Saturday, February 14, 2009

One of my student just copy paste everything from here for their wireless assignment.. got u! :P

http://technet.microsoft.com/en-us/library/bb457019.aspx

2.4GHz vs. 5GHz Deployment Considerations

When deploying a wireless LAN, companies must make a decision on whether to use network interface cards (NICs) and access points designed to operate in the 2.4GHz or 5GHz band (or both). Not too long ago the choice of frequency band was easy, when only 2.4GHz (i.e., 802.11b) products were available. Now, 802.11b and 802.11g products are both available that operate in the 2.4GHz band, while 802.11a use the 5GHz band. This can cause confusion when designing a WLAN, so let's take a look at what you need to consider when making this critical resolution.

http://www.wi-fiplanet.com/tutorials/article.php/1569271

Sunday, February 8, 2009

Wireless threats, vulnerabilities and solution

Wireless networks broadcast their packets using radio frequency or optical wavelengths. A modern laptop computer can listen in. Worse, an attacker can manufacture new packets on the fly and persuade wireless stations to accept his packets as legitimate.
The step by step procerdure in wireless hacking can be explained with help of different topics as follows:-

1) Stations and Access Points :- A wireless network interface card (adapter) is a device, called a station, providing the network physical layer over a radio link to another station.
An access point (AP) is a station that provides frame distribution service to stations associated with it.
The AP itself is typically connected by wire to a LAN. Each AP has a 0 to 32 byte long Service Set Identifier (SSID) that is also commonly called a network name. The SSID is used to segment the airwaves for usage.

2) Channels :- The stations communicate with each other using radio frequencies between 2.4 GHz and 2.5 GHz. Neighboring channels are only 5 MHz apart. Two wireless networks using neighboring channels may interfere with each other.

3) Wired Equivalent Privacy (WEP) :- It is a shared-secret key encryption system used to encrypt packets transmitted between a station and an AP. The WEP algorithm is intended to protect wireless communication from eavesdropping. A secondary function of WEP is to prevent unauthorized access to a wireless network. WEP encrypts the payload of data packets. Management and control frames are always transmitted in the clear. WEP uses the RC4 encryption algorithm.

4) Wireless Network Sniffing :- Sniffing is eavesdropping on the network. A (packet) sniffer is a program that intercepts and decodes network traffic broadcast through a medium. It is easier to sniff wireless networks than wired ones. Sniffing can also help find the easy kill as in scanning for open access points that allow anyone to connect, or capturing the passwords used in a connection session that does not even use WEP, or in telnet, rlogin and ftp connections.

5 ) Passive Scanning :- Scanning is the act of sniffing by tuning to various radio channels of the devices. A passive network scanner instructs the wireless card to listen to each channel for a few messages. This does not reveal the presence of the scanner. An attacker can passively scan without transmitting at all.

6) Detection of SSID :- The attacker can discover the SSID of a network usually by passive scanning because the SSID occurs in the following frame types: Beacon, Probe Requests, Probe Responses, Association Requests, and Reassociation Requests. Recall that management frames are always in the clear, even when WEP is enabled.
When the above methods fail, SSID discovery is done by active scanning

7) Collecting the MAC Addresses :- The attacker gathers legitimate MAC addresses for use later in constructing spoofed frames. The source and destination MAC addresses are always in the clear in all the frames.

8) Collecting the Frames for Cracking WEP :- The goal of an attacker is to discover the WEP shared-secret key. The attacker sniffs a large number of frames An example of a WEP cracking tool is AirSnort ( http://airsnort.shmoo.com ).

9) Detection of the Sniffers :- Detecting the presence of a wireless sniffer, who remains radio-silent, through network security measures is virtually impossible. Once the attacker begins probing (i.e., by injecting packets), the presence and the coordinates of the wireless device can be detected.

10) Wireless Spoofing :- There are well-known attack techniques known as spoofing in both wired and wireless networks. The attacker constructs frames by filling selected fields that contain addresses or identifiers with legitimate looking but non-existent values, or with values that belong to others. The attacker would have collected these legitimate values through sniffing.

11) MAC Address Spoofing :- The attacker generally desires to be hidden. But the probing activity injects frames that are observable by system administrators. The attacker fills the Sender MAC Address field of the injected frames with a spoofed value so that his equipment is not identified.

12) IP spoofing :- Replacing the true IP address of the sender (or, in rare cases, the destination) with a different address is known as IP spoofing. This is a necessary operation in many attacks.

13) Frame Spoofing :- The attacker will inject frames that are valid but whose content is carefully spoofed.

