|
Cryptanalysis of an anonymous wireless authenticat
|
|
Hits: 7 |
|
Date added: 12/17/2006 |
|
Cryptanalysis of an anonymous wireless authentication and conference key distribution scheme
In this paper we analyse an anonymous wireless authentication and con- ference key distribution scheme which is also designed to provide mobile participants with user identification privacy during the conference call. The proposed scheme consists of three sub-protocols: the Call Set-Up Authenti- cation Protocol, the Hand-Off Authentication Protocol, and the Anonymous Conference Call Protocol. We show that the proposed scheme suffers from a number of security vulnerabilities. |
|
|
|
|
|
Definitive Guide To Wireless WarXing
|
|
Hits: 11 |
|
Date added: 07/28/2006 |
|
Wireless security and hacks explained. |
|
|
|
|
|
|
Detecting Wireless LAN MAC Address Spoofing
|
|
Hits: 47 |
|
Date added: 05/04/2007 |
|
An attacker wishing to disrupt a wireless network has a wide arsenal available to them. Many of
these tools rely on using a faked MAC address, masquerading as an authorized wireless access
point or as an authorized client. Using these tools, an attacker can launch denial of service
attacks, bypass access control mechanisms, or falsely advertise services to wireless clients.
This presents unique opportunities for attacks against wireless networks that are difficult to
detect, since the attacker can present himself as an authorized client by using an altered MAC
address. As nearly all wireless NICs permit changing their MAC address to an arbitrary value –
through vendor-supplied drivers, open-source drivers or various application programming
frameworks – it is trivial for an attacker to wreak havoc on a target wireless LAN.
This paper describes some of the techniques attackers utilize to disrupt wireless networks
through MAC address spoofing, demonstrated with captured traffic that was generated by the
AirJack, FakeAP and Wellenreiter tools. Through the analysis of these traces, the author
identifies techniques that can be employed to detect applications that are using spoofed MAC
addresses. With this information, wireless equipment manufacturers could implement anomalybased
intrusion detection systems capable of identifying MAC address spoofing to alert
administrators of attacks against their networks. |
|
|
|
|
|
Encryption in a Windows Environment: EFS File, 802
|
|
Hits: 7 |
|
Date added: 10/19/2006 |
|
Encryption in a Windows Environment: EFS File, 802.1x Wireless, IPSec Transport, and S/MIME Exchange, Digital Shortcut
With the current business, government, and institutional focus on security, organizations are scrambling to make their networks more secure. Although encryption is nothing new to Windows, recent advances in Microsoft® Windows 2003 and Microsoft® Windows XP have drastically simplified the support of encryption technologies in Windows environments. Delivered in Adobe PDF format for quick and easy access, Encryption in a Windows Environment: EFS File, 802.1x Wireless, IPSec Transport, and S/MIME Exchange, 1/e covers the installation and operation of EFS file encryption, IPSec communications encryption, 802.1x wireless encryption, L2TP mobile encryption, as well as the auto-enrollment of certificates that drastically simplifies the administration of encrypted communications. The encryption technologies addressed in this digital Short Cut are included in all copies of Microsoft® Windows 2003 and Microsoft® Windows XP.
Table of Contents
Section 1 What This Short Cut Will Cover
Section 2 Security the Manual Way
Section 3 Installing a Windows Certificate of Authority Server
Section 4 Implementing Encrypted File System (EFS)
Section 5 Implementing IPSec-Encrypted Transport Communications
Section 6 Implementing 802.1x Wireless Encryption
Section 7 Implementing Secured Email Communications with Exchange 2003
Section 8 Summary and Other Resources |
|
|
|
|
|
|
