CWNA Chapter 13 – 802.11 Network Security Architecture

My Notes from chapter 13 of the CWNA study guide

802.11 security basics

  • Data privacy and integrity
    • All data transmissions travel in the open air.
    • Protecting data privacy in a wired network is much easier because physical access to the wired medium is more restricted, whereas access to wireless transmissions is available to anyone in listening range
    • Therefore, using cipher encryption technologies to obscure information is mandatory to provide proper data privacy.
    • Two most common algorithms used to protect data are:
      • RC4 algorithm (RC stands for Ron’s Code or Rivest Cipher) Algorithm
        • Is a streaming cipher used in technologies that are often used to protect Internet traffic, such as Secure Sockets Layer (SSL)
        • Is incorporated into two legacy encryption methods known as WEP and TKIP
      • Advanced Encryption Standard Algorithm (AES)
        • Originally named the Rijndael algorithm, is a block cipher that offers much stronger protection than the RC4 streaming cipher
        • AES is used to encrypt 802.11 wireless data by using an encryption method known as Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
        • Encrypts data in fixed data blocks with choices in encryption key strength of 128, 192, or 256 bits.
        • AES cipher is the mandated algorithm of the U.S. government for protecting both sensitive and classified information
    • WEP, TKIP and CCMP all use a data integrity check to ensure that the data has not been maliciously altered
  • Authentication, authorization, and accounting (AAA)
    • Authentication
      • Is the verification of identity and credentials
      • Users or devices must identify themselves and present credentials
      • More secure authentication systems use multifactor authentication
    • Authorization
      • Determines if the device or user is authorized to have access to network resources
      • Can be based on type of device , time of day restrictions, or location.
      • Authentication must be completed before authorization takes place
    • Accounting
      • Is tracking the use of network resources by users and devices
      • A record is kept of user identity, which resource was accessed, and at what time
      • Often a requirement of many industry regulations, such as the payment card industry (PCI)
  • Segmentation
    • Is the chosen method of separating user traffic within a network
    • can be achieved through a variety of means, including firewalls, routers, VPNs, and VLANs
    • Segmentation is also intertwined with role-based access control (RBAC)
  • Monitoring and policy
    • A full-time monitoring solution is also needed to protect against possible attacks that target the WLAN
    • Be monitored by a wireless intrusion detection system (WIDS) possible attacks that target the WLAN
    • Depending on the level of risk assessment, not all businesses require a monitoring solution; however, if the budget permits, a WLAN monitoring solution is highly recommended

Legacy 802.11 security

  • Legacy authentication
    • The original 802.11 standard specified two methods of authentication: Open System authentication and Shared Key authentication.
    • These legacy authentication methods were not so much an authentication of user identity, but more of an authentication of capability
    • Open System authentication does not require the use of any credentials, every client gets authenticated and therefore authorized onto network resources after they have been associated
  • Static WEP encryption
    • is a layer 2 encryption method that uses the RC4 streaming cipher.
    • The three main goals of WEP encryption are as follows:
      • Confidentiality
      • Access Control
      • Data Integrity
    • 64-bit WEP uses a secret 40-bit static key, which is combined with a 24-bit number selected by the radio’s device drivers
    • This 24-bit number, known as the initialization vector (IV), is sent in cleartext and is different on every frame.
    • How does WEP work?
      • WEP runs a cyclic redundancy check (CRC) on the plaintext data that is to be encrypted and then appends the integrity check value (ICV) to the end of the plaintext data.
      •  A 24-bit cleartext initialization vector (IV) is then generated and combined with the static secret key.
      • WEP then uses both the static key and the IV as seeding material through a pseudorandom algorithm that generates random bits of data known as a keystream. These pseudorandom bits are equal in length to the plaintext data that is to be encrypted.
      • The pseudorandom bits in the keystream are then combined with the plaintext data bits by using a Boolean XOR process. The end result is the WEP ciphertext, which is the encrypted data.
      • The encrypted data is then prefixed with the cleartext IV.

