CLICK HERE TO DOWNLOAD PPT ON WLAN CONFIGURATION
WLAN CONFIGURATION Presentation Transcript
1.“WLAN CONFIGURATION, VULNERABILITY AND SCANNING”
2.INTRODUCTION
Wireless LANs, or Wireless Local Area Network (WLANs), have become an indispensable aspect of mobile computing.
Network Manager is the ideal solution for laptops and other portable computers.
We can manually switch between available networks and manage our network connection using an applet in the system tray.
Instead of only one connection being active, multiple connections may be active at once.
This enables you to unplug your laptop from an Ethernet and remain connected via a wireless connection.
We set up a wireless network and scan it for all the risks and vulnerabilities in the network that is set by us for windows 7 and windows xp users.
Wireless LANs, or Wireless Local Area Network (WLANs), have become an indispensable aspect of mobile computing.
Network Manager is the ideal solution for laptops and other portable computers.
We can manually switch between available networks and manage our network connection using an applet in the system tray.
Instead of only one connection being active, multiple connections may be active at once.
This enables you to unplug your laptop from an Ethernet and remain connected via a wireless connection.
We set up a wireless network and scan it for all the risks and vulnerabilities in the network that is set by us for windows 7 and windows xp users.
3.Components of WLAN Network
4.Difference between WLAN and WI-FI
WLAN, short for Wireless Local Area Network and sometimes called Wireless LAN, is a network of computers over distances of a few hundred feet that uses high frequency radio signals to transmit and receive data.
WI-FI means Wireless Fidelity. The term is actually a trademark name used to brand products that belong to a category of WLAN devices.
A WI-FI (ready) device effectively means that it is ready for use in a WLAN. Such devices range from desktop computers, laptops, notebooks, to smartphones, palm tops, and other small devices.
WLAN, short for Wireless Local Area Network and sometimes called Wireless LAN, is a network of computers over distances of a few hundred feet that uses high frequency radio signals to transmit and receive data.
WI-FI means Wireless Fidelity. The term is actually a trademark name used to brand products that belong to a category of WLAN devices.
A WI-FI (ready) device effectively means that it is ready for use in a WLAN. Such devices range from desktop computers, laptops, notebooks, to smartphones, palm tops, and other small devices.
5.Types of WLAN
There are two types of WLANs:
1.Peer-to-peer WLANs
2.Infrastructure WLANs
There are two types of WLANs:
1.Peer-to-peer WLANs
2.Infrastructure WLANs
6.What is Vulnerability?
Vulnerability is a weakness of any programming code like buffer overflow, sql, xss that helps to hack any system or network.
Vulnerability+ exploit=hacking on remote machine
7.What is an Exploit?
An exploit is a piece of malware code that takes advantage of a newly-announced or otherwise unpatched vulnerability in a software applications, usually the operating system, a web browser or a program that routinely activates through a web browser.
A zero day exploit is an exploit that takes advantage of vulnerability on the same day that the vulnerability is announced.
Vulnerability is a weakness of any programming code like buffer overflow, sql, xss that helps to hack any system or network.
Vulnerability+ exploit=hacking on remote machine
7.What is an Exploit?
An exploit is a piece of malware code that takes advantage of a newly-announced or otherwise unpatched vulnerability in a software applications, usually the operating system, a web browser or a program that routinely activates through a web browser.
A zero day exploit is an exploit that takes advantage of vulnerability on the same day that the vulnerability is announced.
8.Types of Attacks
9.WIRELESS LAN VULNERABILITY
Some Common Wireless LAN Vulnerabilities
Vulnerability can be described as some event that exposes us, or in this case a network system, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance.
One major reason that a number of vulnerabilities occur, in both SOHOs and Enterprises, is because uninformed users setup wireless LANs without the prudence necessary to secure these systems from malicious or even accidental events.
10.What is Vulnerability Assessment?
Vulnerability assessment is checking for holes and potential vulnerabilities.
Performing an assessment shows an overview, which can turn up false positives and false negatives.
Some Common Wireless LAN Vulnerabilities
Vulnerability can be described as some event that exposes us, or in this case a network system, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance.
One major reason that a number of vulnerabilities occur, in both SOHOs and Enterprises, is because uninformed users setup wireless LANs without the prudence necessary to secure these systems from malicious or even accidental events.
10.What is Vulnerability Assessment?
Vulnerability assessment is checking for holes and potential vulnerabilities.
Performing an assessment shows an overview, which can turn up false positives and false negatives.
11.Why Do Vulnerability
Assessments?
Identifies vulnerabilities and risks in your networking infrastructure
Validates the effectiveness of current security safeguards.
Quantifies the risks to internal systems and confidential information.
Provides detailed remediation steps to prevent network compromise.
Protects the integrity of online assets.
Continuous monitoring
Assessments?
Identifies vulnerabilities and risks in your networking infrastructure
Validates the effectiveness of current security safeguards.
Quantifies the risks to internal systems and confidential information.
Provides detailed remediation steps to prevent network compromise.
Protects the integrity of online assets.
Continuous monitoring
12.Vulnerabilities
13.Best Practices
Establish chain of command/authority
Create official purpose and procedures
Decide on schedule
Build your reputation
Build relationships
Think in terms of risk
Document everything!
