when we talk about wireless there a few more entities other than just WiFi that we want to discuss. So but we will certainly discuss WiFi and we'll talk about that first. So when we're connecting to a land the points of connection from wireless devices, we connect to access points.
And these were kind of like hubs that bridge the gap between the wireless medium. In the wired media,
there are a couple of things about those. And first of all, I mentioned, you don't have to have access points. You can connect in ad hoc mode. It's almost like a MASH network. But for wireless devices, each device connects directly with each other device. Ah, wireless devices have to be configured to use the same channel,
and they're also configured logically to use the same s s I d.
The's s s I d s air frequently broadcasted
so one of the parts of a layer defense would be to stop broadcasting the s s I d. And to give it a unique and complex name. Now I will tell you that's not security in and of itself. That's something we call security through obscurity.
And it's the false idea that if you can't see me, you can't attack me. But it would be part of the layer defense, whereas we would have strong encryption, strong authentication
and then disabled broadcast a swell.
All right now, I don't anticipate a lot of questions on speed on this exam. We're not really concerned with wireless from necessarily a performance standpoint, but we have gone through several iterations 8 to 11 b and then G really kind of became the standard
a day or 2 11 eyes interesting because even though it never really made it to market,
this was the first standard that required the use
So that was a big deal, and we really saw it first implemented within now or later to 11 a. C, and we'll see where things go from there. Each step has generally brought a speed improvement end or a change in frequency, so that it's a little bit more accessible and less problems with interference perhaps greater distance
when we do talk about security problems with wireless unauthorized access to the network sniffing data Ah, war driving's wandering around looking in your car, looking for insecure dhe signal and unauthorized access points. Rogue access points, providing a type of
men in the middle of a test.
So when we talk about air snarfing, I'm looking to gather up ah, wireless signal and really sniff out the network. And when we're looking at sniffing wireless or not, a good defense against sniffing is encryption.
So when we talk about wireless encryption, we would look at it
three sort of encryption protocols or security methods, if you will. We have wept Wired equivalent privacy. Be prepared to answer some questions on Web and why it's not a good choice,
but Kelly weapons obsolete. You say to me, and I say, No, it is not Ah, if you've got if you've gotten a router from your cable company, look on the robber and see if it isn't using a Web key. Meaning that it's using wept, wept, is still around. Should it be? No.
the older equipment I've already paid for, it's working fine. Haven't had any compromise. People are reluctant to do the upgrade. Big problems.
Week initialization vector on Lee. 24 bit initialization vectors. That wasn't very strong. The ivy being transmitted in clear text well, also used a stream cipher. And if you remember from the cryptography section, we talked about how stream ciphers were very, very fast,
but they were very easy to reverse, which meant they're not as secure.
RC four or within Web RC four was implemented really poorly. We're not gonna go into a lot of details there, but ultimately it wound up sending a challenge encrypted. And if I didn't have the key correctly, my system would send that challenge back decrypted.
So you've got the encrypted challenge and the decrypted
So when you X or those two, it's very easy to determine the key again. Not gonna get into a lot of detail about that, but really bad implementation very easily. Crackle takes more time to open up an application. T crack wept than it does to crack, wept
and back with a 2 to 11 B and perhaps G. That was really the only
Some G devices did support W p. A. But the bottom line was they didn't have to
r W. P. A was stronger, but the thing about w. P. A. Is it was never designed as an end result. It was a quick Band Aid, so it did use a stronger initialization vector. It brought in something also called T kip,
which is temporal key integrity protocol. And so getting away from that static key to having a dynamic negotiation. But it's still used R C four.
Why? Because it needed to maintain back which compatibility with Webb.
But what we were really wanting to get to was W P a. To
and W p A. To goes from that RC four stream cipher toe A s advanced encryption standard, which is a block cipher, which is much more complex to reverse.
CCMP also addressed the key negotiation, but it was more secure than then. Ah t kip. So that was an improvement. Also, W p A and W P A. To both of them gave a support for radius
through a mode called enterprise mode. So when you're configuring, w p a, W P. A. To you, choose personal or enterprise
and enterprise supports authentication through radius server and if you'll recall from our discussion on radius radius is specified by the 812.1 x standard. So if you haven't come to that piece yet it's in the authentication, identity and access management piece
Bluetooth, the best way to secure Bluetooth devices. Turn it off. Discovery mode and automatic peering make this device designed for ease of use as opposed to security. And even though you can turn off Discovery mode, that's a lot like just hiding an S s I d broadcast
It's not really security. It's just hiding it. And anybody who's looking for glue to signal the of the fund. Some attacks Blue jacking, blue snarfing and blue bugging
Blue jacking is spamming. Bluetooth device blew snarfing, stealing information like contacts and so on and blue bugging You don't hear about very much anymore, but very serious attack.
Um, access and phones through the serial connection, which would allow someone to use what's called the 80 command set, goes back to motives and other serial connections. For four months
spent to issue a command set that would actually take over, the phone could be used to dial or other turn on text features or text from a specific phone. So not very desirable activities there.
So what do you do? You turn it off if you're not using, disable it, use it fortunate for turn it off again. Also get rid of all the discovery and all repairing not
as standalone security measures but as part of the layer defense.