Wireless Security pot

4  Attacks on Wireless Networks Wired Equivalent Privacy WEP Protocol o Mechanism o Weaknesses in the WEP Scheme Wi-Fi Protected Access WPA IEEE 802.11i/WPA2 Virtual Private Netw

Trang 1

NETWORK SECURITY

WIRELESS SECURITY ISSUES

MAI Xuân Phú xuanphu150@gmail.com

1

Trang 2

2

 Attacks on Wireless Networks

 Wired Equivalent Privacy (WEP) Protocol

o Mechanism

o Weaknesses in the WEP Scheme

 Wi-Fi Protected Access (WPA)

 IEEE 802.11i/WPA2

 Virtual Private Network (VPN)

o Point-to-Point Tunneling Protocol (PPTP)

o Layer-2 Transport Protocol (L2TP)

 Internet Protocol Security (IPSec)

Trang 4

4

 Attacks on Wireless Networks

Wired Equivalent Privacy (WEP) Protocol

o Mechanism

Wi-Fi Protected Access (WPA)

IEEE 802.11i/WPA2

Virtual Private Network (VPN)

Internet Protocol Security (IPSec)

Trang 5

Internet security threats

o nmap (http://www.insecure.org/nmap/) mapper:

“network exploration and security auditing”

Countermeasures?

5

Source: Jim Kurose & Keith Ross, Computer Networking: A Top Down Approach Featuring the Internet,

3rd edition, Chapter 8: Network Security

Trang 6

o record traffic entering network

o look for suspicious activity (IP addresses, pots being scanned sequentially)

6

Trang 7

Packet sniffing:

o broadcast media

o promiscuous NIC reads all packets passing by

o can read all unencrypted data (e.g passwords)

o e.g.: C sniffs B’s packets

Trang 8

Packet sniffing: countermeasures

o all hosts in organization run software that checks periodically if host interface

Trang 9

Trang 10

IP Spoofing: ingress filtering

o routers should not forward outgoing packets with invalid source addresses (e.g., datagram source address not in router’s network)

o great, but ingress filtering can not be mandated for all networks

Trang 11

Denial of service (DOS):

o flood of maliciously generated packets “swamp” receiver

o Distributed DOS (DDOS): multiple coordinated sources swamp receiver

o e.g., C and remote host SYN-attack A

A

B

C

SYNSYNSYN

SYN

SYNSYN

SYN

Countermeasures?

11

Trang 12

Denial of service (DOS): countermeasures

o filter out flooded packets (e.g., SYN) before reaching host: throw out good with bad

o traceback to source of floods (most likely an innocent, compromised machine)

A

B

C

SYNSYNSYN

SYN

SYNSYNSYN

12

Trang 13

Wireless Network Security

Wireless stations, or nodes, communicate over a wireless medium

 Security threats are imminent due to the open nature of communication

o Two main issues: authentication and privacy

o Other serious issues: denial-of-service…

A categorization is required to understand the issues in each situation

13

Source: K Kothapalli & B Bezawada, Security Issues and Challenges in Wireless Networks

Trang 14

Wireless Threats

Medium is open to most attackers in the neighborhood of a wireless node

o Near-impossibility of establishing a clear physical security boundary

• Higher gain antennas can be used to overcome distance or a weak signal

Remote attackers can aim at:

o The physical layer

o The link layer

• Media Access Control (MAC)

• Logical link

o The network layer 14

Trang 15

o Capture passwords, authentication tokens, etc

 Authentication and Accountability attacks

o Anonymity for attacker

o Reassign accountability to network or account owners 15

Source: Pascal Meunier, Network Security, Section 7

Trang 16

Threats in Present Solutions MAC Layer

Denial of Service

o Can hog the medium by sending noise continuously.

o Can be done without draining the power of the adversary.

o Depends on physical carrier sensing threshold.

16

z

A

Trang 17

Threats in Present Solutions MAC Layer

802.11 standard uses Access Control Lists for admission control.

If MAC address not in the list, then the node is denied access.

o But easy to spoof MAC addresses.

00:1A:A0:FD:FF:2E00:0C:76:7F:DF:4900:13:D3:07:2F:A800:2F:B8:77:EA:B5

17

Trang 18

Threats in Present Solutions Network Layer

Ad hoc networks

Trang 19

Denial-of-service

o Easy to mount in wireless network protocols.

o One strategically adversary can generally disable a dense part of the network.

Trang 20

Can simply engage in conversation and drain battery power of other nodes – power exhaustion attack

o Send lot of RREQ messages but never use the routes.

z

A

RREQ(a) RREQ(b) RREQ(c)

….

20

Trang 21

Broadcast nature of communication

o Each message can be received by all nodes in the transmission range

o Packet sniffing is a lot easier than in wired networks.

o Poses a data privacy issue

s t

A

21

Trang 22

Route discovery in ad hoc networks

o AODV discovers route by RREQ/RREP.

o Few adversarial nodes can fail route discovery.

o Difficult to detect route discovery failures.

o Also vulnerable to RREP replays.

