Week 5-virtual networ × tham.edu ontentysptoourse id 47400 1Secontentd-3945107 1

Question

Week 5-virtual networ × tham.edu ontentysptoourse id 47400 1Secontentd-3945107 1mode-reset Week 5 Assignment - WEP, WPA and WPA2 WEP, WPA and WPA2 Please answer the following questions in your own words. Please cite any sources that you use. Submit your answers using your GID numbrer in the filename 1. What are the shortcomings of WEP security? 2. Why was there a need for WPA/WPA2? 3. What are the main threats to wireless security? 4. What are the best practices for ensuring security on a wireless networks? Maximum Points Grading Criteria Assignments Meets or exceeds established assignment criteria Demonstrates an understanding of lesson concepts Clearly presents well-reasoned ideas and concepts Uses proper mechanic structure Total 30 10 100 s, punctuation, sentence structure, spelling and APA

Explanation / Answer

1)Answer:

WEP:

Wired Equivalent Privacy (WEP) is an older encryption algorithm used to secure transmitted data across wireless networks. WEP uses a security code chosen during configuration called a WEP key, which uses a sequence of hexadecimal digits. This digit sequence must match on all devices trying to communicate on the wireless network. WEP keys can be formed in different lengths depending on the type of WEP encryption being utilized.

shortcomings:

Several weaknesses have been discovered using WEP encryption that allows an attacker using readily available software to crack the key within minutes. WEP encryption uses a shared key authentication and sends the same key with data packets being transmitted across the wireless network. If malicious users have enough time and gather enough data they can eventually piece together their own key. Another disadvantage to using WEP encryption is that if the master key needs to be changed, it will have to be manually changed on all devices connected to the network. This can be a tedious task if you have many devices connected to your network.

->Key distribution. If you aren't the only person on the network, getting the key out to other people is a non-trivial task and can be the weakest link.

->40-bit - the standard WEP keysize is completely insufficient and can be cracked in relatively no time. 128bit versions of the hardware are available, however, so this is an improvement.

->This is the biggie - the WEP authentication protocol relies on DNS and is therefore prone to massive man-in-the-middle attacks. There is a paper by Jesse Walker called "Wireless LANs Unsafe at Any Key Size; and analysis of the WEP encapsulation" that I encourage everyone to read.

->WEP does not provide adequate wlan security

3)Answer:

There are a number of main threats that exist to wireless LANS, these include:

Rogue Access Points/Ad-Hoc Networks

One method that is often used by attackers targeting wireless LANS is to setup a rogue access point that is within the range of the existing wireless LAN. The idea is to 'fool' some of the legitimate devices into associating to this access point over the legitimate access points.

Denial of Service

Anybody familiar with network security is aware of the concept of denial of service (DoS). It is one of the simplest network attacks to perpetrate because it only requires limiting access to services. This can be done by simply sending a large amount of traffic at a specific target. Of course, the amount of traffic required to affect a target device can be much higher than the capabilities of a single machine.

However, the flooding of traffic is not the only way to limit access to services; for wireless networks it can be much easier as the signal can be interfered with through a number of different techniques. When a wireless LAN is using the 2.4 GHz band, interference can be caused by something as simple as a microwave oven or a competing access point on the same channel. Because the 2.4 GHz band is limited to only 3 non-overlapping channels (U.S.), an attacker just needs to cause enough interference into these three channels to cause service interruption.

A denial of service attack can also be used in conjunction with a rogue access point. For example, a rogue access point could be setup in a channel not used by the legitimate access point and then a denial of service attack could be launched at the channel currently being used causing endpoint devices to try to re-associate onto a different channel which is used by the rogue access point.

Configuration Problems

Simple configuration problems are often the cause of many vulnerabilities, this is because many consumer/SOHO grade access points ship with no security configuration. A novice user can set up one of these devices quickly and gain access. However they also open up their network to external use without further configuration.

Other potential issues with configuration include weak passphrases, weak security deployments (i.e. WEP vs WPA vs WPA2), and default SSID usage among others.

Passive Capturing

Passive capturing is performed by simply getting within range of a target wireless LAN and then listening and capturing data. This information can be used for a number of things including attempting to break existing security settings and analyzing non-secured traffic. It is almost impossible to really prevent this type of attack because of the nature of a wireless network; what can be done is to implement high security standards using complex parameters.

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.