Time
31 hours 29 minutes
Difficulty
Beginner
CEU/CPE
30

Video Description

WAP Settings This lesson covers how Wireless Access Point (WAP) settings contribute to a secure WiFi network. Within the WAP settings are the Service Set ID (SSID). This is the name used by WAP and it can be made more secure by turning off broadcast and changing the name from default to safeguard information. Also within the WAP settings is the Dynamic Host Configuration Protocol (DHCP) which leases IPs to end clients. Disabling DHCP makes it harder for people to connect to a wireless network since they cannot come up with a valid wireless IP range. Media Access Card (MAC) filtering is also a way to make WAP settings more secure. Each Network Interface Card has a MAC and using filtering allows only devices that are on the Access Control List (ACL) to connect. In addition to these methods, it is also important to check log activity to see if there is anything out of place, and learn it all in this lesson about WAP settings.

Video Transcription

00:04
So let's take a look at some more of the features of our wireless access point that we can modify in order to help our security staining.
00:11
Now
00:12
one of the most noticeable features of a wireless access point. Maybe it's S s I d Now on S S I d. Stands for our service set. Identify air. And this is what we see when we open up our computer and we see what wireless networks are available in our area. And it brings us up that giant list or small list or
00:31
non existent less depending on where Rhett,
00:33
of names of wireless access points that we could potentially connect to.
00:37
Now,
00:39
this is the name that identifies our wireless access point put router up here, but it's the name that identifies our wireless access point. So our service said, identify WR.
00:49
We, at the very least, want to change this from the default. A lot of times when you get a wireless access point, the service said, identify will be something that could very easily lead someone to know what type of rather we have,
01:02
whether it is a router provided by in an Internet service provider. If It's a router provided by that we went out and bought from 1/3 party. Whichever the case may be. A lot of times the service said, identify air is something maybe, like link Sis 369 or,
01:18
uh,
01:19
a sonic wall. 456 Then we don't want somebody to say, Oh, look, this is a lynx. This router, it has a W p a to enable. But let me see if I can go online and I could look up the default administrative user name and password. Here we go. We got the whole list of them easily available online.
01:37
Let's see if I can find out what the model is of this. Oh, yeah, here we go.
01:41
Now, let's try this log in. It worked now, man. And now I can change whatever settings I want into this wireless access point. So we need to understand that service set identifies the S s I. D. The name of our wireless gives away a lot more information. If it's not set from its default, then we really wanted to
01:57
and let somebody know that there's a wireless network available that they can try that they can try to get into
02:02
and let somebody know if it's at the default, potentially who the manufacturer is and what make and model the wireless access point ISS. This gives people clues as to what the default log in. Maybe for this wireless access point or what vulnerabilities there may be out in the wild for this wireless access point.
02:20
So these are things that we don't really want people outside of our network knowing.
02:23
So we at the very least want to change this from the default. And if we have a wireless access point set up in our network where we're managing, who can connect to it, we may want to turn this off completely on what this is referred to as turning off SS. I'd be broadcast when we turn off SS. I'd be broadcast where
02:43
telling our wireless access point,
02:45
don't go out screaming your name to everybody. We don't want people to know that you're here because everybody that knows that you're here, we can make way already. Know your S s I d. When? When you connect to that, when you connect to the wireless access point or when we have a new user needs to connect to the wireless access point,
03:01
we create a new connection to a wireless network
03:05
we enter in the s s I d. And we enter in any other information whether it be the pre shared key or the information, the credentials to connect to the network. And our computer says, Oh, hey, there is There is a wireless access point with that S s I d. It's just not broadcasting its name. And now I can connect to it. And now I'm in.
03:23
So just because we turn off the SS, I'd be broadcast.
03:27
Doesn't mean we can't connect to the wireless access point we can. We just need to know the s s i d.
03:31
Now
03:34
this can be circumvented by people who know how to find essentially sniff the air for available wireless access points on search for authentication, handshake packets being sent back and forth and say Okay, well, here's the SS. I'd be of this. This wireless access point is just not being broadcast.
03:53
So this isn't a fail. All this isn't a all in one security method. You can just have an open wireless with the S S I d broadcast turned off
04:00
not at all. But it's an additional layer to our security onion that we have
04:06
That is our wireless access point. So consider turning off your S S I d broadcast. And at the very least, change your s s i d from the default.
04:15
Next, we have D h c p d h cp we've talked about before stands for Dynamic Host Configuration protocol and D H cp is what leases out i p addresses to in clients. So when someone connects to our wireless access point and they request an I P address that is compatible with our network, that will allow them to talk with other devices on our network.
04:34
All right, let's access point may have the A C P enabled it may say. OK, here you go. Here's what. Here's I P address.
04:42
