Part 15 – Wireless

This section covers the important topic of wireless networking. It's a broad overview of the topic and doesn't dig too deeply into the various protocols and encryption standards surrounding wireless communications. For that, you'll need to check out other study tracks such as CompTIA Security+. We start out be noting that wireless access points without a router component are much like hubs. They bridge the gap from wired to wireless media. A network comprised of a series of wireless cards installed on PCs is what's known as an ad-hoc network. The discussion then moves into the topic of wireless security and the various wireless encryption standards. We also discuss best practices for securing wireless networks. Threats targeting wireless networks are unauthorized access, sniffing, war driving, and "man in the middle" attacks using rogue access points. A basic precaution when setting up a wireless network is to disable broadcast, but keep in mind, this is far from bullet-proof. The strongest layer of wireless defense is data encryption and comes in several generations of progressively stronger standards. WEP or Wired Equivalent Privacy is the oldest, and not surprisingly, the weakest of wireless encryption standards. It's easily crackable and for that reason not a good choice, however, it's far from obsolete. We point out that routers supplied by many ISPs still use it! WPA is a bit stronger than WEP, but it's been comprised for a while now due to its use of RC-4. WPA2 is the strongest of the three and uses AES (Advanced Encryption Standard) which uses a more complex block cipher. There is also an enterprise version of WPA2 that uses RADIUS authentication for additional strength. The video concludes with a discussion of PANs (Personal Area Networks) with Bluetooth being the most popular. As useful as Bluetooth is, it's wide open to a multitude of attacks. Some of which are blue jacking, blue snarfing, eavesdropping and some which can result in a full takeover of your phone! Precautions when working with Bluetooth are disabling auto-discovery along with auto-pairing for a layered defense. Perhaps the best defense is to turn off Bluetooth entirely when not in use!