Analys och utvärdering av trådlösa nätverk i Kalmar : En säkerhetsundersökning

Eriksson, Per, Wiklund, William, El-Hajj, Elie

January 2010

Syftet med arbetet är att ta reda på hur väl privatpersoner informeras om hur de ska skydda sina trådlösa nätverk och varför. Genom arbetet ska följande frågor besvaras: - Vid beställning av bredband inklusive trådlös router från en bredbandsleverantör: informerar leverantören sina kunder om att det trådlösa nätverket bör säkras upp och varför? - Blir man informerad om säkerheten när man köper en trådlös router i en lokal affär? - Skyddar invånare i Kalmar generellt sett sina trådlösa nätverk? Genom användning av kvantitativa metoder i form av observationer har vi svarat på två av frågeställningarna. En kvalitativ metod användes genom att vi skickade enkäter via e-post till fem bredbandsleverantörer. Resultaten från vår undersökning visar att majoriteten av invånarna i Kalmar skyddar sina nätverk, men att det är vanligast med en svag kryptering. Undersökningen visar att informationen från lokala affärer och bredbandsleverantörer är bristfällig.

Trådlösa nätverk

Attackera

Säkerhet

Kryptering

Avlyssna

WEP

WPA

WPA2

Autentisering

Computer Sciences

Datavetenskap (datalogi)

Zabezpečení bezdrátových sítí IEEE 802.11 / Security of wireless computer networks IEEE 802.11

Škodák, Jaroslav

January 2008

This work describes available and used standards, protocols and mechanisms used to secure IEEE 802.11 wireless networks. In the next section are listed vulnerabilities and possible attacks against different types of security. The principles of individual attacks on authentication, WEP security and WPA/WPA2 personal mode are described and realized using various software especially linux program aircrack-ng. Password for WEP security is obtained by passive eavesdropping data, using ARP replay injection and by creating own frames. The last two methods are used to generate traffic on the network, which is captured and then used to derive the WEP password. By injecting ARP frames, password was found in the number 60 000 captured frames and about 180 000 frames of data was needed for passive method. Decryption of WEP frame was done by fragment and KoreK chopchop attacks. This decrypted frame could be used to create fake frames and obtain WEP password. Brute force attack is realized for security WPA (WPA2) personal mode (often due to lack of strong password) by comparing password (passphrase) from password list. Speed of comparing is about 200 passwords/s.

Perspektivy zabezpečení bezdrátových komunikačních sítí / Security prospects of wireless communication networks

Hráček, Jiří

January 2008

This master thesis deals with all types of wireless networks security – in personal, local, metropolitan and also mobile networks. This work is mostly focused on wireless local area networks (WLANs), which are the most widespread at nowadays. This work describes attacks to the wireless local area network, attackers steps and possible protection against it. Some of these attacks are tested in practical part of this work. In this master thesis there were also designed and created two laboratory exercises. One of them is a simulation in the wireless network using Opnet Modeler application. The other exercise is strictly practical type.

Možnosti narušení bezpečnosti bezdrátové přístupové sítě / Security risks of wireless access networks

Špidla, Milan

January 2009

Master´s thesis „Security risks of wireless access networks“ deals with wireless access networks, which are the most widespread in this time. The main target is realization of attacks wireless access networks protected by various using methods. This thesis shows main securities gaps, which originate from project this networks. These securities gaps are used for realization attacts in practical part. In the next part I took attention of network´s monitoring possibilities.

Zefektivnění zabezpečení bezdrátových sítí / Security Protection efficiency improvement for Wireless Networks