RREQ

22

Trang 23

Packet dropping

o Wired networks can monitor packet drops reasonably

o Such mechanisms are resource intensive for wireless networks

o AODV has timeouts but no theoretical solutions

• Difficult to distinguish packet drops, say RREQs, from existence of route itself

non-o Nnon-odes snon-ome times behave selfishly to preserve resources

23

Trang 24

attacks

Attacker reveals paths but does not forward data along these paths.

s t

24

Trang 25

Easy to infect mobile devices.

Rerouting content through the base station poses privacy issues.

o Bluetooth networks and ad hoc networks do not have

a base station facility.

Contrast with wired networks with firewalls, filters, sandboxes.

Threats in Present Solutions Application Layer

25

Trang 26

Wireless Network Attack Types

Access control attacks

Trang 27

Access control attacks

Type of Attack Description Methods and Tools

War Driving

Discovering wireless LANs by listening to beacons or sending probe requests, thereby providing launch point for further attacks

Airmon-ng, DStumbler, KisMAC, MacStumbler, NetStumbler, Wellenreiter, WiFiFoFum

Rogue Access Points

Installing an unsecured AP inside firewall, creating open backdoor into trusted network

Any hardware or software AP

Ad Hoc Associations

Connecting directly to an unsecured station to circumvent AP security or

wicontrol

802.1X RADIUS Cracking

Recovering RADIUS secret by brute force from 802.1X access request, for use by evil twin AP

Packet capture tool on LAN

or network path between

AP and RADIUS server

27

Trang 28

Confidentiality attacks

Eavesdropping Capturing and decoding unprotected application traffic to obtain potentially

sensitive information

bsd-airtools, Ettercap, Kismet, Wireshark, commercial analyzers

WEP Key Cracking Capturing data to recover a WEP key using passive or active methods

Aircrack-ng, airoway, AirSnort, chopchop, dwepcrack, WepAttack, WepDecrypt, WepLab, wesside

Evil Twin AP Masquerading as an authorized AP by beaconing the WLAN's service set

identifier (SSID) to lure users

cqureAP, D-Link G200, HermesAP, Rogue Squadron, WifiBSD

AP Phishing Running a phony portal or Web server on an evil twin AP to "phish" for user

logins, credit card numbers

Airpwn, Airsnarf, Hotspotter, Karma, RGlueAP

Running traditional man-in-the-middle

28

Trang 29

Integrity attacks Type of Attack Description Methods and Tools

802.11 Frame Injection Crafting and sending forged 802.11 frames.

Airpwn, File2air, libradiate, void11, WEPWedgie, wnet dinject/reinject

802.11 Data Replay Capturing 802.11 data frames for later (modified) replay Capture + Injection Tools

802.1X EAP Replay

Capturing 802.1X Extensible Authentication Protocols (e.g., EAP Identity, Success, Failure) for later replay.

Wireless Capture + Injection Tools

between station and AP

802.1X RADIUS Replay

Capturing RADIUS Accept or Reject messages for later replay.

Access-Ethernet Capture + Injection Tools

between AP and authentication server 29

Trang 30

Authentication attacks - 1

Shared Key Guessing

Attempting 802.11 Shared Key Authentication with guessed, vendor default or cracked WEP keys

WEP Cracking Tools

Application Login Theft

Capturing user credentials (e.g., e-mail address and password) from cleartext application protocols

Ace Password Sniffer, Dsniff, PHoss,

WinSniffer

Domain Login Cracking

Recovering user credentials (e.g., Windows login and password) by cracking NetBIOS password hashes, using a brute-force or dictionary attack tool

John the Ripper, L0phtCrack, Cain

VPN Login

Recovering user credentials (e.g., PPTP password or IPsec Preshared ike_scan and ike_crack (IPsec), 30

Trang 31

Authentication attacks – 2

802.1X Identity Theft

Capturing user identities from cleartext 802.1X Identity Response

802.1X Password Guessing

Using a captured identity, repeatedly attempting 802.1X authentication to guess the user's password.

Password Dictionary

802.1X LEAP Cracking

Recovering user credentials from captured 802.1X Lightweight EAP (LEAP) packets using a dictionary attack tool to crack the NT password hash.