Know your environment
Be prepared
Establish chain of command/authority
Create official purpose and procedures
Decide on schedule
Build your reputation
Build relationships
Think in terms of risk
Document everything!
Know your environment
Be prepared
14. CERT Methodology
1) Setup
2) Test Execution
3) Vulnerability Analysis
4) Reporting
5) Remediation
Repeat!
1) Setup
2) Test Execution
3) Vulnerability Analysis
4) Reporting
5) Remediation
Repeat!
15.Step 1: Setup
Begin documentation
Secure permission
Update tools
Configure tools
Secure permission
Update tools
Configure tools
16.Step 2: Test Execution
Run the tools
Document as you go
Run a packet capture while running the assessment tools
17.Step 3: Vulnerability Analysis
Human interpretation is required to make results meaningful
That interpretation includes
Assessing risk presented by vulnerabilities
Comparing the results to security policy
Verifying vulnerabilities
Prioritizing vulnerabilities
Run the tools
Document as you go
Run a packet capture while running the assessment tools
17.Step 3: Vulnerability Analysis
Human interpretation is required to make results meaningful
That interpretation includes
Assessing risk presented by vulnerabilities
Comparing the results to security policy
Verifying vulnerabilities
Prioritizing vulnerabilities
18.Step 3: Vulnerability Analysis
Causes of errors during vulnerability analysis
Environmental Issues
Timing Issues
Privilege Issues
Tool Issues
People/knowledge Issue
Causes of errors during vulnerability analysis
Environmental Issues
Timing Issues
Privilege Issues
Tool Issues
People/knowledge Issue
19.Step 3: Vulnerability Analysis
Error types
False Positive - Identifying a vulnerability that is not present
False Negative - Failing to identify the presence of a vulnerability
Error prevention
Use several different tools for verification
Examine the traffic generate by tools
Consult with the system owner/administrator
20.Step 4: Reporting
Goals
Present a meaningful summary of the vulnerabilities found
Prioritize and explain vulnerabilities
Provide possible remediation suggestions
Error types
False Positive - Identifying a vulnerability that is not present
False Negative - Failing to identify the presence of a vulnerability
Error prevention
Use several different tools for verification
Examine the traffic generate by tools
Consult with the system owner/administrator
20.Step 4: Reporting
Goals
Present a meaningful summary of the vulnerabilities found
Prioritize and explain vulnerabilities
Provide possible remediation suggestions
21.SOLUTION OF WIRELESS LAN VULNERABILITY
To secure wireless LANs, ensure that there is a centrally managed firewall and implement security at each of the five levels of layers --- perimeter, network, host, application and data. This secures the perimeter and communication, as well as monitors network traffic. Monitoring devices like scanners and sniffers should be set in place to detect activity from hardware, software, and other machines that may be searching flora connection. One of the systems that can be put in place is he“walkthrough”or site survey.
To secure wireless LANs, ensure that there is a centrally managed firewall and implement security at each of the five levels of layers --- perimeter, network, host, application and data. This secures the perimeter and communication, as well as monitors network traffic. Monitoring devices like scanners and sniffers should be set in place to detect activity from hardware, software, and other machines that may be searching flora connection. One of the systems that can be put in place is he“walkthrough”or site survey.
22.LAN VULNERABILITY SCANNER
We will discuss here 3 scanners and they are:-
Angry ip scanner: Angry IP scanner is a very fast IP address and port scanner.It can scan IP addresses in any range as well as any their ports. It is cross-platform and lightweight. Not requiring any installations, it can be freely copied and used anywhere.
23.Look@LAN: Look@lan is a network tool that can scan the whole and provide the useful information about every single connected client, but also detailed graphs and statistics.
A full scan of the network takes anywhere from a few second
to a few minute, depending on how large the network is, with look@lan showing the online and offline IPs as well as
details on every single online client.look@lanruns on low computer recourse and works on most windows version, but window 7 need administrator privilege to scan the network…
We will discuss here 3 scanners and they are:-
Angry ip scanner: Angry IP scanner is a very fast IP address and port scanner.It can scan IP addresses in any range as well as any their ports. It is cross-platform and lightweight. Not requiring any installations, it can be freely copied and used anywhere.
23.Look@LAN: Look@lan is a network tool that can scan the whole and provide the useful information about every single connected client, but also detailed graphs and statistics.
A full scan of the network takes anywhere from a few second
to a few minute, depending on how large the network is, with look@lan showing the online and offline IPs as well as
details on every single online client.look@lanruns on low computer recourse and works on most windows version, but window 7 need administrator privilege to scan the network…
24.GFI Languard: GFI Languard integrates with over 1,500 critical security applications of the following categories: antivirus, antispyware, firewall, anti-phishing, backup client, VPN client, URL filtering, patch management, web browser, instant messaging, peer-to-peer, disk encryption, data loss prevention and device access control.
It provides reports on their status, e.g., if antivirus is enabled and up-to-date, the firewall is turned on, the status of backup software, a list of which instant messaging or peer-to-peer applications are installed in your network, etc
It provides reports on their status, e.g., if antivirus is enabled and up-to-date, the firewall is turned on, the status of backup software, a list of which instant messaging or peer-to-peer applications are installed in your network, etc
Posts
0 comments