WIFI Network Security
Version 1.0
UP899766
Table of Contents
Table of Contents
ABSTRACT 2
ASSESSMENT AND EVALUATION 4
WIFI Daisy Chaining Attack 4
WIFI encryption protocol 6
WIFI MITM Attack 8
CREATING AN EVIL TWIN WIRELESS ACCESS POINT TO EAVESDROP ON DATA 9
MAIN RERPORT 10
Abstract
Globalization of market is one of the most fascinating developments .Its impact one economic and business , one of the major platform to use World Wide Web to engage their business partner. As the use of the World Wide Web for commercial purposes increasing rapidly in today world cyber security become the major concern and lift for the business to grow.
In the early century the communication system is not design for the public to use , when ARPANET was becoming the World Wide Web which using by us today the focus was on reliability of communication and potential command and control in the event of emergency and the security was not considered.
If a system or a network infrastructure without security in place the impact to the business will be customer information or even business strategic plan will be revealed to the public and will cause business loss such as money and times if some malicious user did some destructive action to your infrastructure and also lost the confidence level of your business partner and customer. For like much serious case the military secret is leaked out or system breakdown it may cause the country lost the war or even thousands of million life.
Most of the enterprise are do realize the importance of security also by taking action they choose to implement the basic enterprise security solution appliances like Firewall, Intrusion Prevention System and Endpoint Solution to secure their internal network and protect their valuable asset ,but the wireless network usually will be less focus in term of security.
Wireless technology offer many advantageous such like portability and flexibility which has increased productivity to the organization and had lower implementation cost .However the flexibility is come with its price wireless technology is much unsecure compared to wired network .
References:
The Basic Of Cyber Warfare Understanding the Fundamental of Cyber Warfare in Theory and Practice Steve Wifterfeld & Jason Andress
Assessment and Evaluation
WIFI Daisy Chaining Attack
One of the most highly used technology for the ease of communication is the wireless local area networking WIFI .WIFI is used in almost all business company for their user flexible to connect to the internal network anyway nearby the building also been often using in public like coffee house and some restaurant etc.
WIFI is usually be the main windows that hacker will targeted because it will often to be the less security area that focus by most of the administrator .The reason behind is that WIFI will usually to be implement to be use for the user or guest but what they don't aware the daisy chaining issue may happen in this situation . Daisy chaining is to use a compromised machine to gain access or launch further attack to internal network for example the administrator are secure well the internal network zone but leave DMZ unattended so the hacker can compromised the machine in the DMZ and have possible chain access from DMZ to internal network.
Reference:
Daisy Chain Authentication
https://www.sans.org/reading-room/whitepapers/authentication/daisy-chain-authentication-34292
WIFI encryption protocol
Lately the security of the WIFI become a concern to the public so to preventing unauthorized user or malicious user from connecting in to private network the wireless security protocol are invented to encrypt the private data.
There are few security protocol enhanced over the time as the attack getting much advanced sophisticated .The very first encryption protocol are develop to keep the unauthorized user out of the wireless network are WEP is known as Wired Equivalent Protocol .The WEP are designed based on symmetric encryption which is known as one key encryption by using the same key for encryption and decryption.
The WEP security protocol soon been tested and found out a lot of security flaw it only required a few data packet that can be capture over the airwave and be able to crack the password in no time .As the flaw that happen in WEP security the WPA is introduce to overcome and enhance the security protocol , WPA come in same design as WEP which is symmetric encryption but it improved by using temporary key integrity protocol (TKIP) is using the hash to verify the integrity of the traffic that make it much harder to be crack, but still the improve version it just adding the hash verification feature which still make it possible to be attack through WPS.
The WPA2 is the most commonly use security protocol nowadays that have a significant improvement compared to the previous version the major change is WPA uses AES algorithms However the WPS attack vector are also happen in the WPA2 .Beside due to the design of the security protocol are run by symmetric design it makes the protocol vulnerable and able to be capture the encryption key over the transit traffic and crack the password by using brute force.
References:
WIFI Security
http://www.hit.bme.hu/~buttyan/courses/BSc_Coding_Tech/wifi-sec.pdf
WIFI MITM Attack
Man In the Middle attack is commonly used by malicious hacker and is very easy to launch over a WIFI network. One on the method is by using a method called evil twin. The concept of attack is that a malicious user can create a proxy SSID that same ESSID as the target use and force the victim to join our evil SSID and route the traffic go through the hacker machine in order to launch a MITM attack.
The MITM attack may lead to all other attack and is commonly ignore by the user.
Reference
Creating an Evil Twin Wireless Access Point to Eavesdrop on Data
https://null-byte.wonderhowto.com/how-to/hack-wi-fi-creating-evil-twin-wireless-access-point-eavesdrop-data-0147919/
Main Report
A technology security architecture will include both of the security measures and techniques that are able to protect the system .In wireless network security can be describe in two major part one is authentication ,authentication mechanism is to identify the person who are allow to access or join the network and the other is encryption , encryption is to ensure the data is remain private while transferring and protect it not to being capture and decode. The best example for this two mechanism media access control (MAC) address filtering for authentication and WEP,WPA,WPA2 for encryption purposes.
When dealing with the encryption we can clearly see the improve from WEP to WPA2 .As we know WEP is a weak security protocol but what is the real problem behind this protocol ? WEP encryption algorithm is using stream cipher . The operation method for this chipper is by expand a key into an pseudo key stream. The generated key stream will exclusive OR the plaintext in order to make it into cipher text and the receiver side will use the same key using the same method to make the cipher text back into plaintext.