chapter13-1

  • WEP weaknesses:
    • IV Collisions Attack
      • Because of the limited size of the IV space, IV collisions occur, and an attacker can recover the secret key much easier when IV collisions occur in wireless networks.
    • Weak Key Attack
      • An attacker can recover the secret key much easier by recovering the known weak IV keys
    • Reinjection Attack
      • Hacker tools exist that implement a packet reinjection attack to accelerate the collection of weak IVs on a network with little traffic
    • Bit-Flipping Attack
      • The ICV data integrity check is considered weak. WEP encrypted packets can be tampered with
  • WEP cracking tools have been available for many years. These cracking tools may use a combination of the first three mentioned attacks and can crack WEP in less than 5 minutes.
  • After an attacker has compromised the static WEP key, any data frame can be decrypted with the newly discovered key.
  • MAC filters
    • Every network card has a physical address known as a MAC address (a 12-digit hexadecimal number)
    • MAC filters can be configured to either allow or deny traffic from specific client MAC addresses to associate and connect to an AP.
    • The 802.11 standard does not define MAC filtering, and any implementation of MAC filtering is vendor specific.
    • It should be noted that MAC addresses can be spoofed, or impersonated, and any amateur hacker can easily bypass any MAC filter by spoofing an allowed client MAC address.
    • MAC filtering is not considered a reliable means of security for wireless enterprise networks
  • SSID cloaking
    • Access points typically have a setting called Closed Network or Broadcast SSID
    • By either enabling a closed network or disabling the broadcast SSID feature, you can hide, or cloak, your wireless network name
    • implement a closed network, the SSID field in the beacon frame is null (empty), and therefore passive scanning will not reveal the SSID to client stations that are listening to beacons
    • Note that an access point in a closed network will respond to any configured client station that transmits directed probe requests with the properly configured SSID
    • Although implementing a closed network may hide your SSID from some of these WLAN discovery tools, anyone with a layer 2 wireless protocol analyser can capture the frames transmitted by any legitimate end user and discover the SSID, which is transmitted in cleartext.
    • SSID cloaking is by no means an end-all wireless security solution. The 802.11 standard does not define SSID cloaking, and therefore, all implementations of a closed network are vendor specific.

Robust security

  • Robust security network (RSN)
    • Two stations (STAs) must authenticate and associate with each other, as well as create dynamic encryption keys through a process known as the 4-Way Handshake. This association between two stations is referred to as an RSNA.
    • CCMP/AES encryption is the mandated encryption method, and TKIP/RC4 is an optional encryption method
    • An RSN can be identified by a field found in beacons, probe response frames, association request frames, and reassociation request frames. This field is known as the RSN Information Element (IE).
  • Authentication and authorization
    • Authentication is the verification of user identity and
    • Authorization involves whether a device or user is granted access to network resources and services credentials
  • PSK authentication
    • The 802.11-2012 standard defines authentication and key management (AKM) services.
    • An authentication and key management protocol (AKMP) can be either a preshared (PSK) or an EAP protocol used during 802.1X authentication
    • PSK authentication is meant to be used in SOHO environments because the stronger enterprise 802.1X authentication solutions are not available.
    • WPA/WPA2-Personal utilizes PSK authentication
    • Prior to the IEEE ratification of the 802.11i amendment, the Wi-Fi Alliance introduced the Wi-Fi Protected Access (WPA) certification
    • The intended goal of WPA-Personal was to move away from static encryption keys to dynamically generated keys using a simple passphrase as a seed
    • WPA/WPA2-Personal allows an end user to enter a simple ASCII character string, dubbed a passphrase, anywhere from 8 to 63 characters in size.
    • The only practical difference between WPA (TKIP/RC4) and WPA2 (CCMP/AES) has to do with the encryption cipher.
    • If PSK authentication is the chosen security method, WPA2-Personal should always be used
  • Proprietary PSK authentication
    • The biggest problem with using PSK authentication in the enterprise is social engineering.
    • The PSK is the same on all WLAN devices. If an end user accidentally gives the PSK to a hacker, WLAN security is compromised
    • If an employee leaves the company, to maintain a secure environment all of the devices have to be reconfigured with a new 256-bit PSK.
    • Several enterprise WLAN vendors have come up with a creative solution to using WPA/ WPA2-Personal that solves some of the biggest problems of using a single passphrase for
    • WLAN access
    • Each computing device or user will have their own unique PSK for the WLAN.
    • Individual users can be mapped to a unique WPA/WPA2-Personal passphrase
    • Individual users are then assigned a unique PSK that is created either dynamically or manually.
    • The PSKs that are generated can also have an expiration date. Unique time-based PSKs can also be used in a guest WLAN environment as a replacement for more traditional username/ password credentials.
    • If a unique PSK is compromised, an administrator only has to revoke the single PSK credential and no longer has to reconfigure all access points and end user devices.
    • A proprietary PSK solution provides unique user credentials that standard PSK cannot provide
    • Additionally, proprietary PSK solutions with unique credentials do not require anywhere near the complex configuration needed for 802.1X/EAP.
  • 802.1X/EAP framework
    • The IEEE 802.1X standard is not specifically a wireless standard and is often mistakenly referred to as 802.11x
    • The 802.1X standard is a port-based access control standard.
    • An 802.1X framework may be implemented in either a wireless or wired environment. The 802.1X framework
    • Consists of three main components:
      • Supplicant
        • A host with software that requests authentication and access to network resources is known as a supplicant
        • Would be a client station requesting access to network resources
      • Authenticator
        • An authenticator device blocks traffic or allows traffic to pass through its port entity.
        • Authentication traffic is normally allowed to pass through the authenticator, whereas all other traffic is blocked until the identity of the supplicant has been verified
        • The authenticator maintains two virtual ports: an uncontrolled port and a controlled port.
        • Uncontrolled allows EAP traffic to pass through
        • Controlled blocks all other traffic until supplicant is authenticated
        • A standalone access point or WLAN controller would be the authenticator
      • Authentication Server (AS)
        • Validates the credentials of the supplicant that is requesting access and notifies the authenticator that the supplicant has been authorized.
        • Maintains a user database or may proxy with an external database, such as an LDAP database, to authenticate user credentials.
        • Typically a Remote Authentication Dial-In User Service (RADIUS) server

