Wi-Fi Security
Initially wireless LANs or WLANs were slow, expensive, proprietary, and not reliable. The IEEE formed a work group to define wireless standards that would work better and across different vendor’s products. These standards are known as “802.11”.
There are a number of variations of this, 802.11a thru 802.11h (and beyond). By far the most common today is 802.11b, commonly known as “Wi‑Fi”. Other fairly common standards include 802.11g and 802.11a. These are all sometimes referred to as Wi-Fi.
These systems contain a wireless transceiver known as an access point (WAP), which connects (with a cable) to a router or switch. Wi-Fi NICs generally establish sessions with WAPs. (However it is possible for two or more Wi-Fi NICs to setup communication without any WAP; such a WLAN is known as an ad-hoc network. In such a network each NIC is assigned a BSSID (Basic Service Set Identifier), which the other NICs used to identify it. Ad-hoc networks are inherently low security.)
Wireless networking is not new, but previously was mostly used for point-to-point WAN links. Today wireless networking is common for workstations, which today are often laptops and notebook (and PDA) computers.
Wi-Fi has become very popular both in the home and in public areas such as bookstores, coffee houses, and various local area businesses. It is convenient to be able to use your same laptop computer from home or work. There is a dark security side to this picture however!
Wi-Fi (b) transmission is at 2.4 GHz. This is a commonly used band and thus there is a lot of interference from other devices, cell phones, garage-door openers, microwave ovens, etc. To limit this interference Wi-Fi uses DSSS (direct sequence spread spectrum), a (previously) military technique used to prevent jamming. The bandwidth is divided into 14 channels, and each network needs about 3 (?) of these to communicate at the full speed with devices. Typical transmit power is 10-20 mW (up to 100mW ?). [analogy: wireless phone channels, garage door opener channels.]
802.11a, b, and g operate at different frequencies, speeds, and power ranges.
Threats
Wireless hackers like to tap into WAPs without paying for the service. This is especially attractive to spammers and other evil-doers, as one they leave the vicinity there is no traceable connection between their laptop and the IP address of the WAP. Such unprotected WAPs are known as hot-spots. The hackers locate these by war-walking or war-driving, which means they move about with a laptop and special software locating hot-spots. (And like the hobos of a century ago, they leave chalk marks — war-chalking — as messages to others about the located hot-spots!)
Free software for this is available for all platforms and includes {Mac,Net}Stumbler, Kismet, and AirSnort. Different tools work differently: Stumbler broadcasts connection requests and waits for a response. kismet and AirSnort work by passively listening for Wi-Fi traffic.
An additional security risk is eavesdropping by the WAP operator (or others). Wi‑Fi uses plain/clear text so all documents, emails, etc. can be seen by anyone connected to that WAP.
Still another risk is rogue hot-spots, where an employee will connect a WAP to the company network, inside the firewall. Besides the obvious risks many WAPs contain DHCP servers, which could disrupt the company intranet!
Finally, Wi-Fi is very susceptible to DOS attacks. Even simple jamming by broadcasting noise at the proper frequency will take down a WAP. There are no known effective countermeasures to this threat.
It should have been criminal to not design better security into Wi-Fi. Although System Admins know (usually!) to change default names and passwords and to turn off broadcasting of these, Wi-Fi products are targeted to home users with little training or security awareness.
WAPs, antenna types and placement
The “hub” of a Wi-Fi WLAN is called a WAP or wireless access point. This device operates as the WLAN equivalent of a hub, and contains an Ethernet connection to a server. All the wireless NICs in the area establish communication sessions with a WAP, forming the WLAN. The exact area of the WLAN is determined by the power and type of antennas used by the WAP and NIC. Generally Wi-Fi is good for about 30 to 300 meters. You can fine-tune this area by disabling one antenna, or replacing the antenna(s) with directional ones.
