Wireless LAN IEEE 802.11 Wardiving and Network-Sniffing

by Andreas Lechner

1. WLAN 802.11 Technology

n  WLAN – Wireless Local Area Network Ø  designed for mobile user to connect to a local area network (LAN)

through a wireless (radio) connection.

n  IEEE 802.11 – Standard Ø  all WLAN are implemented in the IEEE 802.11 standards Ø  They are created and maintained by the IEEE (Institute of Electrical and

Electronics Engineers) Ø  Most common protocols in these days: IEEE 802.11 a/b/g/n

1. WLAN 802.11 IEEE Standard

2. WLAN Security Standards

n  1997 the original 802.11 standard only offers - SSID (Service Set Identifier) - MAC Filtering (Media Access Control) - and WEP (Wired Equivalent Privacy)

n  2003 Wi-Fi introduced the Wi-Fi Protected Access (WPA). n  2004 The WPA2 was introduced.

2. Why is WLAN Security important?

Prof. Rick Graziani Presentation Chapter 8 Security

Picture from http://bcbusinessonline.ca

Security usually refers to ensuring that users can perform only the tasks that they are authorized to do and can obtain only the information that they are authorized to have. Prof. Rick Graziani

2. Wardiving

n  Wardiving Ø  Uses software such as Netstumbler (for windows) or Kismet (Mac) to

scan the airwaves for SSIDs and Data Ø  Can be used to hack into WLAN

2. Sniffing

n  Sniffing Ø  is a data interception technology. Sniffer is a program that monitor or

reading all network traffic passing in and out over a network such as Wireshark

2. Sniffing

2. What we learn from it

n  Sometimes it can be better to use a LAN instead of WLAN n  Be sure that you are using the latest WLAN Standard

Ø  Such as WPA2/AES or WPA2/TKIP (Personal / Enterprise) Ø  Replace old routers or access-points with new ones or look for updates

n  Don’t do any important stuff like banking in open hotspots / internet cafes. As well the Bond Student WLAN is not secure enough to do banking. Ø  At least if you do it in the Bond Network be sure that you have a secure

encryption à https:// (Hypertext Transfer Protocol Secure)

Thank you for listening!

References and Literature: http://www.wifi.org http://standards.ieee.org/wireless (etc.) http://www.lancom.de (Techpaper) http://www.cisco.com http://www.computec.ch http://en.wikipedia.org/wiki/Wireles_LAN (etc.) http://en.wikipedia.org/wiki/Wireless_security http://www.javvin.com/wirelessmap.html http://bcbusinessonline.ca •  Presentation by Jörg Grünauer at http://134.91.24.143/~gruenauer •  Presentation by Prof. Rick Graziani & Prof. Yousif - Chapter 8 Security •  Presentation by Alain Girardet & Dominik Blunk - WLAN & Wardiving •  Presentation by Andreas Lechner - WLAN 802.11 in 2008 •  Presentation by Joachim Urbach - Die Funktionsweise von Wireless-LAN •  Presentation by Axel Wachtler, Frank Becker, Sven Klemm - Themenabend Wireless LAN •  Presentation by Karen Chou, Randall Okamoto, Sheng Shan Zhao, Andrew Armada – Wireless LAN •  Diploma thesis by Stefan Dörhöfer – Empirische Untersuchung zur WLAN-Sicherheit mittels Wardiving