1 / 19

Revising Home Wi-Fi Security Issues

Revising Home Wi-Fi Security Issues. Sankardas Roy Department of Computing and Information Sciences Kansas State University. IP addresses in a private network are not globally unique Private networks use addresses from the following address ranges : 10.0.0.0 – 10.255.255.255

johnsonleslie
Télécharger la présentation

Revising Home Wi-Fi Security Issues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Revising Home Wi-Fi Security Issues Sankardas Roy Department of Computing and Information Sciences Kansas State University

  2. IP addresses in a private network are not globally unique • Private networks use addresses from the following address ranges : • 10.0.0.0 – 10.255.255.255 • 172.16.0.0 – 172.31.255.255 • 192.168.0.0 – 192.168.255.255 • A Private IP network can be connected to the Internet via a NAT device Network Address Translation (NAT) Acknowledgement: http://www.cs.virginia.edu/~itlab/book/slides/index.html

  3. Private Addresses: An Example Scenario Acknowledgement: http://www.cs.virginia.edu/~itlab/book/slides/index.html

  4. Why a Home Router Needs to Work as a NAT Device? • You have multiple computers at home but you have been given only one public IP address by the Internet Service Provider (ISP) • The NAT feature of a home router possibly changes IP addresses (and port numbers) of IP datagrams when the datagrams leave/enter the private network • The NAT feature of a home router allows multiple computers at home to communicate with the outer world.

  5. Basic operation of a NAT Device NAT device has an address translation table (green one); the datagrams (yellow ones) flow in and out. Acknowledgement: http://www.cs.virginia.edu/~itlab/book/slides/index.html

  6. IP masquerading: In this example, the outside world thinks there is only one IP (i.e. 128.143.71.21) inside the private home network. Acknowledgement: http://www.cs.virginia.edu/~itlab/book/slides/index.html

  7. Screenshots of the configuration pages for a few features of the router are shown in the following slides Examples of router features are Firewall Port forwarding IP filtering or MAC filtering DMZ Dynamic DNS Ping blocking A Case Study: the Belkin Wireless Home Router

  8. Configuring the LAN Settings

  9. Configuring the Port Forwarding

  10. Configuring the DMZ Option

  11. Configuring the Dynamic DNS

  12. Configuring the Firewall

  13. Configuring the IP Filtering

  14. Configuring the MAC Filtering

  15. Configuring the Ping Blocking

  16. Configuring the Utilities

  17. What We Learned • Open home Wi-Fi poses many threats • Eavesdropping • Web session hijacking • Adversary’s launching attacks using your home network as the launch pad • We discussed the standard solution • Configure your home wireless router with security protocol such as WPA2 • Disable insecure features such as DMZ, WPS, remote access, UPnP, etc.

  18. Questions • What is the difference between Port Forwarding and DMZ? • Can these two features exist together in the same router? • Which option is less dangerous? Why? • What is the Dynamic DNS feature in your home router? • When do we need it? • How does it work?

  19. Reminders • The next class will be in Room 128 • Get credentials to use computers in Room 128 • Please carefully observe your homework grade • KSOL can show some “zeros” by default • I have graded until Homework 4 and posted the grade online • I have also sent you graded Homework 1, 2, 3, 4 via email • You can always email me (sroy@ksu.edu) if any confusion • We can meet off the class • Please attend each class • 30% of the grade comes from the class participation • Ask questions; raise relevant issues in class or via emails

More Related