CEH.V6.-.Module.20.Hacking.Wireless.Networks

Reproduction is strictly prohibited authentication

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: tifies an individual network. These settings are important factors when identifying WLANs and sniffing traffic EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Authentication and Association To become part of a BSS, a station must first authenticate itself to the network: • Then, it will request association to a specific access point point The access point is in charge of authentication and is accepting the association association of the station: • Unless an add-on authentication system (e.g., Radius) is used MAC address is trusted as giving the correct identity of the station or access point: • How can this be abused? EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Authentication Modes Authentication is done by: • A station providing the correct SSID • Or, through “the shared key authentication: th • Access point and all base stations share a secret encryption key which is: • Difficult to deploy • Difficult to change • Difficult to keep secret • No accountability • A station encrypting with WEP; a challenge text provided by the access point • An eavesdropper gaining both the plaintext and the cyphertext by: • Performing a known plaintext attack • This authentication which helps to crack WEP encryption EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited The 802.1X Authentication Process For 802.1X authentication to work on a wireless network, AP must be able to securely identify traffic from a particular wireless client This identification is accomplished by using authentication keys that are sent to the AP and the wireless client from the RADIUS server When a wireless client (802.1X supplicant) comes within the range of the AP (802.1X authenticator), the simplified process as given in the next slide occurs: EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited The 802.1X Authentication Process Process (cont’d) 1 2 • The AP point issues a challenge to the wireless client • The wireless client responds with its identity 3 • The AP forwards the identity to the RADIUS server using the uncontrolled AP id RADIUS port 4 • The RADIUS server sends a request to the wireless station via the AP specifying specifying the authentication mechanism to be used 5 • The wireless station responds to the RADIUS server with its credentials via the AP 6 • The RADIUS server sends an encrypted authentication key to the AP if the credentials are acceptable 7 • The AP generates a multicast/global authentication key encrypted with a per-station unicast session key, and transmits it to the wireless station EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited WEP WEP and WPA EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Wired Equivalent Privacy (WEP) WEP is a component of the IEEE 802.11 WLAN standards Its primary purpose is to provide confidentiality of the data on wireless networks at a level equivalent to wired LANs Wired LANs typically employ physical controls to prevent unauthorized users from connecting to the network and viewing data In a wireless LAN, the network can be accessed without physically connecting to the LAN IEEE chose to employ en...
View Full Document

This note was uploaded on 02/12/2013 for the course CEH v6 taught by Professor John during the Summer '13 term at West Point.

Ask a homework question - tutors are online