This document discusses security issues in wireless systems. It outlines several types of attacks on wireless networks including interruption of service, modification of data, fabrication of fake objects, jamming, interception/eavesdropping, client-to-client attacks, and attacks against encryption protocols. Weaknesses in the Wired Equivalent Privacy (WEP) protocol and misconfiguration of access points are also described. Protecting the confidentiality and integrity of wireless transmissions is challenging due to the broadcast nature of radio frequencies.
This document discusses security issues in wireless systems. It outlines several types of attacks on wireless networks including interruption of service, modification of data, fabrication of fake objects, jamming, interception/eavesdropping, client-to-client attacks, and attacks against encryption protocols. Weaknesses in the Wired Equivalent Privacy (WEP) protocol and misconfiguration of access points are also described. Protecting the confidentiality and integrity of wireless transmissions is challenging due to the broadcast nature of radio frequencies.
This document discusses security issues in wireless systems. It outlines several types of attacks on wireless networks including interruption of service, modification of data, fabrication of fake objects, jamming, interception/eavesdropping, client-to-client attacks, and attacks against encryption protocols. Weaknesses in the Wired Equivalent Privacy (WEP) protocol and misconfiguration of access points are also described. Protecting the confidentiality and integrity of wireless transmissions is challenging due to the broadcast nature of radio frequencies.
This document discusses security issues in wireless systems. It outlines several types of attacks on wireless networks including interruption of service, modification of data, fabrication of fake objects, jamming, interception/eavesdropping, client-to-client attacks, and attacks against encryption protocols. Weaknesses in the Wired Equivalent Privacy (WEP) protocol and misconfiguration of access points are also described. Protecting the confidentiality and integrity of wireless transmissions is challenging due to the broadcast nature of radio frequencies.
Download as PPTX, PDF, TXT or read online from Scribd
Download as pptx, pdf, or txt
You are on page 1of 60
At a glance
Powered by AI
Some of the key takeaways from the document are that wireless networks are insecure by default and data transmitted over wireless can be easily intercepted. Various protocols like WEP, VPNs, IPSec etc. are used to provide security in wireless networks.
Some of the major security issues in wireless networks are threats to physical security of the network, unauthorized access, and lack of privacy as the data is broadcast over the airwaves and can be intercepted easily.
Common attacks on wireless networks include eavesdropping, man-in-the-middle attacks, denial of service attacks, session hijacking etc. as the data is transmitted wirelessly and not secured by default.
SECURITY ISSUES IN
WIRELESS SYSTEMS MODULE 7 BOOK ■ WIRELESS NETWORKS by P. Nicopolitidis, M. S. Obaidat, G. I. Papadimitriou, A. S. Pomportsis
Prof. Suchita Rane 2
OUTLINE ■The need ■Attacks ■security services ■wired equivalent privacy protocol(WEP) ■Mobile IP ■VPN [ PPTP, L2TP, IPSec] Prof. Suchita Rane 3 The Need for Wireless Network Security ■ A wireless local area network is a flexible data communication system implemented as an extension to or as an alternative to the wired local area network. ■ Wireless LANs transmit and receive the data over the air using the radio frequency technology, thus minimizing wired connections. ■ Thus, wireless LANs combine data connectivity with user mobility. ■ Wireless LANs have gained strong popularity in a number of vertical markets and these industries have profited from the productivity gains of using hand held terminals and notebook computers to transmit real-time information to centralized hosts for processing. Prof. Suchita Rane 4 ■ Today, wireless LANs are becoming more widely recognized as a general-purpose connectivity alternative for a broad range of business customers. ■ But one of the scariest revelations is that wireless LANs are insecure and the data sent over the them can be easily broken and compromised. ■ The security issue in wireless networks is much more critical than in wired networks. Data sent on a wireless system is quite literally broadcast for the entire world to hear. ■ Therefore, unless some serious countermeasures are taken, wireless systems should not be used in situations where critical data is sent over the airwaves. Any computer network, wireless or wireline, is subject to substantial security risks Prof. Suchita Rane 5 ■ The major issues are [1–3]: (a) threats to the physical security of the network; ■ (b) unauthorized access by unwanted parties; and ■ (c) privacy. ■ A certain level of security is a must in almost all local area networks, regardless of whether they are wireless or wireline-based. ■ There is no LAN owner who wants to risk having the LAN data exposed to unauthorized users or malicious attackers. ■ If the data carried in the networks are sensitive, such as that found on the networks of financial institutions and banks, and e- commerce, e-government, and military networks, then extra measures must be taken to ensure confidentiality and privacy. Prof. Suchita Rane 6 Attacks on Wireless Networks ■ The dependence of people on computer networks including wireless networks has increased tremendously in recent years and many corporations and businesses rely heavily on the effective, proper and secure operation of these networks. The total number of computer networks installed in most organizations has increased at a phenomenal rate. ■ Corporations store sensitive and confidential information on marketing, credit records, income tax, trade secrets, national security data, and classified military data, among others. ■ The access of such data by unauthorized users may entail loss of money or release of confidential information to competitors or enemies Prof. Suchita Rane 7 ■ Attacks on computer systems and networks can be divided into passive and active attacks. ■ Active attacks involve altering data or creating fraudulent streams. These types of attacks can be divided into the following subclasses: (a) masquerade; (b) reply; (c) modification of messages; and (d) denial of service. ■ A masquerade occurs when one entity pretends to be a different entity. For example, authentication can be collected and replayed after a valid authentication sequence has taken place. ■ Reply involves the passive capture of a data unit and its subsequent retransmission to construct unwanted access. Prof. Suchita Rane 8 ■ Modification of messages means that some portion of a genuine message is changed or that messages are delayed or recorded to produce an unauthorized result. ■ In general, passive attacks are difficult to detect, however, there are measures that can be used to avoid them. On the other hand, it is difficult to prevent active attacks.
