Wireless Network Security Flashcards
Introduction to WiFI
No inherent physical protection
Broadcast communications
Security threats: Eavesdropping Injecting bogus messages Replaying previously recorded messages Illegitimate access to the network & its services Denial-of-service
Key factors contributing to higher security risk of wireless networks
Channel
broadcast communications more susceptible to eavesdropping and jamming
Mobility
wireless devices portable, so more risks
Resources
wireless devices have sophisticated OS but limited memory and processing resources to counter threats (DOS and malware)
Accessibility
wireless devices like sensors and robots may be left unattended in remote or hostile locations
Security threats to wireless networks
Accidental association
Malicious assocaition
Ad hoc networks
Nontraditional networks
Identity theft (MAC spoofing)
Man in the middle attacks
Denial of Service attacks
Network injection
Securing wireless transmissions
Signal hiding techniques
- -turn off SSID broadcasting
- -encrypt SSID
- -reduce signal strength
- -locate wireless access points in interior of building
Encryption
–encrypt all wireless transmission
Securing wireless networks
Use encryption
use antivirus and antispyware software and a firewall
turn off identifier broadcasting
change identifier on router from default
change router’s pre set password for administration
allow only specific computers access
Mobile device security concerns
Lack of physical security controls
Use of untrusted mobile devices
Use of untrusted networks
Use of applications created by unknown parties
Interaction with other systems
Use of untrusted content
Use of location services
Mobile device security controls
Enable auto-lock
Enable password or PIN protection
Avoid use of autocomplete
Enable remote wipe
Ensure that SSL protection is enabled
Make sure that software, including operating systems and applications, is up to date
Install antivirus software
Prohibit sensitive data or encrypt it
IT ability to remotely access devices to wipe or disable
Prohibit installation of third-party applications
Restrictions on what devices can sync and use cloud
Train personnel on risks
Disable location services
Access point
any entity that has station functionality and provides access
Basic service set
set of stations controlled by single coordination function
Coordination function
logical function that determines when a station operating within a BSS is permitted to transmit and may be able to receive PDUs
Distribution System
System used to interconnect a set of BSSs and integrated LANS to create an ESS
Extended Service Set
set of one or more interconnected BSSs and integrated LANs that appear as a single BSS to the LLC layer at any station associated with one of the BSSs
MAC protocol data unit
unit of data exchanged between two peer MAC entities using the services of the physical layer
MAC service data unit
Information delivered as a unit between MAC users
Station
any device that contains an IEEE 802.11 conformant MAC and physical layer