Marušek, Michal

January 2009

Nowadays every wireless radio-communication services encompass huge type of technology used for transfer video, voice or data. Wireless communication is the most expanded branch and many companies are using this technology because of low cost and simply management. The biggest advantage is easy connection to shared wireless medium and allows users of network to move around whole covered area. The most expanded types of wireless networks are called Wireless LAN (WLAN). With rising number of WLANs is rising chance to attack shared wireless medium by hacker and many sensitive information can be stolen or modified. To avoid this chance was created the first security protocol used in WLAN called WEP. Its goal was protect data transmitted trough WLAN as strong as were protected in wired networks. Unfortunately WEP was hiding a big weakness which can be used in a crack of WLAN in a minute with the aid of special software. Example of this kid of software can be Airsnort constructed to monitor shared medium and captured every packet transferred trough this medium. Based on statistical method Airsnort can obtain hidden password in a few minutes. The second type of this software can be Aircrack-ng, which can crack hidden password without any user connected to WLAN. Aircrack-ng uses active techniques to generate network load and can obtain password more effectively and faster. The result of both cases was successful and protection of WLAN was completely cracked. Later was created new security protocol called WPA, which had to fix the cryptography weakness of previous WEP. WPA was only temporary security protocol, during standard 802.11 was developing which had to offer highest security and integrity protection of transferred data trough WLAN. For this reasons was created new version of WPA called WPA2 which satisfy requirements of standard 802.11i. Both protocols WPA/WPA2 contain weakness, which can crash security of WLAN. This crack is based on authentication PSK. Attacker during authentication is using information from four-way handshake between user of WLAN and access point. Based on this information attacker can crack password with the aid of password list attack which took approximately 30 minutes. Based on previous result is important to chose strong password contains alphanumeric string or special strings with satisfy length.

Zabezpečení standardu 802.11 a jeho možnosti / 802.11 standard security techniques and their features

Endrle, Pavel

January 2009

This master´s thesis is about 802.11 standard security techniques and their features. Particular types of this standard and its features are shown in the introduction. Wireless network security cypher alghoritm types, their features, weaknesses and principles of functions are closely described in next few chapters. Realized attacks on these security alghoritms with their principles are described and shown in the practical part of thesis. One chapter is about effectivity, accessibility and practicability valorization of these attacks in practice.

Bezpečnostní analýza WiFi sítí / Security Analysis of WiFi Networks

Butela, Michal

Unknown Date

This document provides overview of commonly used standards and mechanisms for securing the wireless network based on Wi-Fi protocol. It is covering all important security areas including confidentiality, integrity and authentication. We can find here also detailed analysis and description of functionality of listed mechanisms. Description of possible attacks against listed security mechanisms. There is a measurement of influence of encryption to transfer speed in the another section. It's followed by attacks against particular security mechanisms. And finally, description of deployment of central authentication system.

Mapování bezdrátových technologií v terénu s využitím GPS / Wireless Networks Outdoor Mapping with GPS Localisation

Kabátek, Petr

January 2007

This thesis deals with the monitoring of wireless nets in terrain. The author will be browsing terrain and there will be extracted some information about accessible wireless nets. For parameters of wireless nets we consider for example the name of wireless net, signal strength, type of security etc. These parameters (of wireless nets and position) are going to be recorded and saved into the database. Using this database it will be possible to perform some further operations like generation maps of wireless networks or detection positions of access points, etc..

Enhancing Message Privacy In Wired Equivalent Privacy.

Purandare, Darshan

01 January 2005

The 802.11 standard defines the Wired Equivalent Privacy (WEP) and encapsulation of data frames. It is intended to provide data privacy to the level of a wired network. WEP suffered threat of attacks from hackers owing to certain security shortcomings in the WEP protocol. Lately, many new protocols like WiFi Protected Access (WPA), WPA2, Robust Secure Network (RSN) and 802.11i have come into being, yet their implementation is fairly limited. Despite its shortcomings one cannot undermine the importance of WEP as it still remains the most widely used system and we chose to address certain security issues and propose some modifications to make it more secure. In this thesis we have proposed a modification to the existing WEP protocol to make it more secure. We achieve Message Privacy by ensuring that the encryption is not breached. The idea is to update the shared secret key frequently based on factors like network traffic and number of transmitted frames. We also develop an Initialization Vector (IV) avoidance algorithm that eliminates IV collision problem. The idea is to partition the IV bits among different wireless hosts in a predetermined manner unique to every node. We can use all possible 224 different IVs without making them predictable for an attacker. Our proposed algorithm eliminates the IV collision ensuring Message Privacy that further strengthens security of the existing WEP. We show that frequent rekeying thwarts all kinds of cryptanalytic attacks on the WEP.

WEP

IEEE 802.11

IV

WPA

RSN

Wireless Security

Computer Sciences

Engineering

The Phenomenon of Academic Labor in 21st Century Composition: A Heuristic For Textual Study

Robertshaw, Joseph William

02 August 2018

No description available.

Rhetoric

Composition

Rhetoric

Writing

Composition

Higher Education

Contingent Labor

Contingent

Precarity

WPA