Difference between revisions of "WLAN security"

From Teknologisk videncenter
Jump to: navigation, search
m (New page: = Basic WLAN security = == SSID == SSID - Service Set Identifier - identifies the network. SSID's are broadcasted from the Access Points so that the wireless clients can identify the wirel...)
 
m (WEP)
Line 5: Line 5:
 
It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets.  
 
It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets.  
 
== WEP ==
 
== WEP ==
WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher RC4 for confidentiality,[7] and the CRC-32 checksum for integrity.
+
WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher RC4 for confidentiality,[7] and the CRC-32 checksum for integrity. WEP uses a preshared key which is configured into the client. All clients uses the same preshared key, making the network vulnerable if a client is stolen. If a client is stolen a new preshared key must be configured on the Access Point and all the clients. Not a scalable solution.  
 
*See [http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy Wikipedia on WEP]
 
*See [http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy Wikipedia on WEP]
 
+
=Basic Security with WPA or WPA 2 Pre-Shared Key=
[[Category:WLAN]][[Ctegory:CCNP]]
+
WPA - Wi-Fi Protected Access - WPA or WPA-PSK (PSK = Preshared Key)
 +
*See [http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Wikipedia on WPA]
 +
[[Category:WLAN]][[Category:CCNP]]

Revision as of 07:18, 2 December 2009

Basic WLAN security

SSID

SSID - Service Set Identifier - identifies the network. SSID's are broadcasted from the Access Points so that the wireless clients can identify the wireless network. It is possible to configure the access points no to broadcast the SSID. Then the wireless clients must be configured with the correct SSID to connect to the wireless network. This do not however secure the network, because the wireless clients send the SSID in clear text to connect to the Access Point.

Authentication using MAC access control

It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets.

WEP

WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher RC4 for confidentiality,[7] and the CRC-32 checksum for integrity. WEP uses a preshared key which is configured into the client. All clients uses the same preshared key, making the network vulnerable if a client is stolen. If a client is stolen a new preshared key must be configured on the Access Point and all the clients. Not a scalable solution.

Basic Security with WPA or WPA 2 Pre-Shared Key

WPA - Wi-Fi Protected Access - WPA or WPA-PSK (PSK = Preshared Key)