Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...

More documents

Recommendations

Info

66 CHAPTER 4 Wireless Networking using a unicast session key, and then sent from the AP to the client in a much more secure manner. Mutual Authentication 802.1x and EAP provide for a mutual authentication capability. This makes the clients and the authentication servers mutually authenticating end points, and assists in the mitigation of attacks from man-in-the-middle (MITM) types of devices. Any of the following EAP methods provide for mutual authentication: ■ ■ ■ TLS requires that the server supply a certificate and establish that it has possession of the private key. IKE requires that the server show possession of a preshared key or private key (this can be considered certificate authentication). GSS_API (Kerberos) requires that the server can demonstrate knowledge of the session key. Per-Packet Authentication EAP can support per-packet authentication and integrity protection, but it is not extended to all types of EAP messages. For example, negative acknowledgment (NACK) and notification messages cannot use per-packet authentication and integrity. Per-packet authentication and integrity protection works for the following (packet is encrypted unless otherwise noted): ■ ■ ■ ■ ■ TLS and IKE derive session key TLS cipher suite negotiations (not encrypted) IKE cipher suite negotiations Kerberos tickets Success and failure messages that use a derived session key (through WEP) COMMON EXPLOITS OF WIRELESS NETWORKS In general, attacks on wireless networks fall into four basic categories: passive, active, MITM, and jamming. Passive Attacks on Wireless Networks A passive attack occurs when someone listens to or eavesdrops on network traffic. Passive attacks on wireless networks are extremely common, almost to the point of being ubiquitous. Detecting and reporting on wireless networks has become a popular hobby for many wireless war-driving enthusiasts. ■ Detecting wireless networks Utilizing new tools created for wireless networks and the existing identification and attack techniques and utilities originally designed for wired networks, attackers have many avenues into a wireless network. The first step in attacking a wireless network involves finding a network to attack. The most popular software developed to identify wireless networks is the Windows-based NetStumbler
Common Exploits of Wireless Networks 67 ■ (www.netstumbler.com). This type of scan, driving around looking for wireless networks, is known as war driving. Protecting against wireless network detection To defend against the use of NetStumbler and other programs to detect a wireless network easily, administrators should configure the wireless network as a closed system. This means that the AP will not respond to empty set SSID beacons and will consequently be “invisible” to programs such as NetStumbler, which rely on this technique to discover wireless networks. Crunch Time Sniffing Sniffing is the electronic form of eavesdropping on the communications that computers transmit across networks. Wireless networks function very similarly to the original repeaters and hubs by allowing every communication across the wireless network to be viewable to anyone who happens to be listening to the network. In fact, the person who is listening does not even need to be associated with the network in order to sniff! The hacker has many tools available to attack and monitor a wireless network. These tools work well for sniffing both wired and wireless networks. All of these software packages function by putting your network card in what is called promiscuous mode. When the network interface controller is in this mode, every packet that goes past the interface is captured and displayed within the application window. ■ Protecting against sniffing and eavesdropping To protect wireless users from attackers who might be sniffing is to utilize encrypted sessions wherever possible: SSL for e-mail connections, secure shell (SSH) instead of Telnet, and secure copy (SCP) instead of file transfer protocol (FTP). Additionally turn off any network identification broadcasts and, if possible, close down the network to any unauthorized users. Active Attacks on Wireless Networks The mechanisms used in active attacks can be comprised of a combination of methods that