Now, if we are trying to secure and locked down our wireless access point, we may want to turn off. We may want to disable D H cp over devices connecting to a wireless access point. Well, why would want to do that? You say we wouldn't be able to connect to a network, we wouldn't have an I P address. Well, weaken statically set those wireless I p addresses.
05:00
And by statically setting the i P addresses in disabling the HCP,
05:04
it makes it a bit harder as another layer to our security onion.
05:10
It makes it a bit harder for people, even if they are able to connect to our wireless access point. Now, wireless access point looks at them asses. All right, what do you want to do now?
05:17
Because they don't have an i p address
05:20
this person. Whoever that is connecting to a wireless maliciously now needs to Somehow it'll eat through our network, start guessing an I p addresses and see if they can figure out what network there on. See if they can figure out what a valid I P address range would be so they can start talking to other devices on our network.
05:40
Um,
05:41
if we hand somebody out an I p address with a sub net mask, they now know what the I p ranges. So they only have to scan that small I p address range. If which may be
05:53
as small as a couple dozen I P addresses, they would have to scan or maybe 255. I p addresses or more, but it may not be that it'll probably most be a couple 100 I p addresses that they have to scan
06:06
if they don't know what the i p address, it ranges that opens up the possible. The possible i p address range too
06:14
many, many more thousands at the very least, many, many more 1000 I p addresses. So it's a lot more that it's a lot more work that we have to make b make the attacker do. And if we make our network a lot of work for the attacker, if they're not persistent, they'll just go find an easier network because they are out there so
06:31
way. Want to make our We want to make our network harder to break into than the guy next door because of the guy next, because then they'll just go for the easier Network if they don't, long as they're not trying to target us for some specific reason.
06:44
So
06:45
we may want a disabled the HCP and just statically a sign I p addresses to clients that we know we're going to be connecting to our wireless access point again, not a fail safe security method like encryption would be but another layer to our security.
07:01
So
07:02
we have our society broadcast disabled. We have our D H CP turned off. What's the next thing we want to do? The next thing we want to do is look at Mac filtering
07:13
every device Hasn't every device that connects to a network needs to have some sort of network interface card. Whether it's a wired network interface card or wireless network interface card, we'd have some sort of way to interface to talk to a network.
07:27
So we have a we have Ah, Nick, A network interface card
07:31
and every network interface card has a globally unique Mac address, a media access control address. So it is a globally unique address that is assigned to network interface cards for when they connect to networks. Remember from our earlier sessions. Mac addresses are later, too
07:49
addresses their physical addresses.
07:51
They're not I p addresses, so because they're later two addresses, they need to be globally unique. We don't want him. We don't want to have multiple devices in and when in the network with the same Mac addresses. So manufacturers attempt to the best of their ability to make sure every device in the world has a different Mac address.
08:09
So
08:11
we have a device. We have a wireless laptop that is a legitimate laptop
08:16
that we want to allow to connect to a wireless access point.
08:24
Well, our laptop has a wireless card
08:28
which, even though it's wireless, has a media access control address. It has a Mac address that was hard encoded into it when it was manufactured by whoever manufactured wireless network card.
08:41
So
08:41
when our laptop, when our wireless laptop tries to communicate with the with the wireless access point and starts trying to negotiate a session,
08:52
the Wild the Wireless Access Point sees the Mac address. It sees the media access control address that's coming from this network interface card.
09:01
What Mac filtering does is it allows us to create something called an access control list, which is a list of allowed Mac addresses to connect to us and then say anyone who is not. This Mac address is not allowed to connect to this wireless access point.
09:18
So the wireless access point says, Okay, I'm getting a request to connect from this Mac address. Let me see if this Mac address is in my list is in my my ankle. My access control list. Oh. Yep, Here it is. This isn't approved Media Mac address to connect to me, you're allowed in.
09:37
Then we have a another laptop,
09:39
maybe say we're using. We're using a pre shared key on this wireless access points the B p a. To appreciate key. But
09:48
someone went and they wrote appreciate it key on a sticky note because they kept forgetting it. It fell off their laptop in the parking lot.
09:54
Someone wrote about
09:56
found them, found the sticky notes that ah ha
09:58
I can get into this network
10:01
so
10:03
they see our wireless access point. They're doing some work because we had our society broadcast turned off, so they had to do some work, and they say, Okay, this is known as this. I d. Let me connect to this with appreciated key.
10:15
Well, this laptop also has a network interface card with a completely different Mac address.
10:22
So it's going to try to connect.
10:24
And this wireless access point is goingto Internet through its list and say,
10:28
this Mac address hasn't been my access control list. You're not supposed to connect to me you're not allowed, you're blocked
10:35
and more than likely will. Also. Hopefully, we'll also have a log set up that says that we had an attempted connection from a non, not allowed Mac address so we can audit that later and say, OK, who was this guy or gal or whoever attacked her? Computer
10:50
computers don't have genders.
10:52
So
10:54
