Chapter 11 - 04 - Discuss and Implement Wireless Network Security Measures - 04_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Wireless Security Tools Cisco Adaptive Wireless IPS N It provides wireless-network threat detection and mitigation against malicious attacks and security vulnerabilities R A Ve 0 N Whetens Gonte AirMagnet WiFi Analyzer PRO Y QO https://www.netally.com Bete RFProtect i https://www.arubanetworks.com i Fern Wifi Cracker g https://github.com OSWA-Assistant http://securitystartshere.org BoopSuite g Metps//www.cisco.com https://github.com Wireless Security Tools = (Cisco Adaptive Wireless IPS Source: https://www.cisco.com Cisco Adaptive security for Wireless dedicated Intrusion monitoring Prevention and System detection (IPS) offers advanced of wireless network network anomalies, unauthorized access, and RF attacks. Fully integrated with the Cisco Unified Wireless Network, this solution delivers integrated visibility and control without the need for an overlay solution. Adaptive WIPS across the network, provides wireless-network threat detection and mitigation against malicious attacks and security vulnerabilities. It also provides security professionals with the ability to detect, analyze, and identify wireless threats. Module 11 Page 1471 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security.'h”'.. cl TMM‘V Exam 212-82 —— B A Ao Vo Qo ——— _! Wireless Control System o A sco User: nfigure System ® | General Properties l_f () NMSP Parameters ; L Active Sessions. » Services ¥ Administration ] Trap Destinations ] logs Product Name :. : Cisco Mobilty Service Engine Version chara Started At 2/ 1:49 PM 9:54 AM Current Server Time 2/ Timezone America/Los_Angeles YP Hardware Restarts 10 Active Sessions 1 S Context Aware Service @ wiIPS Service ® MIR Service ® root ~ ¥ P[] Accounts (i Mantenance i Advanced Parameters: sanity-mse Services > Mobity Services » System » Advanced Parameters General Information | Advanced Parameters TS root @ Virtual Domain: Search | A Logging Options Logging Level : | Trace Cisco UDI Product Identifier (PID) AIR-MSE-3310-K9 Version ldentified (VID) V01 Serial Number (SN) Not Specified Advanced Parameters v Advanced Debug 0 Number of Days to keep Events 2 Session Timeout E” Absent Data cleanup interval [uuo Core Engine [¥] Enable Database [¥] Enable Reboot Hardware General [¥] Enable [ Shutdown Haroware MSE/Location Servers ) Object Manager [¥] Enable SNMP Mediation [C] Enable XML Mediation [¥] enable Asynchronous [] enable NMSP Protocol [] Enable ; o 1-99999 { < 9PPPD nalas | 1 -99999 mins - Advanced Commands enable - - Clear Configuration 1 Detr S t Datab, T l Figure 11.18: Screenshot of Cisco Adaptive Wireless IPS The following are some additional Wi-Fi security auditing tools: = AirMagnet WiFi Analyzer PRO (https.//www.netally.com) = RFProtect (https://www.arubanetworks.com) = Fern Wifi Cracker (https.//github.com) = OSWA-Assistant (http://securitystartshere.org) = BoopSuite (https://github.com) Module 11 Page 1472 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 Configuring the Administrative Security on Wireless Routers () | Q Change the default password on the wireless router B Administration | fl | p Vircless Management Assign a strong and complex password to the router Choose the HTTPS for secure Local N Router Web Access Access Server 7 HITP HITPS T Sman G \ Z’;‘:;:m’m Disable remote router access i’g_:::::;"' Factory Defaults | Firmware Administration Status Upgrade Enable Peet * Disable Change the pasyword to the 2030 router If R s stll using Use hepe s defaut UPnP: Used by cartain programs 1o automatcally open ports for communicaton UPnP More... UPne. f el Dagnostics | confim Remote Router Access | | YWRTSG Facalotas fcovser. i pes Management d) Secutity Leog s A communication | 1 S LsOsION * Enable Disable Enable logging Configuring the Administrative Security on Wireless Routers (Cont’d) LA Dby of Osan Sysivens,v A Dovisom of nm Syrivms, 0 L Wirnlnes G Broadband Router Administration s Administration ''''' Wed Accasy Acconn Teryer Arewas mccen weo Hlarte ™ [ Wb hecess e Aot Vivseas dccann et Elure Euriey o a taste O Daatie S Linksys' [Eop ey Administration Copyright © by EC-Council All Rights Reserved. Reproduction is Configuring the Administrative Security on Wireless Routers In order to harden the wireless router, the recommended security configurations should be applied on the wireless router. These security configuration settings help minimize any wireless attacks and provide the best performance, security, and