Saturday, November 24, 2012

Chapter 12 Using Mobile Computers


Wireless networks have the same threats as cabled networks, but are easier for attackers to break in.  Cabled networks require physical access to the network, whereas wireless attacks transpire offsite, like in a car outside a building. Specific wireless attacks:

·         Eavesdropping - capture traffic at the WAP (wireless access point)

·         Masquerading - attacker gains access by pretending to be authorized user

·         Attacks against wireless clients - launch network based attacks on computer connected to ad-hoc network or untrusted wireless network

·         Denial of service (DOS) - jam frequencies preventing users from communicating with network

·         Data tampering - man-in-the middle attack used to modify information before sending to intended destination

(WEP)  wired equivalent Privacy and (WPA and WPA2) WiFi Protected Area (more secure than WEP) are two main security protocols used in wireless networks. You must decide which protocol to use and all devices must support the one you choose.

·         WEP - most frequently cracked

o   Doesn't provide automatic changing of the shared secret

o   Shared secret tend to stay in place indefinitely giving attackers longer time to crack the code

·         WAP - two encryption options/two operational modes

o    TKIP - temporal key integrity protocol - uses unique encryption key for each packet

o   AES - advanced encryption system - uses more secure encryption algorithm - requires equipment that specifically supports it

o   WPA-Personal - aka WPA-PSK (preshared key mode) - only devices with WPA passphrase can join the network

o   WPA-Enterprise - aka WPA9802.1X or WPA-RADIUS - more difficult to implement and configure, but is more secure - eliminates shared passphrase - provides centralized administration, logging and auditing

Using Windows mobility center, you can modify configuration settings of the computer you are working on. You can configure power settings, display, brightness, etc. Table 12-2 on page 462 displays the default power plan settings for: power saver, balanced and high performance plans.

BitLocker is an encrypting file system that makes it possible to encrypt an entire volume, while BitLocker To Go encrypts removable USB devices such as flash drives and external hard disks. Full volume encryption advantages:

·         Increased data protection

·         Integrity checking - ensures that if the hard drive is stolen and installed into a different computer, access will be denied

Assign a DRA - data recovery agent - in case a user loses the startup key and/or the PIN needed to boot a system with BitLocker enabled.

VPN creates a tunnel between client and server, which encrypts the data. VPN protocols that Windows Server 2008 supports:

·         PPTP - Point to Point tunneling protocol - oldest and least secure

·         L2TP - Layer 2 tunneling protocol - relies on IPsec for encryption - performs double encapsulation

·         SSTP - Secure socket tunneling protocol - encapsulates PPP traffic using Secure Socket Layer (SSL) protocol - uses certificates for authentication

·         IKEv2 - Internet Key Exchange, Version 2 - new in Windows 7 and Server 2008 R2 - supports IPv6 and VPN Reconnect feature -based on (MOBIKE) mobile and multihoming protocol enables a computer to reconnect to a VPN server automatically after an interruption up to 8 hrs

 

 

 

 

No comments:

Post a Comment