Cybersecurity Capstone_ Threats and Attack Surfaces (2024_09_10).pptx

Full Transcript

Cybersecurity Capstone: Wireless Attacks Sept 10, 2024 Random Pokemon Fact Ekan snak s E Evolves to…. Arbok kobrA To do’s for today! 1) VRTV news 2) Quiz 3) Let’s talk about Networking! (The Internet kind, not the people kind) ...

Cybersecurity Capstone: Wireless Attacks Sept 10, 2024 Random Pokemon Fact Ekan snak s E Evolves to…. Arbok kobrA To do’s for today! 1) VRTV news 2) Quiz 3) Let’s talk about Networking! (The Internet kind, not the people kind) Wireless Networking Detour Assumptions: 1) Everyone in this room sound the same 2) You can only “hear” people talking, you cannot “see” anything 3) Everyone in the room can hear everyone else 4) Everyone has a unique identifier (in the Networking world, this would be the MAC address) 5) Everyone knows everyone else’s MAC address Wireless Networking Detour Let’s try to trick people. 4.1.2 – Wireless Devices Wireless Devices Electronic devices that communicate wirelessly using radio frequency (RF) signals. Examples: Wi-Fi routers, access points, mobile devices. Installation Considerations: Placement, obstacles, interference sources. Security Measures: Encryption, authentication. Installation Considerations Strategic Placement: Optimal coverage and signal strength Factors: Building layout, obstacles, intended usage areas. Interference Mitigation: Identify and mitigate sources of interference. Security Measures: Encryption protocols, secure authentication. Site Surveys Pre-Deployment Survey: Assess environment, plan access point placement. Considerations: Interference sources, coverage requirements. Post-Deployment Survey: Validate coverage, identify connectivity issues. Importance: Ensure optimal coverage and signal strength. Heat Maps Visualize wireless signal strength and coverage areas. Purpose: Identify areas of strong/weak signal, guide adjustments. Tools: Specialized software, color gradients for signal strength. Importance: Optimize coverage and minimize interference. Wireless Security Settings Configurations and protocols to secure wireless networks. Latest Standard: Wi-Fi Protected Access 3 (WPA3) for stronger encryption and security features. Introduces individualized data encryption for each user. Protects against brute-force attacks. Has stronger key exchange protocols. Both WPA2 and WPA3 are “good” standards and should replace WEP (Wired Equivalent Privacy) More Wireless Security Settings Protocol: Remote Authentication Dial-In User Service (RADIUS) for centralized authentication and authorization. Facilitates secure authentication by verifying credentials of users attempting to connect to the wireless network. Cryptographic Protocols: Advanced Encryption Standard (AES) for robust encryption. Authentication Protocols Framework: Extensible Authentication Protocol (EAP) for supporting various authentication methods. Method: Protected Extensible Authentication Protocol (PEAP) for providing a secure tunnel for authentication. Importance: Ensuring only authenticated users have access. Layered Approach: Addressing different aspects of security. Implementation Layered Approach: Implementing strong cryptographic and authentication protocols. Security Threats: Safeguarding against unauthorized access and data interception. Updates: Regularly updating security settings and standards. Importance: Maintaining a secure wireless environment. 4.5.1 – Endpoint - Protocol & Email Security Secure Protocols Implementation of secure protocols involves careful selection and configuration of protocols, ports, and transport methods. Secure protocols are designed with encryption and security mechanisms to ensure data confidentiality and integrity. Examples include Hypertext Transfer Protocol Secure (HTTPS), Secure File Transfer Protocol (SFTP), and Transport Layer Security (TLS). Ports and Transport Methods Ports are virtual endpoints facilitating communication between applications and services. Assigning specific ports for secure protocols helps in organizing and controlling network traffic. Commonly used ports include 443 for HTTPS, 22 for SSH (Secure Shell), and 990 for FTPS (FTP Secure). Secure transport methods, like TLS and SSL, ensure data encryption during transmission. Encryption safeguards data from unauthorized access, providing confidentiality and protecting sensitive information. DNS Filtering Domain Name System (DNS) filtering is a cybersecurity measure involving controlling and monitoring website access by filtering DNS queries. DNS translates domain names into IP addresses for internet communication. DNS filtering serves security, privacy, and content control purposes. Blocks access to malicious or harmful websites by maintaining databases of known threats. DNS Filtering in Organizations Organizations use DNS filtering to enforce content control policies, blocking specific website categories. Contributes to privacy protection by blocking domains involved in user data tracking. Utilized in parental control solutions to restrict access to inappropriate content. DNS filtering services integrate threat intelligence feeds for real- time blocking of emerging threats. Overall, DNS filtering enhances network security, privacy, and content control, offering a proactive defense against online threats. Email Security Protects against threats like unauthorized access, phishing, malware, and spam. Key components include: Domain-based Message Authentication Reporting and Conformance (DMARC) DomainKeys Identified Mail (DKIM) Sender Policy Framework (SPF) Email Gateways Key Components DMARC ensures sender domain authenticity and prevents spoofing and phishing attacks. DKIM verifies email integrity and authenticity by digitally signing messages. SPF prevents email spoofing by specifying authorized IP addresses to send emails for a domain. Email gateways filter incoming emails for threats like malware, phishing, and spam. Email gateways may implement content-filtering policies to prevent delivery of sensitive information. Email Security Importance Email security measures are crucial for protecting sensitive information and maintaining communication integrity. Implementing authentication protocols and using email gateways significantly reduces email-related attack risks. These efforts collectively contribute to a more secure and reliable email communication environment. A Few Case Studies 1) Heartbleed (xkcd explanation) 2) Race conditions 3) iPhone Overflow

Use Quizgecko on...
Browser
Browser