Professional Documents
Culture Documents
DSL Router
DSL
Connection
Etc.
MAC filters
Some APs provide the capability for checking the MAC address of
the client before allowing it to connect to the network.
Using MAC filters is considered to be very weak security because
with many Wi-Fi client implementations it is possible to change the
MAC address by reconfiguring the card.
An attacker could sniff a valid MAC address from the wireless
network traffic .
Basic 802.11 Security
The following steps occur when two devices use Open System
Authentication:
The station sends an authentication request to the access point.
The access point authenticates the station.
The station associates with the access point and joins the network.
The process is illustrated below.
Authentication Type: Open System
Authentication
Authentication Type: Shared Key
Authentication
Task group "i" within the IEEE 802.11 is responsible for developing
a new standard for WLAN security to replace the weak WEP (Wired
Equivalent Privacy).
The IEEE 802.11i standard utilizes the authentication schemes of
802.1x and EAP(Extensible Authentication Protocol) in addition to a
new encryption scheme AES (Advanced Encryption Standard)
and dynamic key distribution scheme - TKIP(Temporal Key Integrity
Protocol).
802.11i = TKIP + IEEE 802.1x + AES
802.11i Future Wireless Security
Standard