Appendix B. Wireless LAN Security References

Cisco has developed a number of resources that will help you to understand more about the safeguards, best practices, and vulnerabilities that affect WLANs today. Additionally, many public resources that go into further detail are available for review. This appendix lists many resources for WLAN security information. This list is not exhaustive but will provide a strong starting point.

Cisco Resources

This section includes links to Cisco security topics and technologies.

General Wireless Security Information

Cisco Wireless LAN Security Solution: http://www.cisco.com/go/aironet/security

Cisco Aironet Wireless LAN Security Overview: http://www.cisco.com/en/US/products/hw/wireless/ps430/prod_brochure09186a00801f7d0b.html

Wireless LAN Security White Paper: http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b469f.shtml

Cisco-Specific EAP Protocols

Cisco EAP-FAST: Cisco EAP type developed to address “dictionary attacks.” This protocol is used when strong passwords cannot be enforced. http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item09186a00802030dc.shtml

Cisco Wireless (LEAP): Initial WLAN protocol that allows for dynamic key generation and use of EAP to ensure authentication. http://www.cisco.com/en/US/products/hw/wireless/ps430/products_qanda_item0900aecd801764f1.shtml

WEP

WEP is the initial encryption standard utilized by the 802.11 family of standards. The WEP specification is defined in clause 8.2 of the 802.11 standard.

IEEE 802.11 Wireless Local Area Networks: http://grouper.ieee.org/groups/802/11/

WPA

WPA is a Wi-Fi Alliance standard developed to ensure interoperability between vendors to provide a universal security solution.

Wi-Fi Protected Access Overview: http://www.wi-fi.org/OpenSection/pdf/Wi-Fi_Protected_Access_Overview.pdf

WPA2

WPA2 is the successor to WPA and introduces even greater levels of security. WPA2 is based on the IEEE 802.11i standard.

WPA2 page on the Wi-Fi Alliance website: http://www.wi-fi.org/OpenSection/protected_access.asp″

802.1x

802.1x, or Port Access Security for LANs, is the first line of defense for LANs. It identifies a framework of communication (both user and device) for authentication. 802.1x does not define the transport or encryption method.

802.1X - Port Based Network Access Control: http://www.ieee802.org/1/pages/802.1x.html

EAP Types

As part of 802.1x, there are numerous EAP types that define the process for the secure transfer of data. The 802.1x standard mandates only the use of EAP but does not specify how it is implemented. The following RFC will provide you with some of the many versions of EAP types.

RFC 2284, PPP EAP TLS Authentication Protocol: http://www.ietf.org/rfc/rfc2716.txt

Note

Specific subfunctions of EAP help to ensure the identity of the end device. They are Identity, Notification, NAK, and MD5-Challenge. You can learn about them in RFC 2284.

Secure Authentication, Access Control, and Data Privacy on Wireless LANs: http://www.funk.com/radius/Solns/wlan_ody_wp.asp

EAP-SIM: http://www.ietf.org/internet-drafts/draft-haverinen-pppext-eap-sim-16.txt

Vulnerabilities

Vulnerabilities in WLAN have been and will continue to be exploited. The following is a listing of the well-known attacks that exist today.

Paper from the University of California, Berkeley study (2001) that found that the IV (initialization vector), sent in plaintext, will repeat itself over time.

Security of the WEP Algorithm: http://www.gta.ufrj.br/~eric/tese/artigos/wep-faq.html

FMS Attack (Fluhrer, Mantin, and Shamir) explored shortcomings with the RC4 algorithm. WEP does not have a key rotation method, and after 100,000 to 1,000,000 packets, the IV can be broken and the WEP key derived.

“Your 802.11 Wireless Network Has No Clothes”: http://www.cs.umd.edu/~waa/wireless.pdf

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.20.132