Page 33 - CDM Cyber Warnings November 2013
P. 33
Securing Access Points
By Nitin Goplani
Information Security is a major concern for every organization. With the recent evolution in
wireless technology several organizations have switched to wireless networks. Attacks on
Wireless networks can result in loss of other access control mechanism in place. Hence,
securing wireless networks is a key responsibility of Organizations.
This article describes the approach for organizations to test the strength of their wireless
security and requires the following:
Lab Setup:
1- A Laptop/Computer with Backtrack 5R3 installed.
2- Wireless Card: The card must be supported on backtrack. As far as possible use an
external wireless card.
3- A Password List: The more extensive the word repository, higher is the chance of
cracking the wireless access point.
Firstly we need to understand the different types of encryption protocol that are commonly in
use.
Wireless Encryption Protocol: There are different WEP protocols being used in
wireless networks to protect
1- WEP: WEP Stands for Wired Equivalent Privacy. This was the first encryption protocol
developed but the one major problem in WEP was that the key was not hashed and was
concatenated to the Initialization Vector (IV).
2- WPA: WPA Stands for Wi-Fi Protected Access. It uses TKIP (Temporal Key Integrity
Protocol) and message integrity check, which protects data from being captured,
modifications and resending of data packets to determine whether the packet is modified
or not. However, in a 4-way handshake during client associations it is possible to obtain
the hashed network key.
3- WPA2: This is an advanced form of WPA. This uses AES (Advanced Encryption
Standard) for encryption, which is much more secure than TKIP.
33 Cyber Warnings E-Magazine – November 2013 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