Prof. Suchita Rane 9
■ Passive attacks are inherently eavesdropping or snooping on transmission. ■ The attacker tries to access information that is being transmitted. ■ There are two subclasses: release of message contents, and traffic analysis. ■ In the first type, the attacker reaches the e-mail messages or a file being transferred. ■ In traffic analysis type of attack, the attacker could discover the location and identity of communicating hosts and could observe the frequency and length of encrypted messages being exchanged. Such information could be useful to the attacker as it can reveal useful information in guessing the nature of the information being exchanged Prof. Suchita Rane 10 The main categories of attack on wireless computer networks are : ■ Interruption of service. Here, the resources of the system are destroyed or become unavailable. ■ † Modification. This is an attack on the integrity of the system. In this case, the attacker not 328 Wireless Networks only gains access to the network, but tampers with data such as changing the values in a database, altering a program so that it does different tasks.
Prof. Suchita Rane 11
■ † Fabrication. This is an attack on the authenticity of the network. Here the attacker inserts counterfeit objects such as inserting a record in a file. ■ Jamming. Interruption of service attacks is also easily applied to wireless networks. ■ In such a case, the legitimate traffic cannot reach clients or access points due to the fact that illegitimate traffic overwhelms the frequencies. ■ An attacker can use special equipment to flood the 2.4 GHz frequency band. Such a denial of service can originate from outside the service area of the access point, or from other wireless devices installed in other work areas that degrade the overall strength of the signal Prof. Suchita Rane 12 ■ Interception. This is an attack on the confidentiality of the network such as wiretapping or eavesdropping to capture data in a network. ■ Eavesdropping is easy in a wireless network environment since when one sends a message over a radio path, everyone equipped with the proper transceiver equipment in the range of transmission can eavesdrop the data. ■ These kinds of devices are usually inexpensive. The sender or intended receiver may not be able to find out whether their messages have been eavesdropped or not. ■ Moreover, if there is no special electromagnetic shielding, the traffic of a wireless network can be eavesdropped from outside the building where the network is operating. In most wireless networks, there is a kind of link level ciphering done by the MAC entities.
Prof. Suchita Rane 13
■ Client-to-client attacks. Wireless network users need to defend clients not just against an external threat, but also against each other. Wireless clients that run TCP/IP protocols such as file sharing are vulnerable to the same misconfigurations as wired networks. ■ Also, duplication of IP or MAC addresses whether its intentional or accidental, may cause disruption of service. ■ † Attacks against encryption. The IEEE 802.11b standard uses an encryption scheme called Wired Equivalent Privacy (WEP) which has proven to have some weaknesses. Sophisticated attacker can break the WEP scheme. Prof. Suchita Rane 14 ■ Misconfiguration. In order to have ease and rapid deployment, the majority of access points have an unsecured configuration. This means that unless the network administrator configures each access point properly, these access points remain at high risk of being accessed by unauthorized parties or hackers.