14) Wireless Network Probing :- The attacker then sends artificially constructed packets to a target that trigger useful responses. This activity is known as probing or active scanning.

15) AP Weaknesses :- APs have weaknesses that are both due to design mistakes and user interfaces

16) Trojan AP :- An attacker sets up an AP so that the targeted station receives a stronger signal from it than what it receives from a legitimate AP.

17) Denial of Service :- A denial of service (DoS) occurs when a system is not providing services to authorized clients because of resource exhaustion by unauthorized clients. In wireless networks, DoS attacks are difficult to prevent, difficult to stop. An on-going attack and the victim and its clients may not even detect the attacks. The duration of such DoS may range from milliseconds to hours. A DoS attack against an individual station enables session hijacking.

18) Jamming the Air Waves :- A number of consumer appliances such as microwave ovens, baby monitors, and cordless phones operate on the unregulated 2.4GHz radio frequency. An attacker can unleash large amounts of noise using these devices and jam the airwaves so that the signal to noise drops so low, that the wireless LAN ceases to function.

19) War Driving :- Equipped with wireless devices and related tools, and driving around in a vehicle or parking at interesting places with a goal of discovering easy-to-get-into wireless networks is known as war driving. War-drivers (http://www.wardrive.net) define war driving as “The benign act of locating and logging wireless access points while in motion.” This benign act is of course useful to the attackers.
Regardless of the protocols, wireless networks will remain potentially insecure because an attacker can listen in without gaining physical access.

Tips for Wireless Home Network Security

1) Change Default Administrator Passwords (and Usernames)
2) Turn on (Compatible) WPA / WEP Encryption
3) Change the Default SSID
4) Disable SSID Broadcast
5) Assign Static IP Addresses to Devices
6) Enable MAC Address Filtering
7) Turn Off the Network During Extended Periods of Non-Use
8) Position the Router or Access Point Safely

http://www.insecure.in/wireless_hacking.asp

List of Wireless Certification

CISCO

http://www.cisco.com/web/learning/le3/learning_career_certifications_and_learning_paths_home.html

1. CCNA Wireless Certification

Cisco Certified Network Associate Wireless (CCNA® Wireless) validates associate-level knowledge and skills to configure, implement and support of wireless LANs, specifically those networks using Cisco equipment. With a CCNA Wireless certification, network professionals can support a basic wireless network on a Cisco WLAN in a SMB to enterprise network. The CCNA Wireless curriculum includes information and practice activities to prepare them for configuring, monitoring and troubleshooting basic tasks of a Cisco WLAN in SMB and Enterprise networks.

http://www.cisco.com/web/learning/le3/le2/le0/le2/learning_certification_type_home.html

2. CCIE Wireless Certification

The Cisco CCIE Wireless certification assesses and validates wireless expertise. Candidates who pass the CCIE Wireless certification exams demonstrate broad theoretical knowledge of wireless networking and a solid understanding of wireless local area networking (WLAN) technologies from Cisco, the market leader in WLAN technology.

http://www.cisco.com/web/learning/le3/ccie/wireless/index.html

Cisco Advanced Wireless LAN Design Specialist

The Cisco Advanced Wireless LAN Design Specialist will demonstrate the ability to successfully design solutions using the advanced feature set of Cisco wireless products and based on a validated understanding of radio frequency and antenna theory, 802.11a/b/g standards, site survey and configuration of controllers and APs. Solutions include voice over WLAN, outdoor mesh and secure wireless.

http://www.cisco.com/web/learning/le3/le2/le41/le86/le95/learning_certification_type_home_extra_level.html

CWNA® (Certified Wireless Network Administrator)

http://www.cwnp.com/cwna/

Tuesday, February 3, 2009

Cisco PIX Firewall System Log Messages - End Configuration Replication

Log Message %PIX-1-709004: (Primary) End Configuration Replication (ACT)
Explanation This is a failover message. This message is logged when the Active unit completes replicating its configuration on the Standby unit. "(Primary)" can be either Primary or Secondary.
Recommended Action None required.

Log Message %PIX-1-709006: (Primary) End Configuration Replication (STB)
Explanation This is a failover message. This message is logged when the Standby unit completes replicating a configuration sent by the Active unit. "(Primary)" can be either Primary or Secondary.
Recommended Action None required.

http://www.cisco.com/en/US/docs/security/pix/pix44/system/message/pixemsgs.html

Monday, February 2, 2009

10 Tips for Wireless Home Network Security / 10 Tips Keselamatan Tanpa Wayar

Many folks setting up wireless home networks rush through the job to
get their Internet connectivity working as quickly as possible. That's
totally understandable. It's also quite risky as numerous security
problems can result. Today's Wi-Fi networking products don't always
help the situation as configuring their security features can be time-
consuming and non-intuitive. The recommendations below summarize the
steps you should take to improve the security of your home wireless
network.