Anwrap, Asleap, THC-LEAPcracker

802.1X EAP Downgrade

Forcing an 802.1X server to offer a weaker type of authentication using forged EAP-Response/Nak packets File2air, libradiate 31

Trang 32

Availability attacks - 1

AP Theft Physically removing an AP from a public space. "Five finger discount"

Queensland DoS

Exploiting the CSMA/CA Clear Channel Assessment (CCA) mechanism to make a channel appear busy

An adapter that supports

CW Tx mode, with a level utility to invoke continuous transmit

low-802.11 Beacon Flood

Generating thousands of counterfeit 802.11 beacons to make it hard for stations to find a legitimate AP

FakeAP

802.11 Associate / Authenticate Flood

Sending forged Authenticates or Associates from random MACs

to fill a target AP's association table

FATA-Jack, Macfld

802.11 TKIP MIC

Generating invalid TKIP data to exceed the target AP's MIC error File2air, wnet dinject, 32

Trang 33

Availability attacks - 2

802.11 Deauthenticate Flood

Flooding station(s) with forged Deauthenticates or Disassociates

to disconnecting users from an AP

Aireplay, Airforge, MDK, void11, commercial WIPS

802.1X EAP-Start Flood

Flooding an AP with EAP-Start messages to consume resources or crash the target QACafe, File2air, libradiate802.1X EAP-Failure

Observing a valid 802.1X EAP exchange, and then sending the station a forged EAP-Failure message

QACafe, File2air, libradiate

802.1X Death

EAP-of-Sending a malformed 802.1X EAP Identity response known to cause some APs to crash QACafe, File2air, libradiate

802.1X EAP Length Attacks

Sending EAP type-specific messages with bad length fields to try to crash an AP or RADIUS

server

QACafe, File2air, libradiate

33

Trang 34

34

Attacks on Wireless Networks

 Wired Equivalent Privacy (WEP) Protocol

o Mechanism

Wi-Fi Protected Access (WPA)

Trang 35

Wired Equivalent Privacy (WEP):

authentication as

o host requests authentication from access point

o access point sends 128 bit nonce

o host encrypts nonce using shared symmetric key

o access point decrypts nonce, authenticates host

no key distribution mechanism

authentication: knowing the shared key is enough

35

Trang 36

WEP data encryption

Host/AP share 40 bit symmetric key permanent)

(semi-Host appends 24-bit initialization vector (IV) to create 64-bit key

64 bit key used to generate stream of keys, kiIV

kiIV used to encrypt ith byte, di, in frame:

ci = di XOR kiIV

IV and encrypted bytes, ci sent in frame

36

Trang 38

802.11 WEP encryption

Sender-side WEP encryption

38

IV (per frame)

KS: 40-bit secret symmetric

key k1IV k2IV k3IV … kNIV kN+1IV… kN+1IV

d1 d2 d3 … dN CRC1 … CRC4

c 1 c 2 c 3 … c N c N+1 … c N+4

plaintext frame data plus CRC

key sequence generator ( for given KS, IV)

802.11 header IV

WEP-encrypted data plus CRC

Figure 7.8-new1: 802.11 WEP protocol

Trang 39

WEP Weakness

39

Trang 40

Breaking 802.11 WEP encryption

Security hole:

 24-bit IV, one IV per frame, -> IV’s eventually reused

 IV transmitted in plaintext -> IV reuse detected

 Attack:

o Attacker causes victim to encrypt known plaintext d 1 d 2 d 3 d 4 …

o Attacker sees: c i = d i XOR k i IV

o Attacker knows c i d i , so can compute k i IV

o Attacker knows encrypting key sequence k 1 IV k 2 IV k 3 IV …

o Next time IV is used, attacker can decrypt!

40

Trang 41

41

Attacks on Wireless Networks

Wired Equivalent Privacy (WEP) Protocol

o Mechanism

 Wi-Fi Protected Access (WPA)

Trang 42

WPA Overview

 Published in 2003 by the Wi-Fi Alliance

 Based on an early version (draft 3) of the IEEE 802.11i standard

 Three major objectives:

o Correct all the security flaws in WEP

o Make existing WEP hardware also support WPA

o Ensure WPA is compatible with the 802.11i standard

 Use 802.1X for authentication

 Temporal Key Integrity Protocol (TKIP):

o Use Michael Algorithm, a specifically designed integrity check algorithm

o Use a new key structure to prevent message replays and de-correlate public

initialization vectors from weak RC4 keys 42

Trang 43

Device Authentication and Access Control

 Home-and-small-office WPA:

o For home and small office

o Use WEP’s preset secret key

 Enterprise WPA:

o Secure corporate WLANs

o Uses Authentication Server (AS)

o Different user has different pre-shared secret key with the AS

o Pre shared secrets are presented in the form of passwords

o Adopts 802.1X Port Based Network Access Control protocol to

authenticate STAs

43

J Wang Computer Network Security Theory and Practice Springer 2008

Trang 44

802.1X in a Nutshell

1 STA sends a request to

AP AP asks for the identity of STA.

2 STA sends AP its identity

and signature using the master key shared with the AS AS verifies STA and passes decision to

AP AP then informs STA about AS’s decision.

3 STA is granted access to

WLAN

44

Tiêu đề	Wireless Security Issues
Tác giả	Mai Xuân Phú
Trường học	Unknown University
Chuyên ngành	Network Security
Thể loại	Essay

Định dạng
Số trang	61
Dung lượng	838,02 KB