Prof. Suchita Rane 15
■ Brute force attacks against passwords of access points. The majority of access points use a single password or key, which is shared by all connecting wireless clients. ■ Attackers can attempt to compromise this password or key by trying all possibilities. Once the attacker guesses the key or the password, he/she can gain access to the access point and compromise the security of the system. ■ Moreover, not changing the passwords or keys on a regular basis may put the network system at great risk especially if employees leave the company. On the other hand, managing a large number of access points and clients complicates the security system. Prof. Suchita Rane 16 ■ † Insertion attacks. This type of attack is based on deploying a new wireless network without following security procedure. Also, it may be due to installation of an unauthorized device without proper security review. ■ For example, a company may not know that some of its employees have deployed wireless facilities on its network. Using such a rogue access point, the database of the company will be compromised. Clearly, there is a need to implement a policy to secure the configuration of all access points, in addition to a routine process by which the network is scanned for unauthorized devices in its wireless portion. Prof. Suchita Rane 17 ■ Another example is that an attacker may connect a laptop or a PDA to an access point without the authorization of the owner of the wireless network. If the attacker was able to gain access by getting a password or if there is no password or key requirement, then the attacker/intruder will be able to connect to the internal network. Prof. Suchita Rane 18 Network security system should maintain the following characteristics ■ Integrity. This requirement means that operations such as substitution, insertion or deletion of data can only be performed by authorized users using authorized methods. ■ Three aspects of integrity are commonly recognized: authorized actions, protection of resources, and error detection and correction. ■ † Confidentiality. This means that the network system can only be accessed by authorized users. ■ The type of access can be read-only access. Another is privileged access where viewing, printing, or even knowing the existence of an object is permitted. Prof. Suchita Rane 19 Network security system should maintain the following characteristics ■ † Denial of service. This term is also known by its opposite, availability. An authorized individual should not be prevented or denied access to objects to which he has legitimate access. ■ This access applies to both service and data. Denning states that the effectiveness of access control is based on two ideas: (a) user identification and (b) protecting the access right of users. Prof. Suchita Rane 20 Computer networks have security problems due to: ■ † Sharing. Since network resources are shared, more users have the potential to access networked systems rather than just a single computer node. ■ † Complexity. Due to the complexity of computer networks of all types, reliable and secure operation is a challenge. Moreover, computer networks may have dissimilar nodes with different operating systems, which makes security more challenging. ■ † Anonymity. A hacker or intruder can attack a network system from hundreds of miles away and thus never have to touch the network or even come into contact with any of its users or administrators. Prof. Suchita Rane 21 Computer networks have security problems due to: ■ † Multiple point of attack. When a file exists physically on a remote host, it may pass many nodes in the network before reaching the user. ■ † Unknown path. In computer networks, routes taken to route a packet are seldom known ahead of time by the network user. Also these users have no control of the routes taken by their own packets. Routes taken depend on many factors such as traffic patterns, load condition, and cost.
Prof. Suchita Rane 22
Security Services ■ Confidentiality. This service means the protection of data being carried by the network from passive attacks. ■ The broadcast service should protect data sent by users. ■ Other forms of this service include the protection of a single message or a specific field of a message. ■ Another aspect of confidentiality is the protection of traffic from a hacker who attempts to analyze it. ■ In other words, there must be some measures that deny the hackers from observing the frequency and length of use, as well as other traffic characteristics in the network. Prof. Suchita Rane 23 ■ Nonrepudiation. This service prevents the sending or receiving party from denying the sent or received message. ■ This means that when a message is received, the sender can confirm that the message was in fact received by the assumed receiver. ■ † Authentication. The authentication service is to ensure that the message is from an authentic source. ■ In other words, it ensures that each communicating party is the entity that it claims to be. ■ Also, this service must ensure that the connection is not interfered with in a way that a third party impersonates one of the authorized parties. Prof. Suchita Rane 24 Security Services ■ Access control. This service must be accurate and intelligent enough so that only authorized parties can use the system. ■ Also, this accuracy should not deny authorized parties from using the network system. ■ Availability. Some attacks may result in loss or reduction of availability of the system. ■ Automated schemes can resolve some of these problems while others require some type of physical procedures. Prof. Suchita Rane 25 ■ Integrity. In this context, we differentiate between connection-oriented and connection based integrity services. ■ The connection-oriented integrity service deals with a stream of messages, and ensures that the messages are sent properly without duplication, modification, reordering or reply. ■ Moreover, the denial of service aspect is covered under the connection- oriented service. The connectionless integrity service deals only with the protection against message modification. ■ A hybrid type of integrity service was proposed to deal with the applications that require protection against replay and reordering, but do need strict. ■ A good security system should be able to detect any integrity problem and if a violation of integrity is reported, then the service should report this problem. ■ A software mechanism or human intervention should resolve this problem. ■ The software approach is supposed to resolve the problem automatically without human intervention. Prof. Suchita Rane 26 Wired Equivalent Privacy (WEP) Protocol ■ wired equivalent privacy (WEP), implies that the goal of WEP is to provide the level of privacy that is equivalent to that of a wired LAN. ■ This was designed to provide confidentiality for network traffic using wireless protocols. ■ WEP was intended to provide a similar level of privacy over wireless networks that one may get from a wired network. The WEP algorithm is used to protect wireless networks from eavesdropping.
