Price: $1,499.00
Course Number: 504
Length: 2 Days
Print Friendly, PDF & Email

Wireless LANs Security Training is the cutting edge training in wireless LAN security technologies.

Who Should Attend

This course targets experienced networking professionals who wish to gain critical skills in wireless networking security, including how hackers attack networks and the means for preventing them from doing so. With the burgeoning growth of wireless LAN installations, all IT professionals must become knowledgeable about security - wireless security in particularSystem, network and security administrators. Individuals or organizations interested in new prevention, detection, or incident response technologies. University, government, or military

Objectives

The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This course is based on real world examples, solutions, and deployments. All material is developed and taught by individuals with extensive experience in wireless security research. Each student is supplied a CD-ROM with the latest tools, software, and documentation.

Wireless LAN Security Training include:

  • Exploring 802.11a, 8011.b, 802.11g, 802.11n and 802.11ac Network Architecture and Design
  • Understanding 802.11 Security Threats
  • Security Management, Wireless LAN Intrusion and Policy
  • Overview of security software and protocols for wireless LANs
  • Exploring of the security weaknesses of and threats to wireless LANs
  • Overview of implementation of the best and latest security techniques and mechanisms
  • Implementation of WEP, WPA, WPA2, 802.11i and 802.1x

Outline

Wireless LANs Security Basics

  • Why Is 802.11 Vulnerable to Attack?
  • Risk Assessment
  • Intermediate Security Measures
  • Radio Transmission
  • Inherent Insecurity
  • 802.11, 802.11a, 802.11b, 802.11g and 802.11n
  • Ad Hoc vs. Infrastructure Mode
  • Wired Equivalent Privacy (WEP)
  • 64-bit and 128-bit WEP encryption
  • WEP and RC4 stream cipher
  • Initialization vector (IV)
  • 802.1x
  • EAP Authentication Types
  • LEAP Authentication
  • Other Authentication Methods
  • Transportation Layer Security
  • A Comparison of Security Methods
  • Wi-Fi Protected Access (WPA)
  • 802.11i

Wireless LANs Attacks and Risks

  • An Example Network
  • Denial-of-Service Attacks
  • Wireless Risks
  • Threat Analysis & Hacking
  • Methodology
  • Classification of Attacks
  • Attacks Without Keys
  • Snooping
  • Man-in-the-Middle Attack (Modification)
  • Attacks on the Keys
  • One-time Passwords
  • Burying the Keys
  • Wireless Attacks
  • Attacking the Keys Through Brute Force
  • Dictionary Attacks (Dictionary-Building or Table Attacks)
  • Algorithmic Attacks
  • Target profiling
  • Physical security
  • Social engineering
  • Wireless bridges
  • Sniffing and stealing
  • Malicious data insertion
  • Denial of Service (DoS)
  • Peer-to-peer hacking
  • Unauthorized control

Maximizing Wireless Security

  • Common Sense Solutions
  • WEP
  • WPA
  • WPA2
  • 802.11i
  • 802.1x
  • Components of WPA
  • WPA Algorithms
  • WPA Pre-Shared Key
  • WPA RADIUS
  • WPA2 (Wi-Fi Protected Access 2) Security
  • WPA and WPA2
  • IEEE 802.11i (RSN) – Enhanced Wireless Security
  • TKIP
  • AES
  • 802.11i vs. WPA2
  • 802.1x Authentication and 802.11i
  • EAP-PEAP-LEAP
  • EAP-TLS
  • EAP-TTLS
  • VPN over 802.11

Rudimentary security measures

  • SSID
  • MAC filters
  • Static WEP
  • Default configurations
  • Firmware upgrades
  • Physical security
  • Periodic inventory

Station Security

  • Client Security Goals
  • Audit Logging
  • Security Updates
  • FreeBSD Station Security
  • Linux Station Security
  • OpenBSD Station Security
  • Mac OS X Station Security
  • Windows Station Security
  • Access Point Security
  • Setting Up an Access Point
  • General Access Point Security
  • Up a Linux Access Point
  • Setting Up a FreeBSD Access Point
  • Setting Up an OpenBSD Access Point

Gateway Security

  • Gateway Architecture
  • Secure Installation
  • Firewall Rule Creation
  • Rate Limiting
  • DHCP
  • DNS
  • Static ARP
  • Auditing
  • Authentication and Encryption
  • Portals
  • IPsec VPN
  • IEEE 802.1X Port Based Network Access Control

Intermediate Security Measures

  • Rogue equipment
  • Cell sizing
  • Protocol filters
  • SNMP
  • Discovery protocols
  • Wireless segment configuration
  • Remove vulnerabilities
  • Client security
  • IP Services

Advanced Security Measures

  • Wireless security policy
  • Authentication & encryption
  • Wireless DMZ and VLANs
  • Audits
  • Authenticated DHCP
  • Traffic patterns
  • Wireless LAN Auditing Tools
  • Discovery tools
  • Password crackers
  • Share enumerators
  • Network management and control
  • Wireless protocol analyzers
  • Manufacturer defaults
  • Password sniffers
  • Antennas and WLAN equipment
  • OS fingerprinting and port scanning
  • Application sniffers
  • Networking utilities
  • Network discovery and management
  • Hijacking users
  • Jamming tools
  • WEP crackers
  • Operating system defaults

Hardware & Software Solutions

  • RADIUS with AAA Support
  • RADIUS Details
  • Kerberos
  • Static and Dynamic WEP and
  • TKIP
  • 802.1x
  • 802.1X Key Management
  • PMK, GMK, PTK, GTK, KCK, and KEK
  • Extensible Authentication Protocol (EAP)
  • VPNs
  • Encryption Schemes
  • Routers
  • Switch-Routers
  • Firewalls
  • MobileIP VPN Solutions
  • Enterprise Wireless Gateways
  • Switches, VLANs, & Hubs
  • SSH2 Tunneling & Port

Prevention & Countermeasures

  • 802.1x
  • 802.11i
  • TKIP
  • AES
  • CCM block diagram
  • Intrusion detection
  • WEP attacks
  • WEP key recovery
  • Weaknesses in the Key Scheduling Algorithm for RC4
  • WPA and WPA attacks
  • 801.11i attacks
  • 802.1x attacks

Implementation and Management

  • Design and implementation
  • Equipment configuration and placement
  • Interoperability and layering
  • Security management
  • Policy

Wireless LAN Auditing Tools

  • Discovery tools
  • Password crackers
  • Share enumerators
  • Wireless protocol analyzers
  • Manufacturer defaults
  • Password sniffers
  • Antennas and WLAN equipment
  • OS fingerprinting and port scanning
  • Application sniffers
  • Networking utilities
  • Network discovery and management
  • Hijacking users
  • RF Jamming and Dataflooding tools
  • WEP crackers

Hands-on Labs and Exercises

  • Packet Analysis and Spoofing
  • Rogue Hardware and Default Settings
  • RF Jamming and Data Flooding
  • Information Theft
  • Wireless Hijacking and DOS Attacks
  • Access Point VPNs
  • Scalable Wireless VPN Solutions
  • EAP - Cisco® Wireless (LEAP)
  • Layered Wireless Security
  • Wireless Bridging Security
  • 802.1x and EAP-TTLS
  • SSH2 Tunneling and Local Port Redirection
  • Working with WPA and WPA2
  • Working with 802.11i

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.