Wireless Networking: Part 1
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
15 hours 43 minutes
Difficulty
Advanced
CEU/CPE
16
Video Transcription
00:00
>> For remote networking,
00:00
we started out by looking at dial up.
00:00
Then we looked at tunneling protocols.
00:00
Then the last form of remote networking,
00:00
we'll look at is wireless.
00:00
We're communicating across the airways
00:00
instead of being physically connected.
00:00
Now, when we talk about wireless,
00:00
we're going to focus on Wi-Fi.
00:00
We're going to focus on these wireless network devices
00:00
connecting into our wireless line.
00:00
We'll talk about how that happens,
00:00
as well as looking at
00:00
some security mechanisms to
00:00
protect our wireless communications.
00:00
Now, we know why we need wireless.
00:00
We want to be able to roam,
00:00
I want to be able to move from
00:00
place to place, location to location.
00:00
I don't want to be confined to a cable.
00:00
We want to be able to provide
00:00
that extended access so that
00:00
no matter where I am, you can reach me.
00:00
Sometimes I wonder if that's really desirable,
00:00
but certainly from a business perspective.
00:00
There are lots of benefits to wireless communication.
00:00
However, we've got to
00:00
remember that tossing our data out into
00:00
the air will never be as safe as
00:00
confining our data to a cable.
00:00
We have many more threats that can access data
00:00
that's traversing the airwaves than we
00:00
do when data is physically bound to a cable.
00:00
Now concerns unauthorized access.
00:00
We have a wireless network,
00:00
we've got to be concerned that
00:00
somebody who isn't legitimately on
00:00
our network could access
00:00
the network and then perhaps sniff out traffic.
00:00
War driving is not as popular today,
00:00
but what it used to be is
00:00
>> someone would drive around with
00:00
>> a wireless sniffer and look for
00:00
access points that didn't have strong authentication.
00:00
War walking was just an extension, somebody walking.
00:00
There's even war flying where people use drones.
00:00
But the idea is if you want to find
00:00
where unsecured wireless signals are,
00:00
ask Google, you'll see a map with lots
00:00
of red dots that indicate where unsecure signals are.
00:00
Then another security problem with
00:00
wireless is a man in the middle attack.
00:00
Usually that means someone has set up
00:00
a rogue access point and they've tricked you into
00:00
communicating through the rogue access point as
00:00
opposed to connecting through
00:00
your legitimate access point.
00:00
Now the way we mitigate
00:00
these risks is we look to encrypt our data,
00:00
and we look to require authentication.
00:00
Now when we look at encryption,
00:00
we have three main technologies we can use.
00:00
The column cryptosystems, if you will.
00:00
We have WEP, WPA, WPA2,
00:00
and WPA3 is out now,
00:00
already been broken as well,
00:00
but at any rate.
00:00
Now the first of these is WEP.
00:00
WEP stands for Wired Equivalent Privacy.
00:00
It's like a salesperson who gave it that name
00:00
>> because they were trying to convince us blook,
00:00
>> you're just a secure tossing
00:00
your data into the airwaves as
00:00
you are being bound to a cable.
00:00
We've just said that's not true.
00:00
But it sounds good.
00:00
Wired Equivalent Privacy.
00:00
But the problem is,
00:00
even when WEP was released,
00:00
we knew it wasn't secure.
00:00
We knew it had flaws,
00:00
but it was the best game in town. It was all we had.
00:00
WEP never was really considered strong security,
00:00
but at the time,
00:00
like I said, we had to use what we have.
00:00
There are numerous problems with WEP.
00:00
First of all, you had shared authentication passwords.
00:00
We all knew the password for authentication.
00:00
That's a concern. We had a week initialization vector.
00:00
If you go back to
00:00
the section on cryptography where we talk about
00:00
a weak initialization vector and how important
00:00
that IV is to give us additional randomness,
00:00
having very short initialization vector doesn't help.
00:00
The IV was transmitted in clear text
00:00
and their different ideas
00:00
on whether or not that's a problem,
00:00
but it was transmitted in clear text.
00:00
The biggest problem with WEP probably is that
00:00
it used the RC4 algorithm,
00:00
which is a stream algorithm.
00:00
Stream algorithms are not as secure
00:00
>> as block algorithms.
00:00
>> RC4 was implemented very
00:00
poorly in WEP and it's easily crackable.
00:00
It takes me more time to open up an application
00:00
to crack WEP than it does to crack WEP.
00:00
Now, a quick Band-Aid fix for WEP
00:00
was WPA and WPA stands for Wi-Fi Protected Access.
00:00
What WPA did is
00:00
>> it strengthen the initialization vector.
00:00
>> It's a matter of fact, it went from
00:00
a 24 bit initialization vector, which is what WEP had
00:00
>> to a 48 bit initialization vector.
00:00
>> That's an exponential improvement,
00:00
that's a big deal.
00:00
The second thing it did is
00:00
introduced a protocol called TKIP,
00:00
Temporal Key Integrity Protocol.
00:00
TKIP get around the problem of using
00:00
the same authentication key,
00:00
static key over and over like WEP did.
00:00
Temporal Key.
00:00
Dynamic key negotiation came out with TKIP.
00:00
Those are big steps forward.
00:00
But WPA still used RC4,
00:00
which have big drawback.
00:00
It wasn't until WPA2,
00:00
that we got rid of RC4 and moved from the stream
00:00
Algorithm RC4 to the block algorithm
00:00
AES, Advanced Encryption Standard.
00:00
That was the most significant improvement because AES
00:00
is much more complex to break than RC4 is.
00:00
WPA2 also improved upon TKIP
00:00
>> with a protocol called CCMP.
00:00
>> CCMP is one of those acronyms that
00:00
actually stands for something really long.
00:00
It's something like Cipher Block Chaining,
00:00
message authentication code protocol.
00:00
That's not exactly it. Don't quote me on that,
00:00
but my goodness, it's a long acronym.
00:00
CCMP is fine.
00:00
That's all you need to know.
00:00
That's how we got encryption.
00:00
WEP, WPA or WPA2 and like we said, WPA3,
00:00
there's no reason in today's day and age to use WEP.
00:00
WEP should be gone,
00:00
it shouldn't be an option.
00:00
The same with WPA,
00:00
in enough itself, WPA should be gone as well.
00:00
The only reason you would ever see it
00:00
used is because of backwards compatibility,
00:00
because WPA2 isn't backwards compatible.
00:00
People are hesitant to upgrade
00:00
>> for just security reasons.
00:00
>> They hold on to day-to-day equipment
00:00
and WPA2 may not work.
00:00
We've resolved the issues with encryption.
00:00
The next step is consider Authentication.
00:00
My users need a way to prove who they say they are.
00:00
In a Wi-Fi network,
00:00
when they're connecting into my wired LAN,
00:00
we need to make sure
00:00
that there's consistent authentication,
00:00
that we can control access to resources,
00:00
we can log and monitor.
00:00
Again, consistency is
00:00
the key here and I want to be able to
00:00
set rules for their access to the network as well.
00:00
That's where we come up with a standard
00:00
>> called 802.1X authentication,
00:00
>> 802.1X authentication is going
00:00
to be presented in the next section.
00:00
We'll look at it that. But for
00:00
this section we focused on wireless networking,
00:00
looking specifically at encryption protocols,
00:00
WEP, WPA and WPA2.
Up Next
Instructed By
Similar Content