chapter13-3

  • Note that some WLAN vendors offer solutions where either a standalone AP or a WLAN controller can dual-function as a RADIUS server and perform direct LDAP queries, thus eliminating the need for an external RADIUS server
  • Although the supplicant, authenticator, and authentication server work together to provide the framework for 802.1X port-based access control, an authentication protocol is needed to perform the authentication process. Extensible Authentication Protocol (EAP) is used to provide user authentication
  • AP is a flexible layer 2 authentication protocol used by the supplicant and the authentication server to communicate
  • The authenticator allows the EAP traffic to pass through its virtual uncontrolled port.
  • After the authentication server has verified the credentials of the supplicant, the server sends a message to the authenticator that the supplicant has been authenticated
  • The authenticator is then authorized to open the virtual controlled port and allow all other traffic to pass through.

chapter13-2

  • EAP types
    • EAP is a layer 2 protocol that is very flexible, and many different flavours of EAP exist.
    • Some, such as Cisco’s Lightweight Extensible Authentication Protocol (LEAP), are proprietary, whereas others, such as Protected Extensible Authentication Protocol (PEAP), are considered standards based
    • Some provide for only one-way authentication; others provide two-way authentication.
    • Mutual authentication not only requires that the authentication server validate the client credentials, but the supplicant must also authenticate the validity of the authentication server.
    • Most types of EAP that require mutual authentication use a server-side digital certificate to validate the authentication server.
    • A server-side certificate is installed on the RADIUS server, while the certificate authority (CA) root certificate resides on the supplicant
    • The Certificate exchange also creates an encrypted Secure Sockets Layer (SSL) / Transport Layer Security (TSL) tunnel in which the supplicant’s username/password credentials or client certificate can be exchanged.