The placement of the WAP is the first issue the admin must deal with. Ideally it should be near the center of the area to be covered, and as far from streets and neighbors as possible. Of course the main point of WLANs is to not have to run lots of wire in your home, and you may live in an apartment with streets and neighbors all around, so you may have to place the WAP in a less desirable location. (Consider using directional antennas, or turning off one or more antennas to reduce the WLAN coverage area.)
The exact area of the WLAN is determined by the power and antennas used by the WAP and NIC. Generally Wi-Fi is good for about 100 to 300 meters. You can fine-tune this area by disabling one antenna, or replacing the antenna(s) with directional ones.
The ideal placement would allow use in all the areas you wish, but no more. You don’t want you WAP accessible from the street or from a neighbor’s home.
WAP Broadcasts (Beaconing)
Each WAP has an assigned name known as the network identifier or ESSID (Extended Service Set Identifier). (The generic term for both BSSID and ESSID is just SSID.) This is just a string of digits and characters which is used to identify all the people wanting to be on the same logical network.
By default WAPs continually broadcast a here I am! signal, their SSIDs, which is known as beaconing. Networks using different network identifiers still share the bandwidth, but are logically separate and ignore each other.
Some hosts (including most Windows computers) automatically use the strongest WAP signal they can find. This can be a problem if your neighbor’s laptop uses your WAP instead of her own! (Unintentionally of course.) Beaconing will also enable the easiest type of intruder activity, war-driving. This is driving around with a laptop trying to find WAPs that broadcast their presence.
Step one in securing your WLAN is to turn off WAP broadcasts. By turning this off the broadcast of the ESSID, the WAP will only respond to directed communications from a properly configured wireless NIC (one that already knows the ESSID). Most WAPs also support SNMP management, using default community strings (passwords). You should disable SNMP on the WAP, or at least change the default password.
Step two is to enable MAC address filtering. For a private WAP this is a useful way to limit the use to just a few laptops. For a large organization, or a pubic WAP this measure can’t be used.
WEP
Even with broadcast turned off your WAP may be found. A passive intruder sitting in a nearby location can see all packets on your WLAN. (Just like with old hub technology, WLANs truly are broadcast networks!) So a security scheme was designed and required for 802.11 compatibility. This became know as WEP (Wired equivalent Privacy). This was intended to encrypt the WAP-NIC communications so eavesdroppers could learn nothing. All 802.11a,b, and g products support WEP, however most products today still ship with all security settings off!
[ Example reported by Kjell J. Hole, Erland Dyrnes, and Per Thorsheim in IEEE Computer, 7/2005 issue Securing Wi-Fi Networks, pp. 28–34: The city of Bergen, Norway has a population of about 235,000 people. By war-walking and driving, they found 706 hot-spots. Of these only 244 used WEP. 166 still used the default names assigned by the manufacturer and were broadcasting their names for all hackers to hear. ]
WEP was designed to use RC4, a strong encryption technique. Unfortunately the design of WEP is flawed and uses RC4 in an insecure way. An intruder with a modest laptop and free software can crack WEP in just a few minutes to a few hours of listening! None-the-less you should turn on WEP, as this will discourage (honest) neighbors from using your WAP, and may prevent folks from thinking (or later claiming in court) they thought your WAP was a public one.
AirSnort can crack WEP keys with just a few (1–6) megabytes of traffic. A home user can use WEP safely only by changing keys after every 750kb or so of transmitted data. However this is not practical in a corporate setting.
WEP allows for different key lengths, and each device contains 4 WEP keys, any of which can be designated the default. You should configure each NIC with the larges key length available, and a different default for each (of course if you have more than 4 NICs some must use the same default).
Some early attempts to fix WEP include WEP2 and dynamic WEP. Neither of these solutions has been widely deployed.
802.11i
— Robust Security Networking (RSN)
In March of 2001 the IEE 802.11 group formed a task force (group) to address security. After over three years 802.11i was approved. This standard uses the Advanced Encryption Standard (AES), which is the approved U.S. DoD successor to DES. To address issues of authentication and key management this standard requires the use of another IEEE standard, 802.1x, which was originally developed for wired networks. 802.11i is also known as robust security network.
