a
short time only, then a new key is
generated and agreed upon
 So, it is a two-step authentication
method, in which sender first send
its identity and in response of that
it gets the authentication results.
 To prevent the unauthenticated
users from accessing the network,
you may use “Shared Key
Authentication”, which is defined
by IEEE 802.11. IEEE 802.11 defines 4
WEP keys (with index 1 to 4) for
WEP encryption and distinguishes
WEP encryption to WEP-40 and
WEP-104 according to the length of
the keys.
WPA (Wi-Fi Protected Access
 WPA addresses most of the known WEP vulnerabilities and is primarily intended for
wireless infrastructure networks as found in the enterprise. This infrastructure includes
stations, access points, and authentication servers (typically Remote Authentication
Dial-In User Service servers, called RADIUS servers). The RADIUS server holds (or has
access to) user credentials (for example, user names and passwords) and authenticates
wireless users before they gain access to the network.
 WPA addresses most of the known WEP vulnerabilities and is primarily intended for
wireless infrastructure networks as found in the enterprise. This infrastructure includes
stations, access points, and authentication servers (typically Remote Authentication
Dial-In User Service servers, called RADIUS servers). The RADIUS server holds (or has
access to) user credentials (for example, user names and passwords) and authenticates
wireless users before they gain access to the network.
 Key management. WPA features a robust key generation/management system that
integrates the authentication and data privacy functions. Keys are generated after
successful authentication and through a subsequent four-way handshake between the
station and access point.
 Data Privacy (Encryption). Temporal Key Integrity Protocol (TKIP) is used to wrap
WEP in sophisticated cryptographic and security techniques to overcome most of its
weaknesses.
 Data integrity. TKIP includes a message integrity code (MIC) at the end of each plain
text message to ensure messages are not being spoofed.
Differences between WEP and
WPA
 Wired Equivalent Privacy, commonly called WEP is 802.11's first hardware
form of security where both the WAP and the user are configured with an
encryption key of either 64 bits or 128 bits in HEX. So when the user attempts
to authenticate, the AP issues a random challenge. The user then returns the
challenge, encrypted with the key. The AP decrypts this challenge and if it
matches the original the client is authenticated. The problem with WEP is
that the key is static, which means with a little time and the right tool a
hacker could use reverse-engineering to derive the encryption key. It is
important to note that this process does affect the transmission speed.
 The next generation of hardware security is Wi-Fi Protected Access commonly
know as WPA. WPA solves WEP's static encryption key issue. WPA uses a
Temporal Key Integrity Protocol (TKIP), which changes keys with every data
packet. It also includes message-integrity checks that guard against forged
packets. Of course WPA is not without flaw, for increase security we sacrifice
more of our speed! Another weakness with WPA exists when the home
version is used, which utilizes a shared pass phrase. If the user chooses a pass
phrase that might be found in the dictionary and/or uses a pass phrase that is
less then 21 characters, WPA can be cracked using a brute force dictionary
attack
How to retrieve a
network key.
• You can try retrieving it by going
to the router page to access
• Connect the computer to the
router with a cable.
• Open setup page of router by
typing http://192.168.1.1 in
browser’s address bar, and
typing password as "admin" and
no user name. Use your
password if you have changed it
earlier.
• Go to wireless tab.
• Go to wireless security sub-tab.
• If security mode is wpa or wpa2
note down passphrase/shared
key, if security mode is WEP
note down wep key number .
This will be your network key.
• This will be your network key
• But if the router password also
doesn't work then you will have
to reset router.
Configuring your wireless
router.
Like the computer even the router or the access point
which you are using needs to be configured to be able
to wireless communicate with the computer and vice
versa.
In the next few slides we will look up how to setup a
router. This is for added info. We have taken the
example of Linksys WRT54G router.
Configuring Linksys Router.
1. Log in to your router by opening
your web browser and going to
http://192.168.1.1 this is the
address to access your router. If
this is your first time logging in,
leave the username field blank
and enter 'admin' (without the
quote marks of course) as the
password.
2. The first thing to do is back up
your current configuration. This
way if you set something
incorrectly you can always revert
back to the original setup. Click
the "Administration" tab.
3. Click "Config Management"
4. Click the "Backup" button.
Choose a location to save your
configuration where you will
remember.
Configuring Wireless router (continued)….
1. Click the "Wireless" tab.
2. Where it says "Wireless
Network Name (SSID)" enter
a unique SSID name for your
wifi to be identified when
your laptop scans for access
points.
3. Where it says "Wireless SSID
Broadcast:" tick the box that
says "Enable“
4. Leave the other fields as they
are.
5. Click the "Save Settings"
button and wait for the
confirmation page.
6. Click the "Continue" button.
Configuring Wireless router (continued)….
1. Click "Wireless Security"
2. For this example we will use WPA2
Personal encryption. Before you proceed
make sure the wireless software your
laptop uses has support for this type.
3. Where it says "Security Mode:" select
"WPA2 Personal"
4. Where it says "WPA Algorithms:" select
TKIP+AES
5. Where it says "WPA Shared Key:" enter
anything you wish here. The longer the
key the harder it is to hack. Combining
numbers and letters and avoiding using
dictionary words is the best practice.
Write down or save this in a safe place.
6. Where it says "Group Key Renewal:" enter
'3600' (without the quote marks of course).
7. Click the "Save Settings" button and wait
for the confirmation page.
8. Click “continue”