Time
31 hours 29 minutes
Difficulty
Beginner
CEU/CPE
30

Video Description

Common Threats, vulnerabilities and mitigation techniques This lesson covers common threats, vulnerabilities and mitigation techniques. One of the wireless threats is WAR driving. WAR driving is when someone drives around looking for an unsecured WiFi network with the intention of breaking in to access confidential and important information. This can be prevented via strong wireless security such as using strong wireless encryption on networks. Another threat is WEP/WPA cracking. This is when weaknesses in the encryption key could allow cracking into WiFi.

Video Transcription

00:04
hi and welcome to Sigh Bury. My name's Anthony and I'm your local subject matter expert for Network Plus And today we're gonna be talking about common threats, vulnerabilities and mitigation techniques. So we're talking about different types of common threats and vulnerabilities that we need to be on the lookout for our first
00:20
topic that we're gonna talk about is our wireless threats and vulnerabilities.
00:24
One of our first wireless threats is something called war Driving. Now, when we're talking about war driving, we're talking about someone who is driving around looking for unsecured or poorly secured wireless access networks, wireless access points, WiFi networks that they can connect into through just their vehicle when they're driving around on the road.
00:43
This allows someone to drive around, find your wireless access point,
00:46
connect to it and then be in your network. And they could just sit in their car and they can try to attack other machines on your network. So how do we mitigate this? How do we prevent someone from just driving down the street trying to connect into and break into our wireless? Well, this is something where we need to just implement strong wireless security
01:06
we can't. We can't prevent people from driving down the road. We can't prevent people from being in public areas in their vehicles.
01:11
So we need to make sure that we're implementing strong wireless security, having a strong encryption on our wireless networks, changing the default SS, I'd be turning off the S S I d broadcast changing the device placement, changing the signal strength so that it does not exceed outside of our building and does not see exceed out onto the road.
01:30
So all of these different typical wireless security measures that we've talked about,
01:34
we need to make sure that we're implementing them to prevent someone from just being able to drive down the road and connected to our wireless.
01:42
Next. We have war chalking now. War chalking is similar to a war driving except war. Chalking is more of a open source. Wireless open source. Let's find open wireless networks. Initiative we're talking is when someone is able to find out the
02:00
name and key of your network
02:02
or able to find out that you have an open wireless network. So outside of your business outside of your home, they essentially just go on the sidewalk or they go on the side of the building and they draw symbols that indicate that you have an open wireless network or you have a wireless network. And here's what the key is
02:21
This opens up all sorts of threats because even if the person who did this wasn't malicious, even if they did it
02:25
as just a way of letting other people know that there's a wireless network that they can connect to in the vicinity, someone may come along later who is doing something malicious and may use that knowledge in order to connect into our wireless. So again, we need to make sure that we're implementing strong wireless security, that we're making sure that
02:43
we don't have the open wireless is or they don't they don't exceed outside of our building, so people aren't able to connect to them on the outside
02:51
that we have. Check our logs and we check and see if there's any unusual activity connecting to a wireless network. And, you know, maybe once in a while we want to take a walk around our business and see if there's any unusual cha kings or any unusual symbols that have been drawn outside of our location. That may indicate some of this war chalking going on. So war driving,
03:09
someone driving around, looking for a open wireless access points and war, chalking someone who is
03:15
just walking around in his noting near your business or near yer near your home, that there is a wireless access point that can be connected to and the next we have wept and W p a. Cracking now Wet and w p a cracking is taking a wireless network that is secured with an encryption and is secured with a key
03:34
and then trying to find a vulnerability, either in the encryption or the key that allows us to break into it. Anyway.
03:39
We've talked about already. How wet is a flawed encryption? Which means that no matter how strong your key is, no matter if you had a 32 character key for your Web password, it doesn't matter. It's just a CZ week is having a one character, password or password. This is password
03:59
because WEP is a flawed encryption. If enough caps, if enough of the packets that are being sent between ah wireless access point and a client are captured by someone they can very easily with very easy to get tools.
04:13
Find out what your password is through those captured packets. So Webb is a flawed encryption. It's not a weakness in your key. It's a weakness in the inherit encryption of weap. That's why we've introduced further encryptions. That's why we've introduced Debbie P. A and W P. A. To
04:31
W. P. A. To can also be cracked. Eso We need to make sure that now W p. A. Two is a bit as a bit more difficult and takes a bit more time than wept. But we also need to make sure that we're that W p a R W p A. Networks. We have very, very strong ki on them
04:49
or, if at all possible, we moved to W P. A. To
04:54
now Debbie P. A. To and W P. A. R
04:59
really. Only Justus strong as the key that we give them. If the password for our wireless network is password, then it's not going to take people along a long time to guess what our wireless network password is. If a password is that if RS society in the default password of our device is the same is when it came out of the box.
05:17
It also will not be very hard for someone to connect into our network.
05:21
So in order to avoid wet in W. P. A cracking, we want to implement, if at all possible w p a. To with a very, very strong KI or using the B p A to with secured by 802.1 x with radius authentication. We talked about
05:40
the 82.1 x and radius authentication a little bit in our previous module,
05:44
but essentially with a 22.1 x and radius authentication. We're not using the same pre shared key for everybody to connect into our wireless with a 22.1 X and radius were actually using device and user authentication onto our Triple A server onto a radius server
06:02
in order for it to authenticate with the Radius server and then let the wireless access point know that this person is able to authenticate.
06:09
This makes the most out of our the strength in the W. P. A. To encryption, and it makes the most out of being able to have users authenticate and by making sure that all of our users are required to have strong passwords were even making it. We're making our mental networks even more and more secure
06:26
and protecting ourselves against this weapon and W P A cracking.

Up Next

CompTIA Network+

This CompTIA Network+ certification training provides you with the knowledge to begin a career in network administration. This online course teaches the skills needed to create, configure, manage, and troubleshoot wireless and wired networks.

Instructed By

Instructor Profile Image
Anthony Harris
Systems Analyst and Administrator at SAIC
Instructor