If you plan on taking the Security+ exam you should have a basic understanding of securing wireless networks. Much of this knowledge crosses over from Network+ but the Security+ exam focuses more on the security. Many blogs on this site include information on ports and port scanners determine what ports are open and in turn, what protocols or services are running on a system.
Securing Wireless Networks with Security Protocols
Since wireless networks broadcast over the air, anyone who has a wireless transceiver can intercept the transmissions. You can secure wireless networks with several different steps, but the most important step is to implement a security protocol. As an introduction, the available security protocols are:
- WEP. Considered compromised and should not be used
- WPA. Considered compromised, but stronger with AES (instead of TKIP)
- WPA2. Current standard and provides best security when used in Enterprise mode (with an 802.1X or RADIUS server)
Securing Wireless Networks with WEP
Wired Equivalent Privacy (WEP) was the original security protocol used to secure wireless networks. As the name implies, the goal was to provide the same level of privacy and security within a wireless network as you’d have in a wired network.
Unfortunately, WEP has significant vulnerabilities, and tools are widely available to break into WEP-protected networks. Due to the widely published vulnerabilities of WEP, it was deprecated in 2004. WPA was identified as an interim replacement, and WPA2 is a permanent replacement.
An important concept is that most encryption methods use both an algorithm and a key. Encryption algorithms are widely known, but the keys should be kept secret and changed regularly.
WEP uses the RC4 stream cipher for encryption of transmitted data. An important implementation rule with any stream cipher is that encryption keys should never be reused. A single key can encrypt and decrypt data, but if encryption always uses the same key to decrypt and decrypt the data, it becomes relatively easy for an attacker to crack the key and read the data. Even if the encryption reuses a key just once, it increases the ability of an attacker to crack it.
Remember this
WEP is weak and should not be used. It has several problems including the misuse of encryption keys with the otherwise secure RC4 symmetric encryption protocol. In an IV attack, the attacker uses packet injection, increasing the number of packets to analyze, and discovers the encryption key.
Securing Wireless Networks with WPA
Wi-Fi Protected Access (WPA) was an intermediate replacement for WEP. It provided an immediate solution to the weaknesses of WEP without requiring users to upgrade their hardware. Even when WPA replaced WEP, its developers recognized that WPA wasn’t solid enough to last for an extended period. Instead, WPA improved wireless security by giving users an alternative to WEP with existing hardware while the developers worked on creating the stronger WPA2 protocol.
When first released, WPA used RC4 stream encryption with Temporal Key Integrity Protocol (TKIP). This is the same RC4 that WEP implemented incorrectly resulting in vulnerabilities. However, TKIP implemented it correctly and did a better job of managing the encryption keys. Even though TKIP helped correct several of WEPs flaws, it was ultimately cracked.
Later implementations of WPA can use Advanced Encryption Standard (AES) instead of TKIP. Chapter 10 presents in AES in more depth, but in short, it is a very strong and efficient encryption algorithm. Many applications beyond WPA2 use AES to provide secure encryption and ensure confidentiality.
A benefit of TKIP is that it didn’t require new hardware. WEP users could upgrade software and/or firmware and implement WPA with TKIP without the need to replace the hardware. Newer hardware supports WPA2, so the usage of WPA and TKIP is waning. However, you may still see some legacy hardware using WEP, WPA, and TKIP. Several people have been successful at cracking WPA with TKIP, so whenever possible, it’s best to upgrade WPA to WPA2, or at least upgrade TKIP to AES.
Securing Wireless Networks with WPA2
Wi-Fi Protected Access v2 (WPA2) is the permanent replacement for WEP and WPA. WPA2 (also known as IEEE 802.11i) uses stronger cryptography than both WEP and WPA. The Wi-Fi Alliance requires all devices carrying its WI-FI CERTIFIED logo to meet WPA2 standards.
WPA2 supports Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), which is based on AES. In contrast, the first implementation of WPA used TKIP with RC4, and later implementations used AES. WPA2 also uses much more secure methods of managing the encryption keys.
Remember this
WPA provided an immediate replacement for WEP, and it didn’t require the replacement of hardware. WPA2 is a permanent replacement of WEP and is recommended for use instead of WEP or WPA. WPA2 supports CCMP (based on AES), which is much stronger than the older TKIP protocol.
While WPA2 provides significant security improvements over previous wireless encryptions, some enterprises need stronger security. Another step you can take is to enable authentication with Enterprise mode.
Securing Wireless Networks with Personal and Enterprise Modes
Both WPA and WPA2 operate in either Personal or Enterprise modes, and Enterprise mode provides additional security by adding authentication. As a reminder, authentication (presented in chapter 1) proves a userss identity with the use of credentials such as a username and password.
Personal mode uses a preshared key (PSK) and is rather simple to implement. You simply enter the same PSK in each of the wireless devices as you enter in the WAP. In this way, anyone with the PSK can access the wireless network. WPA-PSK or WPA2-PSK indicates Personal mode.
However, each of these users access the network anonymously, since a single PSK used by all users does not provide unique identification. In contrast, if users have usernames and passwords, the usernames provides identification of the users, and the passwords provide proof that the users are who they claim to be.
Enterprise mode (also called 802.1X mode) uses an 802.1X server (introduced in chapter 1) to provide authentication. In a wireless network, it acts like a RADIUS server, providing central authentication for the wireless clients. 802.1X servers can use multiple methods of authentication from simple usernames and passwords, to extensible authentication protocols (EAP) such as LEAP and PEAP.
Wireless authentication systems are more advanced than most home networks need, but many larger organizations use them. In other words, most home networks will use Personal mode while many organizations will use Enterprise mode to increase security. A combination of both a security protocol such as WPA2 and an 802.1X authentication server significantly reduces the chance of a successful access attack against a wireless system. Even WPA Enterprise using AES provides stronger security than WPA2-PSK.
Remember this
Personal mode (or WPA-PSK and WPA2-PSK) uses a preshared key and does not provide individual authentication. WPA/WPA2 Enterprise mode is more secure than Personal mode, and it provides strong authentication. Enterprise mode uses an 802.1X server (implemented as a RADIUS server) to add authentication.
Similarly, some hotels and resorts use pay-as-you-go Wi-Fi access. For example, some Las Vegas hotels and Walt Disney resorts have wireless access for $15 per day. If you choose to pay for this service, you create an account with a username and password. To access the wireless network, you authenticate with these credentials.
Other Security+ Study Resources
- Security+ blogs organized by categories
- Security+ blogs with free practice test questions
- Security+ blogs on new performance based questions
- Mobile Apps: Apps for mobile devices running iOS or Android
- Audio Files: (Learn by listening with over 4 1/2 hours of audio on Security+ topics)
- Flashcards: 31 Security+ Topic flashcards and 17 Security+ acronyms flashcards (free samples)
- Quality Practice Test Questions: Over 475 quality Security+ practice test questions with full explanations
- Full Security+ Study Packages: Quality practice test questions, audio, and Flashcards)