Prof. Suchita Rane 27
Wired Equivalent Privacy (WEP) Protocol ■ It is also meant to prevent unauthorized access to wireless networks. The scheme relies on a secret key that is shared between a wireless node and an access point. ■ The secret key is used to encrypt data packets before sending them. ■ The IEEE 802.11 standard does not specify how the standard key is established and most implementations use a single key that is shared between all mobiles and access points. Prof. Suchita Rane 28 ■ WEP relies on a default set of keys, which are shared between wireless LAN adapters and access points. ■ The IEEE 802.11 committee has established standards for wireless LANs and several companies have designed wireless LAN products that are compatible with these universal standards. ■ Wireless networks users are primarily concerned that an intruder should not be able to: (a) access the network by using similar wireless LAN equipment; and (b) capture wireless LAN traffic by eavesdropping or other methods for further analysis.
Prof. Suchita Rane 29
Prof. Suchita Rane 30 ■ In IEEE 802.11 networks, access to network resources is denied for any user who does not prove knowledge of the current key. ■ Eavesdropping is prevented by using the WEP scheme whereby a pseudorandom number generator is initialized by a shared secret key. ■ Based on the Rivest–Shamir–Adelman (RSA) RC4 algorithm, this simple WEP algorithm has the following properties: ■ (a) reasonably strong – a brute force attack on this algorithm is difficultbecause every frame is sent with an initialization vector, which restarts the PseudoRandom Number Generator (PRNG) for each frame ■ (b) self-synchronizing – since just like in any LAN, the wireless LAN stations work in a connectionless environment where packets may get lost, the WEP algorithm resynchronizes at each message. Prof. Suchita Rane 31 ■ The WEP algorithm uses the RC4 encryption scheme which is often called the stream cipher. ■ RC4 is a stream cipher similar to the encryption scheme used in the Secure Socket Layer (SSL) to secure access to web sites. ■ It works fine when used with SSL. This is because each transaction is assigned a unique 128-bit key. ■ The WEP algorithm is part of the IEEE 802.11 standard and it defines how encryption must support the authentication, integrity, and confidentiality of packets sent using wireless systems. ■ The standard committee selected RC4, a proven encryption scheme, to be used for wireless security and all wireless system manufacturers support IEEE 802.11. Designing systems that use cryptographic tools is a challenging task. Prof. Suchita Rane 32 ■ The open system authentication is the default authentication for the 802.11 standard. ■ This scheme authenticates everyone that requests authentication. ■ It relies on the default set of keys that are shared between the wireless devices and the wireless access points. ■ Only a client with the correct key can communicate with any access point on the network. ■ If a client without the correct key requests connection, then the request is rejected. ■ The data is encrypted before transmitting, and an integrity check is performed to make sure that the packets are not modified in transit. ■ Only a client with the correct key can decrypt the transmitted data preventing unauthenticated users from accessing the information.
Prof. Suchita Rane 33
■ The access control list can provide a minimal level of security. In order that vendors can provide security, they often use this mechanism by using the access control list, which is based on the Ethernet MAC addresses of the clients. ■ This list consists of the MAC addresses of all of its clients and only the clients whose MAC addresses are listed can access the network. ■ If the address is not listed, access is not granted. ■ The IEEE 802.11 standard specifies two methods for using the WEP. ■ The first method provides a window of four keys. A station or an access point can decrypt packets enciphered with any of the four keys. The transmission is limited to any one of the four manually entered keys, which is known as the default key. ■ The second method is called the key-mapping table where each unique MAC address can have separate keys. The use of a separate key for each client mitigates the cryptographic attacks found by others.The disadvantage is that all of these keys should be configured manually on each device or access point. Prof. Suchita Rane 34 Prof. Suchita Rane 35 ■ In the shared key authentication method, the station wishing to authenticate (initiator) sends an authentication request management frame indicating that it wishes to use the shared key authentication. ■ The responder responds by sending the challenge text, which is the authentication management frame to the initiator. ■ The PRNG with the shared secret and the random initialization vector generates this challenge text. ■ After the initiator receives the challenge management frame from the responder, it copies the contents of the challenge text into the new management frame body. Prof. Suchita Rane 36 ■ The new management frame body is then encrypted using the shared secret along with the new Initiating Vector (IV) selected by the initiator. This frame is then sent to the responder. ■ The latter decrypts the received frame and verifies that the Cyclic Redundancy Code (CRC) Integrity Check Value (ICV) is valid, and that the challenge text matches the one that is sent in the first message. ■ If they do, then the authentication is successful and the initiator and the responder switch roles and repeat the process to ensure mutual authentication.
