Difference between revisions of "WLAN security"
m (→WEP) |
m (→WEP) |
||
Line 5: | Line 5: | ||
It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets. | It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets. | ||
== WEP == | == WEP == | ||
− | WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher RC4 for confidentiality,[7] and the CRC-32 checksum for integrity. WEP uses a preshared key which is configured into the client. All clients uses the same preshared key, making the network vulnerable if a client is stolen. If a client is stolen a new preshared key must be configured on the Access Point and all the clients. Not a scalable solution. | + | WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher [http://en.wikipedia.org/wiki/Rc4 RC4] for confidentiality,[7] and the CRC-32 checksum for integrity. WEP uses a preshared key which is configured into the client. All clients uses the same preshared key, making the network vulnerable if a client is stolen. If a client is stolen a new preshared key must be configured on the Access Point and all the clients. Not a scalable solution. |
*See [http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy Wikipedia on WEP] | *See [http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy Wikipedia on WEP] | ||
+ | |||
=Basic Security with WPA or WPA 2 Pre-Shared Key= | =Basic Security with WPA or WPA 2 Pre-Shared Key= | ||
WPA - Wi-Fi Protected Access - WPA or WPA-PSK (PSK = Preshared Key) | WPA - Wi-Fi Protected Access - WPA or WPA-PSK (PSK = Preshared Key) | ||
*See [http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Wikipedia on WPA] | *See [http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Wikipedia on WPA] | ||
[[Category:WLAN]][[Category:CCNP]] | [[Category:WLAN]][[Category:CCNP]] |
Revision as of 08:10, 2 December 2009
Contents
Basic WLAN security
SSID
SSID - Service Set Identifier - identifies the network. SSID's are broadcasted from the Access Points so that the wireless clients can identify the wireless network. It is possible to configure the access points no to broadcast the SSID. Then the wireless clients must be configured with the correct SSID to connect to the wireless network. This do not however secure the network, because the wireless clients send the SSID in clear text to connect to the Access Point.
Authentication using MAC access control
It is possible to allow only certain MAC-address access to a wireless network, but MAC-addresses are easily spoofed by hackers. Ie. copied from sniffed packets.
WEP
WEP - Wired Equivalent Privacy - is a deprecated security protocol for wireless network. It can be cracked within minutes. WEP uses the stream cipher RC4 for confidentiality,[7] and the CRC-32 checksum for integrity. WEP uses a preshared key which is configured into the client. All clients uses the same preshared key, making the network vulnerable if a client is stolen. If a client is stolen a new preshared key must be configured on the Access Point and all the clients. Not a scalable solution.
- See Wikipedia on WEP
Basic Security with WPA or WPA 2 Pre-Shared Key
WPA - Wi-Fi Protected Access - WPA or WPA-PSK (PSK = Preshared Key)
- See Wikipedia on WPA