Wired Equivalent Privacy som i Wireless Local Area Networks

Stenman, Ola, Kristiansson, Anders

January 2002

No description available.

WLAN

WEP

Datasäkerhet

Wired Equivalent Privacy som i Wireless Local Area Networks

Stenman, Ola, Kristiansson, Anders

January 2002

No description available.

WLAN

WEP

Datasäkerhet

Wardriving : WEP, WPA och WPS inom och mellan städer

Lomvall, Thomas, Klinthammar, Sara

January 2012

Friheten att kunna sitta på balkongen och surfa, chatta, läsa e-post med mera har blivit en självklarhet för de allra flesta, nya spelkonsoler med trådlös teknik gör att spelaren kan interagera mer med handlingen i spelet, personvågar som mäter vikt, BMI och fettmassa och överför denna information till en server trådlöst där användaren kan följa sin viktkurva och så vidare. I stort sett allt som kan vara trådlöst är trådlöst idag. Med de uppenbara fördelarna av att använda trådlös kommunikation och de mängder med nya enheter som stödjer detta så är det ingen nyhet att trådlöst är här för att stanna. Trådlös kommunikation finns överallt omkring oss, men det är inte alltid den är implementerad på ett sätt som sätter säkerheten först. En av svagheterna i att allt fler enheter stödjer trådlöst är att det krävs en viss teknisk kunskap för att konfigurera dessa på ett säkert sätt. Ointresse eller okunskap gör att val av kryptering och lösenord inte prioriteras hos en del användare där funktionen ses som det viktigaste. Idag finns det tre olika krypteringslösningar som är i bruk, alla tre har svagheter som kan utnyttjas. WEP - Wired Equivalent Privacy var den första krypterinslösningen för trådlös kommunikation, som hörs på namnet skulle vara lika säkert som det trådbundna. WEP knäcks snabbt och rekommenderas inte att användas av någon. WPA - Wi-Fi Protected Access anses vara nödlösningen medan arbetet på WPA2 pågick. WPA2 släpptes kort efter WPA och anses fortfarande säker om under vissa förutsättningar, mer om detta längre fram i rapporten. Även om WPA2 konfigureras rätt kan intrång ske om inte administrationsverktygen, som till exempel WPS, är säkra. WPS - Wi-Fi Protected Setup är en lösning för att snabbt och enkelt koppla in nya enheter till nätverk med högsta möjliga säkerhet utan att de som installerar enheterna behöver vara så tekniskt bevandrade. WPS knäcktes så sent som i slutet av december 2011 och kan komma att påverka säkerheten för miljontals användare då alla större tillverkare har någon form av WPS-funktion på sina accesspunkter. Denna rapport beskriver en kartläggning av svagheter, även kallat wardriving, det är ett sätt att undersöka vilka trådlösa nätverk som finns inom ett givet område. Wardriving är på inget sätt ett intrång i någons nätverk, inga data skickas och inga resurser på någons nätverk används. Det enda som sker är att mjukvara söker efter trådlösa nätverk och sparar information som sänds ut.

Wardriving

WEP

WPA

WPS

A Cross-Domain Roaming System: Support and Integration of Heterogeneous Authentication Platforms on the Wireless LAN

Wen, Teu-Shun

27 August 2003

The flourishing development of internet moves the human technology into another new epoch and the rising of the wireless LAN presents the fact which people are freer and more convenient from the unlimited-space using the internet. More and more equipments can support the mobile device of WLAN. By reducing the cost and its good points of easy-building. Lots of hotspots, for instance, caf顦s, airports, train stations, schools and companies are widely deployed and positive to construct WLAN. How to provide people a simple, easy, and quality environment of WLAN becomes an important issue from the viewpoints of user. When WLAN had been discussed, it was only a simple LAN environment. Before it has been promoted by the manufacture, the mobility and security were not been measured and instituted. All the products from different suppliers and the promotion of wireless internet in school are difficult to be united. By the fact of this, in order to make the resource of internet more flexible and expandable and make internet can be used in wide-ranging and more convenient way, this article draw up a plan and structure of Cross-Domain Roaming System and security control. Besides, our system can support and integration of heterogeneous authentication platforms on the WLAN.

SSO

Roaming

IEEE802.1x

Radius

WEP

Zabezpečení bezdrátových sítí a možné útoky na tyto sítě / Wireless networks security and possible attacks on these networks

Vlček, Peter

January 2010

The first of the main objectives of this work was to examine and study the different types of attacks on wireless networks. This work is focused on the most commonly occurring types of attacks such as WEP/WPA/WPA2 cracking, a Man in the Middle attack (MIM), Dictionary attacks, MAC spoofing and finally Denial of Service attacks. Description of individual attacks is also accompanied by detailed instructions on how to carry out these attacks on the Windows platform. It is described how to detect various attacks and identified. It is then implemented software that is able to identify possible risk of selected types of attacks. This software belongs to a group of wireless intrusion prevention system (WIDS). It focuses on attacks WEP/WPA/WPA2 type of cracking, Dictionary attacks and MAC spoofing. For the implementation of defense against attack by a Man in the Middle (MIM) and Denial of Service attack would need special monitoring equipment.

attack; WEP; wireless security; WPA

[pt] ANÁLISE DE DESEMPENHO DE REDES IEEE 802.11B UTILIZANDO MECANISMOS DE SEGURANÇA / [en] PERFORMANCE ANALYSIS OF IEEE 802.11B NETWORKS BY MEANS OF SECURITY MECHANISMS

