CHAPTER 33

802.11 WIRELESS LAN SECURITY

Gary L. Tagg

33.1 INTRODUCTION

33.1.1 Scope

33.1.2 Background and Uses of Wireless LANs

33.2 802.11 ARCHITECTURE AND PRODUCT TYPES

33.2.1 802.11 Components

33.2.2 802.11 Network Architecture

33.2.3 802.11 Physical Layer

33.2.4 Wireless LAN Product Types

33.2.5 Benefits of Wireless Switch/Access Controller Architecture

33.2.6 Security Benefits of Wireless Switch/Access Controller Architecture

33.3 WIRELESS LAN SECURITY THREATS

33.3.1 Comparison between Wired and Wireless

33.3.2 Specific Threats Enabled by Wireless LANs

33.4 ORIGINAL 802.11 SECURITY FUNCTIONALITY

33.4.1 Security Functionality Overview

33.4.2 Connecting to a Wireless Network and Authentication

33.4.3 Defending against the WEP Vulnerability

33.5 IEEE 802.11I

33.5.1 Structure of the Robust Security Network

33.5.2 802.1X Authentication

33.5.3 Security Association Management

33.5.4 RSNA Key Hierarchy and Management

33.5.5 Temporal Key Integrity Protocol

33.5.6 Counter Mode/CBC-MAC Protocol (CCMP)

33.5.7 Remaining Implementation Issues

33.5.8 Wi-Fi Alliance's WPA and WPA2 Standards

802.11 SECURITY AUDITING TOOLS

33.6.1 Auditor and BackTrack

33.6.2 Kismet

33.6.3 Netstumbler

33.6.4 Airsnort

33.6.5 CoWPAtty and Aircrack

33.6.6 Ethereal

33.6.7 Wellenreiter

33.6.8 Commercial Wireless Auditing Tools

33.7 CONCLUSION

33.8 APPENDIX 33A–802.11 STANDARDS

33.8.1 802.11 and 802.11b: MAC and Physical Layer Specifications

33.8.2 802.11a: 5GHz High-Speed Physical Layer

33.8.3 802.11d: 802.11 Additional ...

Get Computer Security Handbook, Fifth Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.