RSN dynamically negotiates the authentication and encryption algorithms to be used for communications between WAPs and wireless clients. This means that as new threats are discovered, new algorithms can be added.
RSN uses the AES along with 802.1x and EAP. The security protocol that RSN builds on AES is called the Counter Mode CBC MAC Protocol (AES-CCMP). This is intended to provide confidentiality, integrity, and origin authentication. 802.11i also allows the use of TKIP instead of AES-CCMP, which is very similar.
TKIP (Temporal Key
Integrity Protocol)
provides several security features of 802.11i.
TKIP (pronounced “tee-kip”) still uses RC4 (but in a much safer way than WEP did!) but forces a new key to
be generated every 10k packets or so.
It also hashes the initialization vector. These measures make cracking the WLAN much
harder!
AES supports key lengths up to 256 bits but is not compatible with older hardware. (Encryption is hard, and without special hardware would be too slow to be useful. The hardware used for RC4 encryption can’t be used for AES encryption.)
There is a specification designed to allow RSN and WEP to coexist on the same wireless LAN called Transitional Security Network or TSN. It’s important to remember that if any devices on a WLAN are using WEP than the WLAN is not secure.
The 802.1x standard uses EAP (Extensible Authentication protocol) to provide a sort of plug-in architecture for security modules. EAP is an authentication framework, not a specific authentication mechanism. EAP provides a way to negotiate an authentication mechanism and some common functions. Such mechanisms are called EAP methods. There are currently about 40 different methods, including EAP-TLS, EAP-SIM, EAP-AKA, PEAP, LEAP (a popular Cisco proprietary mechanism that uses MSCHAP2, known to be weak), and EAP‑TTLS. The idea is the WAP (known as the authenticator) supports some, the NIC (known as the supplicant) supports some, so they use EAP to decide which one they both will use.
EAP-TLS is an IETF open standard, and is well-supported among wireless vendors. It offers excellent security, since TLS is considered the successor of the SSL standard. Even though EAP-TLS provides excellent security, the overhead of client-side certificates (needed for PKI) may make it seem like a daunting task to set up. EAP-TLS is the original standard WLAN EAP authentication protocol. It is universally supported by all manufacturers of wireless LAN hardware and software, including Microsoft.
The 802.1x standard requires any devices wishing to communication with a WAP must first authenticate itself using the EAP agreed mechanism. This is known as port security. (Port in the sense of a NIC in a switch.) The WAP will simply refuse to talk with an unauthenticated device. The authentication can be accomplished by a variety of means, most commonly an authentication server such as RADIUS (but Kerberos or others could be used). Note each device authenticates the other. They use PKI to secure communication between the authentication server and the supplicant.
802.11i also has a pre-shared key mode (PSK, also known as personal mode or home mode), designed for home and small office networks that cannot afford the cost and complexity of an 802.1X authentication server. Each user must enter a passphrase to access the network. The passphrase is typically stored on the user's computer, so it need only be entered once.
The weak passphrases users typically employ create a major vulnerability to password cracking attacks. It is recommended that a passphrase of at least 5 random words or 14 completely random letters be used. For maximum strength 8 random words or 22 random characters should be employed. Passphrases should be changed whenever an individual with access is no longer authorized to use the network or when a device configured to use the network is lost or compromised.
All future 802.11 wireless devices will be 802.11i compliant; it is the successor to WEP. (This includes the new 802.11n high-speed wireless.)
WPA
The problem with fixing Wi-Fi is that 802.11b and WEP have been deployed in millions of NICs and WAPs, all of which would need hardware upgrades to replace the security mechanism with 802.11i. In addition the older hardware needs to be supported for some time to come, but better security than WEP is needed on these devices, one that can be accomplished with a software/firmware upgrade.