1. Change Default Administrator Passwords (and Usernames)
At the core of most Wi-Fi home networks is an access point or router.
To set up these pieces of equipment, manufacturers provide Web pages
that allow owners to enter their network address and account
information. These Web tools are protected with a login screen
(username and password) so that only the rightful owner can do this.
However, for any given piece of equipment, the logins provided are
simple and very well-known to hackers on the Internet. Change these
settings immediately.

2. Turn on (Compatible) WPA / WEP Encryption
All Wi-Fi equipment supports some form of encryption. Encryption
technology scrambles messages sent over wireless networks so that they
cannot be easily read by humans. Several encryption technologies exist
for Wi-Fi today. Naturally you will want to pick the strongest form of
encryption that works with your wireless network. However, the way
these technologies work, all Wi-Fi devices on your network must share
the identical encryption settings. Therefore you may need to find a
"lowest common demoninator" setting.

3. Change the Default SSID
Access points and routers all use a network name called the SSID.
Manufacturers normally ship their products with the same SSID set. For
example, the SSID for Linksys devices is normally "linksys." True,
knowing the SSID does not by itself allow your neighbors to break into
your network, but it is a start. More importantly, when someone finds
a default SSID, they see it is a poorly configured network and are
much more likely to attack it. Change the default SSID immediately
when configuring wireless security on your network.

4. Enable MAC Address Filtering
Each piece of Wi-Fi gear possesses a unique identifier called the
physical address or MAC address. Access points and routers keep track
of the MAC addresses of all devices that connect to them. Many such
products offer the owner an option to key in the MAC addresses of
their home equipment, that restricts the network to only allow
connections from those devices. Do this, but also know that the
feature is not so powerful as it may seem. Hackers and their software
programs can fake MAC addresses easily.

5. Disable SSID Broadcast
In Wi-Fi networking, the wireless access point or router typically
broadcasts the network name (SSID) over the air at regular intervals.
This feature was designed for businesses and mobile hotspots where Wi-
Fi clients may roam in and out of range. In the home, this roaming
feature is unnecessary, and it increases the likelihood someone will
try to log in to your home network. Fortunately, most Wi-Fi access
points allow the SSID broadcast feature to be disabled by the network
administrator.

6. Do Not Auto-Connect to Open Wi-Fi Networks
Connecting to an open Wi-Fi network such as a free wireless hotspot or
your neighbor's router exposes your computer to security risks.
Although not normally enabled, most computers have a setting available
allowing these connections to happen automatically without notifying
you (the user). This setting should not be enabled except in temporary
situations.

7. Assign Static IP Addresses to Devices
Most home networkers gravitate toward using dynamic IP addresses. DHCP
technology is indeed easy to set up. Unfortunately, this convenience
also works to the advantage of network attackers, who can easily
obtain valid IP addresses from your network's DHCP pool. Turn off DHCP
on the router or access point, set a fixed IP address range instead,
then configure each connected device to match. Use a private IP
address range (like 10.0.0.x) to prevent computers from being directly
reached from the Internet.

8. Enable Firewalls On Each Computer and the Router
Modern network routers contain built-in firewall capability, but the
option also exists to disable them. Ensure that your router's firewall
is turned on. For extra protection, consider installing and running
personal firewall software on each computer connected to the router.

9. Position the Router or Access Point Safely
Wi-Fi signals normally reach to the exterior of a home. A small amount
of signal leakage outdoors is not a problem, but the further this
signal reaches, the easier it is for others to detect and exploit. Wi-
Fi signals often reach through neighboring homes and into streets, for
example. When installing a wireless home network, the position of the
access point or router determines its reach. Try to position these
devices near the center of the home rather than near windows to
minimize leakage.

10. Turn Off the Network During Extended Periods of Non-Use
The ultimate in wireless security measures, shutting down your network
will most certainly prevent outside hackers from breaking in! While
impractical to turn off and on the devices frequently, at least
consider doing so during travel or extended periods offline. Computer
disk drives have been known to suffer from power cycle wear-and-tear,
but this is a secondary concern for broadband modems and routers.

If you own a wireless router but are only using it wired (Ethernet)
connections, you can also sometimes turn off Wi-Fi on a broadband
router without powering down the entire network.
More Info

http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm