Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...

More documents

Recommendations

Info

68 CHAPTER 4 Wireless Networking ■ Denial of service (DoS) and flooding attacks A DoS occurs when an attacker has engaged most of the resources a host or network has available, rendering it unavailable to legitimate users. PROTECTION AGAINST SPOOFING AND NETWORK HIJACKING Protecting against these attacks involves adding several additional components to the wireless network. The following are examples of measures that can be taken: ■ Using an external authentication source such as RADIUS or SecurID, will prevent an unauthorized user from accessing the wireless network and the resources with which it connects. ■ Requiring wireless users to use a VPN to access the wired network also provides a significant stumbling block to an attacker. ■ Allowing only SSH access or SSL-encrypted traffic into the network. ■ Many of WEP’s weaknesses can be mitigated by isolating the wireless network through a firewall and requiring that wireless clients use a VPN to access the wired network. There are several different tools that can be used to protect a network from IP spoofing with invalid address resolution protocol (ARP) requests. These tools, such as ArpWatch, notify an administrator when ARP requests are detected, allowing the administrator to take the appropriate action to determine whether someone is attempting to hack into the network. Another option is to statically define the MAC/IP address definitions. This prevents attackers from being able to IP spoof without having the defined matching pieces of information. The best protection available is to change the secret key on a regular basis and add additional authentication mechanisms such as RADIUS or dynamic firewalls to restrict access to the wired network. However, unless every wireless workstation is secure, an attacker only needs to go after one of the other wireless clients to be able to access the resources available to it. PROTECTION AGAINST MITM THROUGH ROGUE APS Regular wireless site surveys can be used to see if someone has violated your company security policy by placing an unauthorized AP on the network, regardless of their intent. Frequent site surveys also have the advantage of uncovering the unauthorized APs that company staff members may have set up in their own work areas, thereby compromising the entire network and completely undoing the hard work that went into securing the network in the first place. This is usually done with no malicious intent, but for the convenience of the user, who may want to be able to connect to the network through his or her laptop in meeting rooms or break rooms or other areas that don’t have wired outlets. PROTECTING AGAINST DOS AND FLOODING ATTACKS There is little that can be done to protect against DoS attacks. In a wireless environment, an attacker does not have to even be in the same building or neighborhood.
Site Surveys 69 With a good enough antenna, an attacker is able to initiate these attacks from a great distance away. Using NetStumbler, administrators can identify other networks that may be in conflict. However, NetStumbler will not identify other DoS attacks or other nonnetworking equipment that is causing conflicts (such as wireless telephones, wireless security cameras, amateur TV (ATV) systems, RF-based remote controls, wireless headsets, microphones and audio speakers, and other devices that use the 2.4 GHz frequency). Jamming Attacks Jamming a wireless LAN is similar in many ways to how an attack would target a network with a DoS attack – the difference is that in the case of the wireless network, the attack can be carried out by one person with an overpowering RF signal. The attacker does not need to gain access to your network; instead they can sit in your parking lot or even further away to execute the attack. Although you may be able to readily determine the fact that you are being jammed, you may find yourself hard pressed to solve the problem. Indications of a jamming attack include the sudden inability of clients to connect to APs where there was not a problem previously. Jamming attacks are sometimes used as the prelude to further attacks. In some cases, you find that RF jamming is not always intentional and may be the result of other, nonhostile, sources such as a nearby communications tower or another wireless LAN that is also operating in the same frequency range. Baby monitors, cordless telephones, microwave ovens, and many other consumer products may also be sources of possible interference. CONFIGURING WINDOWS CLIENT COMPUTERS FOR WIRELESS NETWORK SECURITY Some wireless LAN security mechanisms are internal to Windows itself, while others are third-party solutions or part of the IEEE 802.<strong>11</strong> standard. ■ ■ Windows XP Professional – provides excellent support for 802.<strong>11</strong> wireless networks and 802.1x security to the mainstream. Windows Vista Business – very simple to connect to a wireless network and provides security for the connection. SITE SURVEYS A site survey is part of an audit done on wireless networks. Site surveys allow system and network administrators to determine the extent to which their wireless networks extend beyond the physical boundaries of their buildings. Typically, a
Page 2 and 3:
Syngress is an imprint of Elsevier
Page 4 and 5:
xii About the Authors Technical Edi
Page 6 and 7:
2 CHAPTER 1 Network Fundamentals Ne
Page 8 and 9:
4 CHAPTER 1 Network Fundamentals re
Page 10 and 11:
6 CHAPTER 1 Network Fundamentals
Page 12 and 13:
8 CHAPTER 1 Network Fundamentals Wh
Page 14 and 15:
10 CHAPTER 1 Network Fundamentals d
Page 16 and 17:
12 CHAPTER 1 Network Fundamentals
Page 18 and 19:
14 CHAPTER 1 Network Fundamentals T
Page 20 and 21:
16 CHAPTER 1 Network Fundamentals T
Page 22 and 23: 18 CHAPTER 1 Network Fundamentals I
Page 24 and 25: 20 CHAPTER 2 Network Media DID YOU
Page 26 and 27: 22 CHAPTER 2 Network Media Table 2.
Page 28 and 29: 24 CHAPTER 2 Network Media ■ Perf
Page 30 and 31: 26 CHAPTER 2 Network Media Table 2.
Page 32 and 33: 28 CHAPTER 2 Network Media LAN TECH
Page 34 and 35: 30 CHAPTER 2 Network Media CONNECTO
Page 36 and 37: 32 CHAPTER 2 Network Media EXAM WAR
Page 38 and 39: 34 CHAPTER 2 Network Media problems
Page 40 and 41: 36 CHAPTER 2 Network Media electrom
Page 42 and 43: 38 CHAPTER 3 Network Devices Table
Page 44 and 45: 40 CHAPTER 3 Network Devices some o
Page 46 and 47: 42 CHAPTER 3 Network Devices ■
Page 48 and 49: 44 CHAPTER 3 Network Devices ■
Page 50 and 51: 46 CHAPTER 3 Network Devices EXAM W
Page 52 and 53: 48 CHAPTER 3 Network Devices ■ Du
Page 54 and 55: 50 CHAPTER 3 Network Devices Proxy
Page 56 and 57: 52 CHAPTER 3 Network Devices Top Fi
Page 58 and 59: 54 CHAPTER 3 Network Devices the co
Page 60 and 61: 56 CHAPTER 4 Wireless Networking
Page 62 and 63: 58 CHAPTER 4 Wireless Networking
Page 64 and 65: 60 CHAPTER 4 Wireless Networking Ta
Page 66 and 67: 62 CHAPTER 4 Wireless Networking WE
Page 68 and 69: 64 CHAPTER 4 Wireless Networking Th
Page 70 and 71: 66 CHAPTER 4 Wireless Networking us
Page 74 and 75: 70 CHAPTER 4 Wireless Networking si
Page 76 and 77: 72 CHAPTER 4 Wireless Networking co
Page 78 and 79: 74 CHAPTER 5 The OSI Model and Netw
Page 94 and 95: 90 CHAPTER 6 TCP/IP and Routing ■
Page 96 and 97: 92 CHAPTER 6 TCP/IP and Routing For
Page 98 and 99: 94 CHAPTER 6 TCP/IP and Routing UND
Page 100 and 101: 96 CHAPTER 6 TCP/IP and Routing ■
Page 102 and 103: 98 CHAPTER 6 TCP/IP and Routing Sub
Page 104 and 105: 100 CHAPTER 6 TCP/IP and Routing co
Page 106 and 107: 102 CHAPTER 6 TCP/IP and Routing
Page 108 and 109: 104 CHAPTER 6 TCP/IP and Routing al
Page 110 and 111: CHAPTER 7 Wide Area Networking 107
Page 112 and 113: WAN Protocols and Properties 109 In
Page 114 and 115: WAN Protocols and Properties 111 Cr
Page 116 and 117: Internet Access Methods 113 EXAM WA
Page 118 and 119: Internet Access Methods 115 Wireles
Page 120 and 121: Internet Access Methods 117 Top Fiv
Page 122 and 123:
Internet Access Methods 119 with th
Page 124 and 125:
122 CHAPTER 8 Security Standards an
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
144 CHAPTER 9 Network Management
Page 148 and 149:
146 CHAPTER 9 Network Management Wi
Page 150 and 151:
148 CHAPTER 9 Network Management Cr
Page 152 and 153:
150 CHAPTER 9 Network Management
Page 154 and 155:
152 CHAPTER 9 Network Management An
Page 156 and 157:
154 CHAPTER 9 Network Management Lo
Page 158 and 159:
156 CHAPTER 10 Network Troubleshoot
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Glossary 177 Access Determines who
Page 180 and 181:
Glossary 179 Extensible Authenticat
Page 182 and 183:
Glossary 181 Oscilloscope A cable t
Page 184 and 185:
Glossary 183 Wireless Network A net
Page 186 and 187:
186 Index Data link layer, 74-75 fu
Page 188 and 189:
188 Index Network troubleshooting,
show all

Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?