we have this. We have this computer that does not have a Mac address on our access control list, trying to connect to our access to our wireless access point. And we block it because the Mac address is not on our acts on access control list. We've saved the network where heroes, right?
11:11
Well,
11:13
yes, right now.
11:15
But no, because Mac addresses can very, very easily be spoofed.
11:20
There's a lot of software's of different software is available. There's entire operating systems that are designed around penetration, testing and designed around trying thio test vulnerabilities and get into networks that have
11:37
utilities that very easily say, Oh, okay, what do you want your Mac address to be today?
11:43
And then you essentially, as your network interface cards starts broadcasting packets, it's going to spoof an I P address. So all this person has to do is when they see that. Okay, so my Mac address it and work. It didn't let me connect. What I'm gonna do is I'm just gonna sit here and I'm going to listen
12:03
and I'm goingto listen and watch the
12:05
packets that are going through the air. And then, as I see certain Mac addresses going across, I'm gonna say, Oh, a cz. I see an authentication happen, I'm going to say, Oh, look, there's a Mac address that was allowed to authenticate. I'm gonna take that Mac address I'm going to. I'm going to spoof it as my own Mac address,
12:24
and now I'm going to try to reconnect
12:26
with this appreciate key I found with my Mac address spoofed as this computer right here.
12:33
And so when I try to connect the wireless access point will say, Oh, hey, there you are. You're on my list, you're allowed to connect, and we're gonna have a problem.
12:41
We've now had an intrusion into our network.
12:45
Some we do have some capabilities were while where we do have the ability to set up security in ways
12:52
on certain advanced wireless access point certain advanced Mac filtering that will say, Oh, wait, this Mac addresses already connected. Right now you shouldn't be. You shouldn't be re authenticating. I don't need to be handing you a different I p address. We may have conflicts and alerts and alarms that are raised when something like that happens. Maybe at certain times of day,
13:13
we have access control lists that say that, say that these we shouldn't have.
13:16
We should only have this computer connecting between the hours of 7 a.m. and seven PM at most. If it's outside of those hours or if it's on a Sunday, then something's weird here. So there are additional, more granular security settings that we can have four Mac filtering. But
13:35
just the general idea that we need to make sure that we understand is that it's not again. It's not a foolproof method. It's not 100% secure because Mac addresses can be smoothed. And if we have that pre shared key, we have that S s I D, and we've spoofed the Mac address, Then we have a very strong chance of getting a connection.
13:56
So it all goes back to probably our one and only really strong
14:03
top security setting for our wireless access point is, it's encryption method is it is. It's key and it's a way that it authenticates us because other than that,
14:13
if we have unauthentic ation method, if we're able to authenticate ourselves to this wireless access point Ah, lot of the other layers of our sick of our security onion convey very easily be pulled away with enough persistence and a enough of an advanced attacker, we can we can get past a non broadcast S s I d.
14:33
We can get past a d h c p.
14:35
That is being that has turned off. We can get past Mac address filtering. So be aware of all of that. Be aware that not all security methods are 100%. So you do need to have logs enable You do need to be checking your logs and look for unusual activity on your wireless access point on your network.
14:54
So thank you for joining us here today on cyber. We got I t. Today. We talked about a lot of the different methods that we can use in order to secure our wireless access points in order to secure a wireless network. We talked about things such as our encryption. Our device placements are device signal Strengths are Mac filtering our D h C P. R s I. D.
15:15
A couple of different settings and a couple of different
15:16
concepts for wireless access points for wireless networks that we need to make sure that we're utilizing in order to keep them secure. Then just this closing. We need to remember that despite all of these methods, there's always ways that they could be overcome. People can see a lot tops and then use them and use
15:37
actual cards to authenticate users and connect to our wireless access points. We can have people that write down appreciated keys and drop them in the parking lot by accident, and we have someone pick them up. We can have Mac address spoofing. We can have people that scan the airwaves and try and pull on S s I d. Even though it's not being broadcast so things can happen.
15:56
No security is 100%
15:58
fail. Fail safe. No, security is 100% foolproof. So probably the most important aspect of any security standpoint is you is the person who's managing that access point. Make sure you have logs set up. Make sure you look for unusual activity. You can't just set up. You can't just set up a device
16:18
and then expect that it's going to be secure for all of us
16:21
forever because new threats come out every day. So keep an eye out. Keep keep your ear to the ground and watch your logs and look for any unusual activity because that if anything, is going to be one of your best. And one of your most useful security tactics is actually looking for activity on your network, which isn't supposed to be there. So
16:41
we thank you for joining us here today, and we hope to see you here next time for our next video
16:45
on cyber.

Up Next

CompTIA Network+

This CompTIA Network+ certification training provides you with the knowledge to begin a career in network administration. This online course teaches the skills needed to create, configure, manage, and troubleshoot wireless and wired networks.

Instructed By

Instructor Profile Image
Anthony Harris
Systems Analyst and Administrator at SAIC
Instructor