reliability when using Wi-Fi. The following are the security recommendations that must be considered: 1. Changing the default password of the wireless router Module 11 Page 1473 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Wireless Network Security 2. Assigning a strong and complex password to the router 3. Choosing the hypertext transfer protocol secure (HTTPS) for secure communication 4. Disabling the remote router access 5. Enabling the firewall to block certain WAN requests 6. Configuring an internet access policy 7. Specifying the blocked services, URL, keywords, etc. 8. Disabling the demilitarized zone (DMZ) option 9. Configuring the QoS settings 10. Avoid using the default IP ranges 11. Keep the router firmware up-to-date Wireless-G Broadband Router Administration Setup Wireless Management stics | Faclory Defaults Router Password Local Router Access jeati ‘;"g:fi::";"' Re"‘fg&!’;ns | o Administration Firmware Upgrade | Status Config Management Local Router Access: You can Password: essseseessrrenne d. ge n"" Re-enter to st cssssssessssnnse password and then type it again e RE SRl conlim R 50 "“"n= confirm. Web Access Access Server v Wireless Access o Web: Web Access: Allows you fo HTTP Remote Router Access Management: Management Port: 9 rouler's web utiy. i Enable Disable Enable " ® Disable Remote configure access options to the LI HTTPS More... Remote Router Access: Allows you fo your router ret'rioie“ry‘e (.::oose Yhe port you would 2020 uew] UPnP: use. You fomust the router if & is stil using its default password. Use hitps: L the UPnP: Used by certain programs o automatically open ports for communication ® Enable i Disable Figure 11.19: Strong password Module 11 Page 1474 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 LINKSYS' A Division of Cisco Systems, Inc. Firmeare Verson: Wireless.G Broadband Router Administration Wireless Setup Management Local Router Access Applications & Gaming Access Restrictions Security Y [ I Password 80000000000 are Wireless Access e @ gnavie O pisable :emote anagement. Oenable ® pisable Access Server: Web Status | Local Router Access: You can change the Router's password from here, Enter & new Router password and then type R again in the Re-enter to confirm fieldto confirm. I Re-enter to confrm Web Access WRTS4G Administration Upgrade v8.000 Web Access: Alows you to configure access optons to the router's web utiity More... Remote Router Access: Remote Router Access Allows you fo access your router remotely. Choose the port you would ike to use. You must change the password to the Management Port: router if & is stil using &s defaul password Use hiips. UPnP: Used by certan programs to automatically open ports for communication @ enable UPnP. More... O Disable Cisco Svsrems Cancel Changes Figure 11.20: Enabling HTTPS LiINKSYS' A Division of Cisco Systems, Inc. Frmware Version: Wireless-G Broadband Router Administration Setup Wireless Management Router Pa Access Restrictions Security | Applications & Gaming | rd Local Router Access Web Access [....'........... Access Server Eurte Wreless Access ® gnable Webd WRTS4G Administration Status I Local Router Access: You can change the Router's password from here. Enter a new Router password and then type t agan in the Re-enter to confirm field to confirm Password: Re.enter to confiem v8.000 \ Web Access: Alows you 1o Muttes configure access options to the router's web utiity. More... O Disable Remote Router Access: Remote Router Access Management Port: Alows you to access your router remotely. Choose the port you would ike to use. You must change the password to the Use https. password Remote Managemant router if & is stil using s default UPnP: Used by certain programs to automatcaly open ports for communication UPnP. @ gnable More... O pisable CiscoSvsrems Save Settings Cancel Changes Figure 11.21: Disabling remote router access Module 11 Page 1475 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Wireless Network Security Exam 212-82 LINKSYS® A Division of Cisco Systems, Inc. Fimware Version: v8.00.0 Wireless-G Broadband Router Administration Applications Access & Gaming Restrictions y Defaults Log '® Enable ' | Firmware e WRT54G. Administration Upgrade | Status Config Management You may enable or disable the use of iIncoming and Outgoing Disable logs by selecting the appropriate radio bution More... Incoming Log | Outgoing Log | Cisco Systems Cancel Changes Figure 11.22: Enable logging Module 11 Page 1476 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.