This encryption method will make the key stream vulnerable , the attacker could use a lot of method to intercept . If an attacker change a bit in the cipher stream upon decryption the corresponding bit in the plaintext will be changed. And if the attacker able to capture two cipher text travel across the airwave with the same key stream encrypted , it is possible to use frequency analysis to identify the exclusive OR pattern and able to recover the plaintexts. As result WEP can be very easy to decrypt by capture the packet from a wireless router and decrypt it.
To address the WEP issue we can try to use longer encryption key string this will make the decryption process and the capturing packet task become more difficult. The other way is to changing the passphrase frequently this will increase the duration for decryption process but on the other hand it will be troublesome for the network administrator of the organization .
Sooner the WEP is discover full of flaw and is very unsecure for any kind of usage ,
And the next version of WIFI encryption method was introduced which is what we known as WPA ( Wifi Protected Access) .WPA offer two different type of authentication the first one is what commonly use in normal home usage or even small or mid-size company ,the WPA-PSK which is using pre shared key to achieve the authentication task. And the other one is using WPA-Enterprise this is usually used by enterprise or government agency .WPA-Enterprise required a RADIUS server integrated with wireless router to get the task complete this option will more secure compare to the pre shared key method the user will be assign to individual password instead of one generic password.
However the this new enhanced version of encryption algorithm still consists of security flaw .Even though the flaw having in WEP which allow key recovery is not happen on WPA encryption but still the other type of attack will focus on the weakness in TKIP of WPA. This weaknesses will allow attacker to capture and decrypt the Address Resolution Protocol (ARP) packet instead of decrypt the key stream like WEP and to inject the forged packet into the network environment .This is cloud possible lead to the chaining of attack ARP poisoning or even Man In The Middle attack.
Wireless Protected Access 2 ( WPA2) is soon release to overcome the WPA issue
WPA2 the working algorithm is the same as WPA except it no longer using the crack able TKIP instead of using CCMP for the crypto encapsulation. The advance version of crypto encapsulation CCPM is design to address the TKIP flaw .The way CCMP operate is for data confidentiality and based upon the Counter Mode CBC of AES encryption standard .
The WPA2 security protocol seems secure but not yet perfect ,it still does consist the same crack able vector like WPA does, Dictionary Attack. Both WPA and WPA2 handshake packet can be capture through the airwave and channel and then the handshake packet can be brute forcing by using dictionary
To defend against attack following is to set the passphrase into extremely complicated and change frequently over the time this will be almost near impossible to crack.
References:
Attack against the WIFI protocols WEP and WPA https://matthieu.io/dl/wifi-attacks-wep-wpa.pdf
Despite the technology is consist a lot of flaw and it would not be perfect even after the enhanced version release to overcome the knowns flaw ,but we can see that that vulnerability and exploiting can be stop by the network administrator by harden their security policy of the organization some of the measure that take to address the issue but it will made the operation become more troublesome and human always have the false sense of absolute secure and lead the system become vulnerable.
As mention earlier some enterprise will using radius server integrated in the wireless network environment to minimize the security issue by sharing a same generic password over the whole organization .Even though the radius server using 802.1x protocol that will help to bring the wireless security defense layer into another level it will still able to penetrate if the technology is not well implemented .
When the 802.1x that implemented with layer two encryption disable the session hi jacking attack could happen to penetrate to this unsecure configuration .The attacker could monitor the airwave by setting the wireless adapter into promiscuous mode by doing that the victim and the access point MAC address will be reveal in a plaintext form .The attack can then changing the mac to access point and send de authentication message to the client on behalf of access point by changing the MAC address to be same as the access point. And lastly the attacker will using client mac address to authenticate to the access point and finally get into the network environment without having any permission.
This method of attack will only work if the encryption is not configure if the case is not in the favor the attacker machine will not able to get access into the network after manage to hi jack using the MAC address because the packet will be deny by not having to match the encryption key that corresponding to the legitimate user.
The wireless provide the probability and the ease of use on the other hand also giving a lot of security vulnerability issue ,the security is usually be equal balance to convenience when the security well in place the effective of operate will be affected and some will even affected the organization operation and the security expert have to find the middle line to make the operation smoothly running in a secure environment .Compare the implementation cost and convenience usage of wireless network , wireless network become more popular in all the different aspect ,to mitigate the vulnerability and risk the experience and develop the best practice in the environment is need to be considered .
Before design and implementing the wireless technology to an organization it is important to clarify and understand the organization operation and functional requirement. The different circumstances will affect the decision of choosing the right security measure to be implement in order to protect the wireless network environment .
Beside the design and implementing phase the much important is the daily operation that is happening in the organization ,the highest percentage of the success attack vector is social engineering this shows that human is always the weakest link in the whole security chain in this case the organization should develop a strong security policies to define all the usage option like data classification that is allow to be transmit in the wireless network define the strong access control rules in the internal network to prevent attack like daisy chaining happen in the environment to mitigate and minimize the risk and loss happen in the organization .Also operational guideline and account privilege should be well define and strong password policy .
In conclusion , the technology vulnerability is a great concern that will indeed give a huge impact to the organization if the thing doesn't handling well , but the security is a process that every element integrated together to form the security .