Appendix G

Associate Program Material Appendix GWireless LAN Vulnerabilities MatrixComplete the following matrix by filling in the blank boxes in the table.Security protection Brief description Vulnerabilities Prevention (if any) MAC address filtering Only allows access to a device if its MAC address matches that of a pre-approved list on the router. MAC Spoofing Don’t rely on MAC filtering alone. Open system authentication (SSID beaconing) Disables SSID from being broadcast so wireless networks are harder to detect. A spectrum analyzer can still be used to find the network name. Create a more complex SSID and password settings in your APWEPStands for Wired Equivalency Privacy. Uses 64 bit or 128 bit encryption. (including 24-bit IV) In larger networks, IV’s can be duplicated and cause collisions, which are easy to detect by outside influences Use WPA2 with AES or similar instead on larger, enterprise deployments.Of the six categories of attackers, the one I would most want to bre ak into my network would be hackers, as they attempt to penetrate your network and expose vulnerabilities, then inform you of them. This is opposed to a cracker, which will do the same thing, only steal the data and attempt to sell it. A script kiddie is very dangerous, as they are generally under-experienced hackers and crackers who use someone else’s codes and almost always have malicious intent.Between MAC filtering, WEP, and authentication, I believe that WEP is the most secure of the three. MAC filtering can be easily overcome by MAC spoofing, and is not part of the 802.11 standard. Authentication is somewhat weaker than WEP, as someone could capture the cleartext challenge phrase and the encrypted response frame and gain access to the network. WEP is the strongest of the 3, but is still weak due to IV collisions which can be monitored and the hacker can recover the security key during those collisions.In fact, hackers can even cause massive IV collisions to speed up the process. It should be noted this is really only an issue on larger wireless networks as there are approximately 16 million IV’s that can be handed out. But in an enterprise application, 16 million can happen in a matter of hours or days.