EncartaLabs

Wireless LAN Security

( Duration: 2 Days )

The Wireless LAN Security Training course targets experienced networking professionals who wish to gain critical skills in wireless networking security, including how hackers attack networks and the means for preventing them from doing so. With the burgeoning growth of wireless LAN installations, all IT professionals must become knowledgeable about security – wireless security in particular System, network and security administrators. Individuals or organizations interested in new prevention, detection, or incident response technologies.

The purpose of the workshop is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. Wireless LAN Security workshop is based on real world examples, solutions, and deployments.

  • Exploring 802.11a, 8011.b, 802.11g, 802.11n and 802.11ac Network Architecture and Design
  • Understanding 802.11 Security Threats
  • Security Management, Wireless LAN Intrusion and Policy
  • Overview of security software and protocols for wireless LANs
  • Exploring of the security weaknesses of and threats to wireless LANs
  • Overview of implementation of the best and latest security techniques and mechanisms
  • Implementation of WEP, WPA, WPA2, 802.11i and 802.1x

COURSE AGENDA

1

Wireless LAN Security Basics

  • Why Is 802.11 Vulnerable to Attack?
  • Risk Assessment
  • Intermediate Security Measures
  • Radio Transmission
  • Inherent Insecurity
  • 802.11, 802.11a, 802.11b, 802.11g and 802.11n
  • Ad Hoc vs. Infrastructure Mode
  • Wired Equivalent Privacy (WEP)
  • 64-bit and 128-bit WEP encryption
  • WEP and RC4 stream cipher
  • Initialization vector (IV)
  • 802.1x
  • EAP Authentication Types
  • LEAP Authentication
  • Other Authentication Methods
  • Transportation Layer Security
  • A Comparison of Security Methods
  • Wi-Fi Protected Access (WPA)
  • 802.11i
2

Wireless LANs Attacks and Risks

  • An Example Network
  • Denial-of-Service Attacks
  • Wireless Risks
  • Threat Analysis & Hacking
  • Methodology
  • Classification of Attacks
  • Attacks Without Keys
  • Snooping
  • Man-in-the-Middle Attack (Modification)
  • Attacks on the Keys
  • One-time Passwords
  • Burying the Keys
  • Wireless Attacks
  • Attacking the Keys Through Brute Force
  • Dictionary Attacks (Dictionary-Building or Table Attacks)
  • Algorithmic Attacks
  • Target profiling
  • Physical security
  • Social engineering
  • Wireless bridges
  • Sniffing and stealing
  • Malicious data insertion
  • Denial of Service (DoS)
  • Peer-to-peer hacking
  • Unauthorized control
3

Maximizing Wireless Security

  • Common Sense Solutions
  • WEP
  • WPA
  • WPA2
  • 802.11i
  • 802.1x
  • Components of WPA
  • WPA Algorithms
  • WPA Pre-Shared Key
  • WPA RADIUS
  • WPA2 (Wi-Fi Protected Access 2) Security
  • WPA and WPA2
  • IEEE 802.11i (RSN) – Enhanced Wireless Security
  • TKIP
  • AES
  • 802.11i vs. WPA2
  • 802.1x Authentication and 802.11i
  • EAP-PEAP-LEAP
  • EAP-TLS
  • EAP-TTLS
  • VPN over 802.11
4

Rudimentary security measures

  • SSID
  • MAC filters
  • Static WEP
  • Default configurations
  • Firmware upgrades
  • Physical security
  • Periodic inventory
5

Station Security

  • Client Security Goals
  • Audit Logging
  • Security Updates
  • FreeBSD Station Security
  • Linux Station Security
  • OpenBSD Station Security
  • Mac OS X Station Security
  • Windows Station Security
  • Access Point Security
  • Setting Up an Access Point
  • General Access Point Securiy
  • Up a Linux Access Point
  • Setting Up a FreeBSD Access Point
  • Setting Up an OpenBSD Access Point
6

Gateway Security

  • Gateway Architecture
  • Secure Installation
  • Firewall Rule Creation
  • Rate Limiting
  • DHCP
  • DNS
  • Static ARP
  • Auditing
  • Authentication and Encryption
  • Portals
  • IPsec VPN
  • IEEE 802.1X Port Based Network Access Control
7

Intermediate Security Measures

  • Rogue equipment
  • Cell sizing
  • Protocol filters
  • SNMP
  • Discovery protocols
  • Wireless segment configuration
  • Remove vulnerabilities
  • Client security
  • IP Services
8

Advanced Security Measures

  • Wireless security policy
  • Authentication & encryption
  • Wireless DMZ and VLANs
  • Audits
  • Authenticated DHCP
  • Traffic patterns
  • Wireless LAN Auditing Tools
  • Discovery tools
  • Password crackers
  • Share enumerators
  • Network management and control
  • Wireless protocol analyzers
  • Manufacturer defaults
  • Password sniffers
  • Antennas and WLAN equipment
  • OS fingerprinting and port scanning
  • Application sniffers
  • Networking utilities
  • Network discovery and management
  • Hijacking users
  • Jamming tools
  • WEP crackers
  • Operating system defaults
9

Hardware & Software Solutions

  • RADIUS with AAA Support
  • RADIUS Details
  • Kerberos
  • Static and Dynamic WEP and
  • TKIP
  • 802.1x
  • 802.1X Key Management
  • PMK, GMK, PTK, GTK, KCK, and KEK
  • Extensible Authentication Protocol (EAP)
  • VPNs
  • Encryption Schemes
  • Routers
  • Switch-Routers
  • Firewalls
  • MobileIP VPN Solutions
  • Enterprise Wireless Gateways
  • Switches, VLANs, & Hubs
  • SSH2 Tunneling & Port
10

Prevention & Countermeasures

  • 802.1x
  • 802.11i
  • TKIP
  • AES
  • CCM block diagram
  • Intrusion detection
  • WEP attacks
  • WEP key recovery
  • Weaknesses in the Key Scheduling Algorithm for RC4
  • WPA and WPA attacks
  • 801.11i attacks
  • 802.1x attacks
11

Implementation and Management

  • Design and implementation
  • Equipment configuration and placement
  • Interoperability and layering
  • Security management
  • Policy
12

Wireless LAN Auditing Tools

  • Discovery tools
  • Password crackers
  • Share enumerators
  • Wireless protocol analyzers
  • Manufacturer defaults
  • Password sniffers
  • Antennas and WLAN equipment
  • OS fingerprinting and port scanning
  • Application sniffers
  • Networking utilities
  • Network discovery and management
  • Hijacking users
  • RF Jamming and Dataflooding tools
  • WEP crackers

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 3,500 Modules on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 20,000 corporate candidates across india and abroad
  • All our trainings are conducted in workshop mode with more focus on hands On

View our other course offerings by visiting www.encartalabs.com/course-catalogue

Contact us for delivering this course as a public/open-house workshop for a group of 10+ candidates at our venue

Top