chapter13-5

  • Dynamic encryption-key generation
    • 802.1X/EAP framework does not require encryption, the use of encryption is recommended.
    • However, a by-product of 802.1X/EAP is the generation and distribution of dynamic encryption keys
    • EAP protocols that utilize mutual authentication provide “seeding material” that can be used to generate encryption keys dynamically.
    • The advantage of dynamic keys is that every user has a different and unique key that cannot be compromised by social engineering attacks.
    • These dynamic keys are generated per session per user, meaning that every time a client station authenticates, a new key is generated and every user has a unique and separate key.
  • 4-Way Handshake
    • Two stations (STAs) must establish a procedure to authenticate and associate with each other as well as create dynamic encryption keys through a process known as the 4-Way Handshake.
    • RSNAs utilize a dynamic encryption-key management method that involves the creation of fi ve separate keys.
    • Part of the RSNA process involves the creation of two master keys known as the Group Master Key (GMK) and the Pairwise Master Key (PMK).
    • The PMK is created as a result of the 802.1X/EAP authentication
    • These master keys are the seeding material used to create the final dynamic keys that are used for encryption and decryption
    • The final encryption keys are known as the Pairwise Transient Key (PTK) and the Group Temporal Key (GTK)
    • The PTK is used to encrypt/decrypt unicast traffic, and the GTK is used to encrypt/decrypt broadcast and multicast traffic.
    • The 4-Way Handshake will always be the final four frames exchanged during either an 802.1X/EAP authentication or a PSK authentication
    • Also, every time a client radio roams from one AP to another, a new 4-Way Handshake must occur so that new unique dynamic keys can be generated
  • WPA/WPA2-Personal
    • If you do not own a RADIUS server, 802.1X/EAP authentication will not be possible.
    • Because most of us do not have a RADIUS server,  the 802.11-2012 standard offers a simpler method of authentication using a PSK
    • This method involves manually typing matching passphrases on both the access point and all client stations that will need to be able to associate to the wireless network
    • A formula is run that converts the passphrase to a Pairwise Master Key (PMK) used with the 4-Way Handshake to create the fi nal dynamic encryption keys.
    • still requires significant administrative overhead and has potential social engineering issues in a corporate or enterprise environment
    • An 802.1X/EAP solution as defined by WPA/WPA2-Enterprise is the preferred method of security in a corporate and workplace environment
  • Temporal Key Integrity Protocol (TKIP) encryption
    • This method uses the RC4 cipher just as WEP encryption does
    • The problem with WEP was not the RC4 cipher but how the encryption key was created
    • TKIP was developed to rectify the problems that were inherent in WEP.
    • TKIP starts with a 128-bit temporal key that is combined with a 48-bit initialization vector (IV) and source and destination MAC addresses in a complicated process known as per-packet key mixing
    • This key-mixing process mitigates the known IV collision and weak key attacks used against WEP
    • Additionally, TKIP uses a stronger data integrity check known as the message integrity check (MIC) to mitigate known bit-flipping attacks against WEP.
    • All TKIP encryption keys are dynamically generated as a final result of the 4-Way Handshake.
    • The 802.11n and higher amendments do not permit the use of WEP encryption or TKIP encryption for the High Throughput (HT) and Very High Throughput (VHT) data rates
  • CCMP encryption
    • The default encryption method defined under the 802.11i amendment is known as Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
    • This method uses the Advanced Encryption Standard (AES) algorithm (Rijndael algorithm). CCMP/AES uses a 128-bit encryption-key size and encrypts in 128-bit fixed-length blocks.
    • All CCMP encryption keys are dynamically generated as a final result of the 4-Way Handshake.
    • CCMP/AES encryption will add an extra 16 bytes of overhead to the body of an 802.11 data frame
    • Because the AES cipher is processor intensive, older legacy 802.11 devices do not have the processing power necessary to perform AES calculations

Traffic segmentation

  • VLANs
    • are used to create separate broadcast domains in a layer 2 network and are often used to restrict access to network resources without regard to physical topology of the network.
    • VLANs are a layer 2 concept and are used extensively in switched 802.3 networks for both security and segmentation purposes.
    • VLANs are used to support multiple layer 3 networks on the same layer 2 switch
    • individual SSIDs can be mapped to individual VLANs, and users can be segmented by the SSID/VLAN pair, all while communicating through a single access point.
    • Each SSID can also be configured with separate security settings.
    • A common strategy is to create a guest, voice, and employee SSID/VLAN pair
    • Management access to the WLAN controllers or APs should also be isolated on a separate VLAN.
    • The way VLANs are deployed in a WLAN environment depends on the design of the network as well as the type of WLAN architecture that is in place
  • RBAC
    • Role-based access control (RBAC) is another approach to restricting system access to authorized users.
    • The three main components of an RBAC approach are users, roles, and permissions.
    • Permissions can be defined as layer 2 permissions (VLANS or MAC filters), layer 3 permissions (access control lists), layers 4–7 permissions (stateful firewall rules), and bandwidth   permissions
    • When wireless users authenticate via the WLAN, they inherit the permissions of whatever roles they have been assigned.
    • When used in a WLAN environment, role-based access control can provide granular wireless user management

Infrastructure security

  • Physical security
    • Access points and other WLAN hardware can be quite expensive
    • Although access points are usually mounted in or near the ceiling, theft can be a problem
    • Enclosure units with locks can be mounted in the ceiling or to the wall
    • Secure enclosure units may also meet aesthetic demands by keeping the access point out of plain sight.
  • Interface security
    • All wireless infrastructure devices must be able to be accessed by administrators through a management interface
    • Any interface that is not used should be turned off
    • At a minimum, all the passwords for these configuration options should be changed from the factory defaults.
    • Most infrastructure devices should also support some type of encrypted management capabilities.
    • It is also a highly recommended practice to configure your infrastructure devices from only the wired side and never configure them wirelessly
    • If devices are configured from the wireless side, an intruder might be able to capture your wireless packets and be able to watch what you are doing.