ultimately result in an intruder being able to navigate his or her way through the interworking of your network. Some possible attack methods include the following: ■ ■ Spoofing and network hijacking Usage of a legitimate IP address or MAC address by an unauthorized device oftentimes resulting in the redirection of legitimate data packets to the unauthorized device. MITM through rogue APs Interception of network communications through deployment of an AP with enough strength so that the end users may not be able to tell which AP is the authorized one that they should be using. Using this technique, the attacker is able to receive authentication requests and information from the end workstation regarding the secret key and where they are attempting to connect.
Page 2 and 3:
Syngress is an imprint of Elsevier
Page 4 and 5:
xii About the Authors Technical Edi
Page 6 and 7:
2 CHAPTER 1 Network Fundamentals Ne
Page 8 and 9:
4 CHAPTER 1 Network Fundamentals re
Page 10 and 11:
6 CHAPTER 1 Network Fundamentals
Page 12 and 13:
8 CHAPTER 1 Network Fundamentals Wh
Page 14 and 15:
10 CHAPTER 1 Network Fundamentals d
Page 16 and 17:
12 CHAPTER 1 Network Fundamentals
Page 18 and 19:
14 CHAPTER 1 Network Fundamentals T
Page 20 and 21: 16 CHAPTER 1 Network Fundamentals T
Page 22 and 23: 18 CHAPTER 1 Network Fundamentals I
Page 24 and 25: 20 CHAPTER 2 Network Media DID YOU
Page 26 and 27: 22 CHAPTER 2 Network Media Table 2.
Page 28 and 29: 24 CHAPTER 2 Network Media ■ Perf
Page 30 and 31: 26 CHAPTER 2 Network Media Table 2.
Page 32 and 33: 28 CHAPTER 2 Network Media LAN TECH
Page 34 and 35: 30 CHAPTER 2 Network Media CONNECTO
Page 36 and 37: 32 CHAPTER 2 Network Media EXAM WAR
Page 38 and 39: 34 CHAPTER 2 Network Media problems
Page 40 and 41: 36 CHAPTER 2 Network Media electrom
Page 42 and 43: 38 CHAPTER 3 Network Devices Table
Page 44 and 45: 40 CHAPTER 3 Network Devices some o
Page 46 and 47: 42 CHAPTER 3 Network Devices ■
Page 48 and 49: 44 CHAPTER 3 Network Devices ■
Page 50 and 51: 46 CHAPTER 3 Network Devices EXAM W
Page 52 and 53: 48 CHAPTER 3 Network Devices ■ Du
Page 54 and 55: 50 CHAPTER 3 Network Devices Proxy
Page 56 and 57: 52 CHAPTER 3 Network Devices Top Fi
Page 58 and 59: 54 CHAPTER 3 Network Devices the co
Page 60 and 61: 56 CHAPTER 4 Wireless Networking
Page 64 and 65: 60 CHAPTER 4 Wireless Networking Ta
Page 66 and 67: 62 CHAPTER 4 Wireless Networking WE
Page 68 and 69: 64 CHAPTER 4 Wireless Networking Th
Page 74 and 75: 70 CHAPTER 4 Wireless Networking si
Page 76 and 77: 72 CHAPTER 4 Wireless Networking co
Page 78 and 79: 74 CHAPTER 5 The OSI Model and Netw
Page 94 and 95: 90 CHAPTER 6 TCP/IP and Routing ■
Page 96 and 97: 92 CHAPTER 6 TCP/IP and Routing For
Page 98 and 99: 94 CHAPTER 6 TCP/IP and Routing UND
Page 100 and 101: 96 CHAPTER 6 TCP/IP and Routing ■
Page 102 and 103: 98 CHAPTER 6 TCP/IP and Routing Sub
Page 104 and 105: 100 CHAPTER 6 TCP/IP and Routing co
Page 106 and 107: 102 CHAPTER 6 TCP/IP and Routing
Page 108 and 109: 104 CHAPTER 6 TCP/IP and Routing al
Page 110 and 111: CHAPTER 7 Wide Area Networking 107
Page 112 and 113: WAN Protocols and Properties 109 In
Page 114 and 115: WAN Protocols and Properties 111 Cr
Page 116 and 117: Internet Access Methods 113 EXAM WA
Page 118 and 119: Internet Access Methods 115 Wireles
Page 120 and 121:
Internet Access Methods 117 Top Fiv
Page 122 and 123:
Internet Access Methods 119 with th
Page 124 and 125:
122 CHAPTER 8 Security Standards an
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
144 CHAPTER 9 Network Management
Page 148 and 149:
146 CHAPTER 9 Network Management Wi
Page 150 and 151:
148 CHAPTER 9 Network Management Cr
Page 152 and 153:
150 CHAPTER 9 Network Management
Page 154 and 155:
152 CHAPTER 9 Network Management An
Page 156 and 157:
154 CHAPTER 9 Network Management Lo
Page 158 and 159:
156 CHAPTER 10 Network Troubleshoot
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Glossary 177 Access Determines who
Page 180 and 181:
Glossary 179 Extensible Authenticat
Page 182 and 183:
Glossary 181 Oscilloscope A cable t
Page 184 and 185:
Glossary 183 Wireless Network A net
Page 186 and 187:
186 Index Data link layer, 74-75 fu
Page 188 and 189:
188 Index Network troubleshooting,
show all

Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...

Create successful ePaper yourself

Delete template?

Save as template?