The Wi-Fi alliance (www.wi-fi.org) created a interim solution until the more secure standard 802.11i becomes widely available. This is called WPA (Wi‑Fi Protected Access), and it implements a sub-set of a draft of 802.11i.
The WEP key length has been increased from 40 bits to 256 bits. WPA still uses RC4 so that no hardware upgrade is needed to switch from WEP to WPA. Five additional security enhancements were also added (double the Initialization Vector length; IV sequencing, used to prevent replay attacks; key rotation is used; mutual authentication prevents spoofing; and the CRC checksum was replaced with MIC, or Message Integrity Code, which is a kind of digital signature).
WPA uses per-session WEP keys to encrypt traffic, using a plug-in encryption module. WPA by default uses TLS (however this is selectable.) The plug-in nature of the encryption (TLS by default) means different manufacturers can use incompatible WPA compliant products.
Authentication by EAP requires an authentication server, something a home user is unlikely to have (or be able to) setup. To allow for this WPA provides a home mode, which doesn’t use EAP or require RADIUS. Instead it uses a pre-shared key forcing user to enter a password before allowing clients to join the network. WPA defaults to using home mode.
Home mode of WPA
can also be broken with a laptop, only it takes longer (more data) then with
WEP alone. Still, the next security step is to enable WPA,
preferably with RADIUS, and to refresh the security keys often enough to foil
most intruders. (Perhaps with cron.)
Now that 802.11i is
finalized, and some weaknesses in WPA were discovered, a newer version is
available known as WPA2. This is the same as 802.11i but with some
changes that allow interoperability with older WEP and WPA (version 1) devices.
Other Security Measures To Take
The recommended solution is to not use 802.11b but instead one of the more secure alternatives such as 802.11n (when available it will be 802.11i compliant). However this also will require upgrades to all NICs and WAPs that must communicate.
A popular approach today is the VPN (virtual private network, or tunnel), a method of taking a packet of data, encrypting it, then sending the result encapsulated in a TCP/IP packet across the Internet or Wi-Fi network. At the destination the packet is decrypted and the resulting packet is forwarded through the router as normal.
Different VPN protocols are supported by different manufacturers, making incompatibility a problem just like with WPA. Some examples are Microsoft’s PPTP and MSCHAP2 (both of which are deeply flawed with known weaknesses), Cisco’s L2TP, and IpSec (part of IPv6 but available for IPv4). PPTP is popular as all Windows platforms support it, but it is known to be insecure and easily broken.
VPN suffers from an image problem: VIPs in a company like to brag about VPNs, and usually insist they connect the home/laptop computer directly to the intranet (bypassing any firewall). Needless to say this is a bad idea. It is much better to place the WAP in it’s own LAN, connected to the company intranet only through the firewall router (thus treating VPN traffic nearly the same as Internet traffic.)
A VPN solution also requires all traffic to go through the corporate intranet on the way to/from the Internet. (Consider sitting at Starbucks and trying to connect to Google.)
VPN and WPA solutions can be used together in improve
security. A captive portal can
also be used. This is a router that
blocks all traffic unless the user has authenticated. Such portals usually redirect all traffic to a web server,
allowing the user to login, or to agree to terms of service (for public WAPs).
Regardless of your choice of WLAN, use a VPN or some other form of encryption (such as SSH) that runs on top of the network layer. This provides a great deal of protection! However the cost of all that encryption and decryption, and extra protocol overhead, can mean a drop in throughput of up to 80%!
