Wireless

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
4 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
4
Video Transcription
00:00
>> Hi, and welcome to Module 2, Lesson 3.4.
00:00
In this lesson, we're going to discuss
00:00
the wireless environment and some of
00:00
the security aspects of that environment.
00:00
This will be our last lesson in
00:00
the network layer section of this course.
00:00
Our next section, we're going to
00:00
discuss things on the endpoint layer.
00:00
In this lesson though for wireless,
00:00
we're going to discuss basically two main things.
00:00
This is going to be a very quick lesson,
00:00
I'm just going to gloss over some
00:00
of the access and encryption
00:00
things that are appropriate for wireless security.
00:00
Access, we're talking about how
00:00
endpoints actually gain access
00:00
to the wireless environment,
00:00
and an encryption is the type of
00:00
encryption we use within that environment.
00:00
Let's start out with talking about access.
00:00
First thing I want to say as passwords
00:00
can be cracked, everyone knows that.
00:00
A lot of environments unfortunately are configured,
00:00
the wireless environments are configured
00:00
so that if you connect to the SSID,
00:00
you're prompted for a password,
00:00
like maybe your home environment does this.
00:00
If you know the password,
00:00
that's all you need to know.
00:00
You can get on the network
00:00
and you're on their unfettered.
00:00
Well, the problem in a corporate environment or in
00:00
a sensitive organization environment
00:00
that might be fine for home,
00:00
but in a sensitive organization,
00:00
people are going to put
00:00
a sticky note on the wall that has
00:00
the wireless password in it because
00:00
people ask them what it is all the time.
00:00
A lot of times organizations that use
00:00
passwords for wireless have
00:00
the same password across
00:00
all of their wireless environments.
00:00
They may have 50 locations,
00:00
the same password is in every one of those environments.
00:00
If I walk into
00:00
a small strip mall store front for the organization,
00:00
there's probably going to be two
00:00
or three people working there.
00:00
They're going to be a lot less secure
00:00
than company headquarters,
00:00
they may have a sticky note on the wall that
00:00
has the wireless access password.
00:00
If I obtain that,
00:00
I can use that password and go walk into the main lobby
00:00
at the data center or at
00:00
the HQ building of the same company,
00:00
and chances are I'm going to be able to get on
00:00
their wireless environment using the same password.
00:00
Passwords can be cracked.
00:00
It's a weak method of security.
00:00
We should use certificates and
00:00
802.1x in lieu of passwords.
00:00
Like we discussed in our network
00:00
access control module in the previous section.
00:00
The last thing we'll talk about when it
00:00
comes to access is,
00:00
you should think about where
00:00
your access points are positioned.
00:00
Now, a lot of times geography comes
00:00
into play and you don't have a lot of control over it.
00:00
But wherever possible, try to place
00:00
those access points in locations where
00:00
their transmit range isn't going to bleed too
00:00
far into environments that are out of your control.
00:00
For example, if you have an access point
00:00
and you place it by a window,
00:00
half of that radius is going to be inside your building,
00:00
but the other half of that radius is going to
00:00
be in your parking lot.
00:00
Someone can sit in their car in
00:00
your parking lot without ever gaining access to
00:00
your building and try to connect
00:00
to your wireless environment.
00:00
This is called war dialing.
00:00
Think about access point placement as
00:00
you're building out your wireless infrastructure.
00:00
A lot of times there's not a lot you can do about it.
00:00
I know there's situations where you're on one floor,
00:00
you've got someone above you and
00:00
someone below you and there's not
00:00
a whole lot you can do about bleed
00:00
over going into different floors.
00:00
But there's a few things you can do as far as placement.
00:00
Access points have directional antennas,
00:00
so you can point the transmission in certain directions.
00:00
You can also usually tweak the range of certain devices.
00:00
So if you've got a spot in the corner that doesn't have
00:00
good coverage and you
00:00
want to put an access point in that corner,
00:00
at least tweak the range so it
00:00
just covers the corner and it doesn't
00:00
blast through the whole building
00:00
and way out into the parking lot.
00:00
When it comes to encryption, really,
00:00
there's three main types of encryption that are
00:00
out there available when you're setting
00:00
up your Wi-Fi environment.
00:00
The first one is WEP,
00:00
and that stands for Wired Equivalent Privacy.
00:00
Really this was the first
00:00
encryption standard for wireless.
00:00
It's not secure anymore,
00:00
it's pretty easily hacked these days,
00:00
it only uses 128 bit keys.
00:00
Remember when we talked about encryption,
00:00
we talked about the key being secret.
00:00
The more complex the key itself is,
00:00
the more difficult it is to reverse
00:00
engineer that algorithm and
00:00
figure out what the data actually is.
00:00
With WEP, it was cracked long ago.
00:00
Honestly, you shouldn't use WEP at all,
00:00
there shouldn't be any reason to
00:00
use WEP in today's world.
00:00
If you have a device that can only communicate WEP,
00:00
you should really take a hard look at
00:00
changing that device out and
00:00
figuring out if you can live without that device.
00:00
WPA stands for Wi-Fi Protected Access,
00:00
and that's stronger than WEP,
00:00
it uses a 256 bit key.
00:00
But really this one was built as
00:00
an interim replacement for WEP.
00:00
When we figured out WEP wasn't secure,
00:00
there was a mad scramble to get something more secure
00:00
in place and WPA came about.
00:00
It's better than WEP,
00:00
but really there's no reason today we
00:00
shouldn't be using WPA2 for everything.
00:00
In all cases unless there's
00:00
a device that just simply cannot speak WPA2,
00:00
we should always use
00:00
that method because it's the best one out there today.
00:00
It uses AES encryption algorithms,
00:00
which we discussed in the encryption section
00:00
as being the most secure algorithms out there.
00:00
That's really all there is to know about
00:00
wireless encryption for this intermediate course.
00:00
That takes us to the end of the wireless course,
00:00
and it also takes us to the end of
00:00
our section on the network layer.
00:00
Next class we're going to talk about
00:00
the endpoint layer and all of
00:00
the components at that layer in Lesson 2.4.
Up Next