VPN wireless security

  • Layer 3 VPNs
    • The use of upper-layer virtual private network (VPN) solutions can also be deployed with WLANs
    • VPNs are typically not recommended to provide wireless security in the enterprise due to the overhead and because faster, more secure layer 2 solutions are now available.
    • VPNs do have their place in Wi-Fi security and should definitely be used for remote access
    • They are also sometimes used in wireless bridging environments.
    • Use of VPN technology is mandatory for remote access. Your end users will take their laptops off site and will most likely use public access Wi-Fi hotspots. Because there is no security at most hotspots, a VPN solution is needed.
    • It is imperative that users implement a VPN solution coupled with a personal firewall whenever accessing any public access Wi-Fi networks.
    • VPNs have several major characteristics. They provide encryption, encapsulation, authentication, and data integrity
    • VPNs use secure tunnelling, which is the process of encapsulating one IP packet within another IP packet
    • The original destination and source IP address of the first packet is encrypted along with the data payload of the first packet
    • VPN tunnelling, therefore, protects your original private layer 3 addresses and also protects the data payload of the original packet.
    • The most commonly used layer 3 VPN technology is Internet Protocol Security (IPsec). IPsec VPNs use stronger encryption methods and more secure methods of authentication and are the most commonly deployed VPN solution
    • Most IPsec VPNS are NAT-transversal, but any firewalls at a remote site require (at a minimum) that UDP ports 4500 and 500 be open.
  • SSL VPN
    • VPN technologies do exist that operate at other layers of the OSI model, including SSL tunnelling
    • Unlike an IPsec VPN, an SSL VPN does not require the installation and configuration of client software on the end user’s computer
    • A user connects to a Secure Sockets Layer (SSL) VPN server via a web browser.
    • The traffic between the web browser and the SSL VPN server is encrypted with the SSL protocol or Transport Layer Security (TLS).
    • SSL VPNs are often chosen because of issues with NAT or restrictive firewall policies at remote locations.
  • VPN deployment
    • VPNs are most often used for client-based security when connected to public access WLANs and hotspots that do not provide security.
    • VPN technology can provide the necessary level of security for remote access when end users connect to public access WLAN
    • Another common use of VPN technology is to provide site-to-site connectively between a remote office and a corporate office.
    • Most WLAN vendors now offer VPN client-server capabilities in either their APs or WLAN controllers

chapter13-4

  • Guest WLAN security
    • Guest wireless networks allow Internet access to visitors, such as contractors, students, or salespeople.
    • Therefore, many organizations provide WLAN guest access with a unique SSID and guest VLAN
    • Firewalls are also often used to further restrict the guest user capabilities and even the bandwidth that is available to guests
    • The main security goal of a guest WLAN is to provide guests with an easily accessible wireless portal to the Internet, while at the same time restricting guest user access from the rest of the company network.
    • The security components of a guest WLAN normally consist of the following:
      • Guest SSID
        • The guest SSID is normally an open network that has no WPA/WPA2 encryption security
        • Encrypted guest access can also be provided with 802.1X with Hotspot 2.0 using Wi-Fi CERTIFIED Passport client devices
      • Guest VLAN
        • Guest user traffic should be segmented into a unique VLAN tied to an IP subnet that does not mix with the employee user VLAN
        • Guest traffic is often also routed to a demilitarized zone (DMZ).
      • Firewall Policy
        • Guest WLAN firewall policies tend to be very restrictive
        • Guest firewall policies typically allow for DHCP and DNS but restrict access to private networks
        • The guest firewall policy normally routes all user traffic straight to an Internet gateway and away from corporate network infrastructure.
      • Captive Web Portal
        • Guest users must normally log in through a captive web portal page before they can proceed to the Internet
        • One of the most important aspects of the captive web portal page is the legal disclaimer.
        • Businesses are also legally protected if something bad should happen to a guest user’s WLAN device, such as being infected by a computer virus
        • A captive portal solution effectively turns a web browser into an authentication service
        • Captive portals can redirect unauthenticated users to a login page using an IP redirect, DNS redirection, or redirection by HTTP.
      • Guest Management Solution
        • Most guest WLANS require a guest user to authenticate with credentials via a captive web portal
        • Therefore, a database of user credentials must be created.
  • Captive portal
    • Most hotspots and guest networks are secured by a captive portal
    • A captive portal is essentially the integration of a firewall with an authentication web page.
    • When a user connects to the guest network, whether wired or wireless, any packets that the user transmits are intercepted and blocked from accessing a gateway to the network  resources until the user has authenticated through the captive portal.
    • Captive portals are available as standalone software solutions, but most WLAN vendors offer integrated captive portal solutions
    • You can typically personalize the page by adding graphics, such as a company logo, inserting an acceptable use policy, or configuring the logon requirements.
    • Not all captive portal pages require a username and password for authentication. Some vendors have begun to use unique dynamic PSKs as user credentials
    • Captive web portals that do not require credentials still provide an acceptable use policy, which functions as a legal disclaimer for the guest network
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s