Points
to remember:
· Turn off broadcast of SSID (beaconing)
· Change default SSIDs (names)
· Change default WEP keys (and use maximum key length available)
· Disable SNMP on your WAPs (or al least change the default community strings)
· Connect WAPs in LANs outside of the secured intranet
· War-walk through your company irregularly (no fixed schedule!) to catch rogue hot-spots
· Use WPA or at least WEB, and plan to migrate to more secure standards (something using 802.11i, such as 802.11n) when available
· If using WPA, configuring it to use the maximum WEP key length available
· If using WPA, configure a different default WEP key on different devices
· If using PSK mode, use a strong password
· Use the same manufacturer for all components
· Use captive portals for publicly accessible WLANs
· Use VPNs if possible, or SSH/SSL tunnels
· Install/activate personal firewalls on all laptops or other computers using Wi-Fi
· Linux wireless admin commands: iw* (iwconfig) is used for Wi‑Fi parameters. Note that ifconfig is still used for normal IP parameters.
Configuring WLANs (Wi-Fi)
All the wireless commands
start with “iw”. The two most used are iwconfig which
handles 802.11b/a/g parameters, and iwpriv, which handles the rest. Note that standard TCP/Ip parameters are
still set using ifconfig.
iwconfig interface options, where options include:
· essid name (name of the WLAN)
· nwid name (network ID or BSSID, needed for ad-hoc WLANs)
· freq num (the frequency to use, in Hertz (e.g., 2500000000 or 2.5G)
· mode mode (where mode is one of: Ad-Hoc, Managed, Master, Repeater, Secondary, Monitor, or Auto)
· ap mac-addr the MAC address of the WAP to use
· key key (The encryption key, in hex (“1234-4321-09ac”) or as a string (“s:secret”)
iwpriv Lists other commands supported by NIC, such as WPA modes.
(See also “man wireless”, and the commands iwgetid, iwlist, iwspy, and iwevent.)
Identify
your card
Let’s assume you already have a wireless card plugged in your PC and want to know which one it is and which driver you need. Linux has usually a way to display a card identification, but this depend on the type of card.
If the card is an ISA card, you are usually out of luck.
If the card is a true Pcmcia or Cardbus card, you need to use the command
cardctl ident
to display the card identification strings. Note that cardmgr will also write some identification strings in the message logs (/var/log/daemon.log) that may be different from the real card identification strings.
If the card is a PCI card, you need to use the command “lspci -v” to display the card identification strings.
If the hardware is a USB dongle, you usually get the identification strings from the kernel log using "dmesg" (or in /var/log/messages).
The card identification usually helps to identify the chipset inside the hardware, and in some other cases it does not, because the vendor has changed the identity. Once you have identified the chipset, it is usually straightforward to check if the hardware is supported and which driver to use.
Most Linux drivers knows about some of those card identifications, and will automatically bind to the hardware. It is usually simple to add new identification to a driver.
Jacek Pliszka recommends getting the FCC-ID written at the back of the hardware and to run it through the FCC database. He also recommends checking the Windows driver (both identification and file name) for some clues.
For drivers compiled as modules (but which are not for removable devices), the parameter interface is flexible and each driver may be different, so you must look in the documentation. Basically the driver define a set of parameters by their name and you may set for each keyword an array (one value for each instance of the hardware). The module configuration is usually done in /etc/modprobe.conf like this :
alias eth1 hp100
alias eth2 wavelan
options wavelan io=0x3E0,0x390 name=eth2,eth3 irq=10,11
For Pcmcia modules, the configuration is usually done in the pcmcia scripts in the directory /etc/pcmcia/, and you should check the Pcmcia Howto for details. Note that some distributions may use the HotPlug scripts. Usually, you don’t need extra driver parameters, as Pcmcia is Plug-and-Play, and all driver part of the pcmcia package are already pre-configured for proper auto-loading. However, you need to make sure the pcmcia subsystem load the driver you desire, if there are multiple drivers bound to the same device you may end up with an unexpected driver. In this case, you need to edit the various pcmcia config files (in /etc/pcmcia/ - grep is your friend).
For USB modules, you may use the HotPlug scripts. USB usually don't require any driver parameters, but again, you need to make sure the proper driver is loaded.
Before following up with the wireless configuration, you may want to make sure the driver is properly loaded, recognizes the hardware and can initialize it. This can be done by checking the message logs (with dmesg).