SERGIO HENRIQUE SIRUFO

19 December 2005

[pt] Enquanto o uso das WLAN cresce em ritmo acelerado, inúmeros problemas relacionados à tecnologia de segurança, definida no IEEE 802.11b, têm sido abordados em publicações técnicas, apontando deficiências e vulnerabilidades, através dos quais indivíduos não autorizados podem ter acesso às informações disponibilizadas pela rede. A precariedade na autenticação, confidencialidade e integridade dos dados dos mecanismos internos do Padrão IEEE 802.11b exige a operação conjunta com o Padrão IEEE 802.1x. Esta combinação possibilita a autenticação e criptografia dos dados de forma mais eficiente e confiável. No entanto, é possível que haja sobrecarga de pacotes, devido à inserção de tráfego extra para autenticação dos usuários e criptografia das mensagens, podendo ocasionar comprometimento na performance da rede. Desta forma, avaliou-se qual a efetiva degradação no desempenho das redes IEEE 802.11b, devido à implementação dos mecanismos de segurança, sejam eles intrínsecos ao Padrão ou combinados com o Padrão IEEE 802.1x, utilizando os protocolos FTP (File Transfer Protocol) e HTTP (Hipertext Transfer Protocol). / [en] Meanwhile the use of WLAN grows in accelerate pass, a large number of problems related to the security issues in the IEEE 802.11b have been discussed in technical papers, pointing vulnerabilities and deficiencies, from where a non authorized access to the informations passing on the network could be possible. The lack of strong solutions in authentication, confidentiality, and integrity of the data in the internal mechanisms of the protocol IEEE 802.11b, demands to operate in conjunction with the protocol IEEE 802.1x. Therefore it is possible to get authentication and cryptography in a efficient and trustful manner. The amount of extra packets, inserted for authentication and cryptography of the messages, could have a negative impact in the performance of the network. A experimental measurements of the degradation of the network throughput, when the mechanisms of IEEE 802.1x are used, were done and presented here.

[pt] WLAN

[pt] TLS

[pt] EAP

[pt] WEP

[en] WLAN

[en] TLS

[en] EAP

[en] WEP

Evaluate Security on the Internet Cafe

Akinola, Azeez Paul, Zhang, Chong

January 2013

Internet security (Network security) is a big topic that is very important in our society communication system, but it is extremely dynamic and wide in scope. This is the reason that many companies and organizations invest heavily in a dedicated infrastructure security and highly trained specialists.The aim of security monitoring and preventing the network from cyber threats requires vigilance over the network equipment. The case study of this thesis is to provide the possible solution to the problems encountered by the namely network users such as: Internet Game Center (Centrum Halmstad, Sweden) and, the Blueville Internet Cafe (Ede, Nigeria).Our research and information collected over the telephone and a visit at the nearest office. We concluded that both companies mentioned above experienced similar cyber threats. The two companies have internal and external threats such as accessing the network via ssh by using it brute force attack, network war-driver, the installation of spyware, password sniffer, viruses, SQL injection and PHP attacks (web attacks) on the networks. The cyber threats virus and spyware are among the big internet threat to users, organization and companies.We carry out experiments in the lab to tests for threats such as brute force (ssh) attack, password sniffer and war-driver in the Wireless environment. From the results, we are able to the select WPA2 using 802.1x as the best possible way to limit and reduce the strength of cyber-attacks, and as a suggested solution to the namely café problems in our report. We also list different suggestion and solution to the cyber café attacks from our research papers and information gathers from different sources such as library, internet, seminar and textbooks.

network security

WPA/WPA2

WEP

WIFI

BACKTRACK

CRACKING

Security in wireless networks : Vulnerabilities and Countermeasures / Säkerhet i trådlösa nätverk : Sårbarheter och motåtgärder

Larsson, Josephine, Waller, Ida

January 2003

The market for wireless networks has increased over the years, more and more organizations implement this technology. The need to work flexible, convenient and cost-effective are three reasons for the technology’s raised popularity. The use of wireless networks has exposed new aspects of network security. The information is no longer dependent on wires because it can be transmitted trough radio waves instead. The exposure of information increases, therefore also the vulnerabilities. This leads to more security problems related to the exposure of the transmitted information. It is difficult to understand the importance of network security and why to invest resources for it. Investing in security can lead to lower costs in the long run, because incidents can be perceived before it is too late. This thesis will describe why it is important to perform a risk assessment before developing a security policy. One of the reasons for having a security policy is to clarify the responsibilities for the network security to raise understanding for security within the organization. Other motive is to define how the information should be protected when transmitted in the wireless network. For example, by using the IEEE standard protocol (WEP), which may not be the best encryption solution. For organization that handles sensitive information it is important to be aware of the security problems that exist and to prevent the security risks. A case study was performed at several county councils in Sweden. The reason for this was that county councils handle sensitive information. The case study’s main purpose was to evaluate the level of knowledge about wireless security at county councils.

Wireless networks

Security

Security policy

WEP

Computer Sciences

Datavetenskap (datalogi)

Bezpečnostní analýza bezdrátových sítí / Wireless networks security analysis

Szőcs, Juraj

January 2010

This master’s thesis deals with analysis of security in wireless networks. There are desc- ribed various methods of security systems, such as WEP, TKIP and CCMP. There is also realization of attacks against the wireless network and there is analysis of security weaknesses. Then there are discussed possible defense mechanisms. Part of this work was also analysis of local security in certain areas and evaluation of their security.

Analýza šifrovacích algoritmů ve standardu 802.11 / Analysis of Cryptographic Algorithms 802.11

Vojtíšek, Jindřich

January 2014

This work deals with wireless standard 802.11, primaly about security algorithms used in them. Further there is made analysis of algorithms WEP, WPA and WPA2. This algorithms are described how coding by them works and for easier understandig are added block schemes of their principles. In practical part is realized algorithms WEP, WPA and WPA2 in program Matlab simulink. Model is complemented by graphs which shows how data changes when comming throught this systems.