Prof. Suchita Rane 37
■ The value is set to zero if successful and is set to an error value if unsuccessful. ■ The element identifier identifies if the challenge text is included. ■ The length field identifies the length of the challenge text, which includes a random challenge string. Prof. Suchita Rane 38 Mobile IP ■ Mobile IP was developed in response to the increasing use of mobile computers in order to enable computers to maintain Internet connection during their movement from one Internet access point to another. ■ It is important to note that the term mobile implies that the user is connected to one or more application across the Internet and the access point changes dynamically. ■ Clearly, this is different from when a traveller uses his ISP account to access the Internet from different locations during his trip. Prof. Suchita Rane 39 Mobile IP ■ Mobile IP is the modification to the standard IP so that it allows the client to send and receive datagrams no matter where it is attached to the network. ■ The only security problem using this mechanism is redirection attacks. ■ A redirection attack occurs when a malicious client gives false information to the home agent in the mobile IP network. ■ The home agent is informed that the client has a new care of address. ■ So all IP datagrams addressed to the actual client are redirected to the malicious client. Prof. Suchita Rane 40 ■ Mobile IP is designed to resist two kinds of attacks: ■ (a) a malicious agent that may reply to old registration messages and cut the node from its network. ■ (b) a node that may pretend to be a foreign agent and send a registration request to a home agent in order to divert traffic that is intended for a mobile node to itself. ■ Message authentication and proper use of the identification field of the registration request and reply messages are often used to protect mobile IPs from these kinds of attack. ■ In order to protect against such attacks, the use of message authentication and proper use of the identification field of the registration request and reply messages is supposed to be effective. Prof. Suchita Rane 41 Each registration request and reply contains an authentication extension that has the following fields: ■ Type. This is an 8 bit field that designates the type of authentication extension. ■ Length. This is an 8 bit field that identifies the number of bytes in the authenticator. ■ Security Parameter Index. This field has 4 bytes and is used to identify the security context between a pair of nodes. The configuration of the security context is made so that the two nodes share the same secret key and parameters relevant to the authentication scheme. Prof. Suchita Rane 42 ■ Authenticator. This field has a code that is inserted by the sender into the message using a shared secret key. ■ The receiver uses the same code to make sure that the message has not been modified. The default authentication scheme is the keyed-MD5 (Message Digest 5) which produces a 128-bit message digest. MD5 was developed in 1994 as a one-way hash algorithm which takes any length of data and produces a 128-bit ‘fingerprint’ or ‘message digest.’ ■ It is computationally not feasible to determine the original message based on the fingerprint
Prof. Suchita Rane 43
Virtual Private Network (VPN) ■ A Virtual Private Network (VPN) connects the components and resources of one network over another network. ■ VPNs accomplish this by allowing the user to tunnel through the wireless network or other public network in such a way that the tunnel participants enjoy at least the same level of confidentiality and features as when they are attached to a private wired network. ■ A VPN is a group of two or more computer systems connected to a private network, which is built and maintained by the organization for its own use with limited public network access. Prof. Suchita Rane 44 Virtual Private Network (VPN) ■ A VPN solution for wireless access is currently the most suitable alternative to WEP. It is already widely deployed to provide remote workers with secure access to the networks via the Internet. ■ In the remote user application, a VPN provides a secure, dedicated path called a tunnel over an untrusted network. ■ A comprehensive VPN requires three main technology components: security, traffic control, and enterprise management. Prof. Suchita Rane 45 VPNs provide the following main advantages: ■ Security. By using advanced encryption and authentication schemes, VPNs can secure data from being accessed by hackers and unauthorized users. ■ † Scalability. They enable organizations to use the Internet infrastructure within ISPs and devices in an easy and cost- effective manner. This will enable organizations to add large amounts of capacity without the need to add new significant infrastructure. ■ They are currently deployed on many enterprise networks ■ † They have low administration requirements. Prof. Suchita Rane 46 VPNs provide the following main advantages: ■ † They have low administration requirements. ■ † The traffic to the internal network is isolated until VPN authentication is performed. ■ † WEP key and MAC address list management become optional since the security measures are created by the VPN channel itself.
Prof. Suchita Rane 47
Advantages ■ Compatibility with broadband technology. VPN technology allows mobile users and telecommuters to benefit from the high-speed access techniques such as DSL and cable modem, to get access to their organization networks. ■ This provides users with significant flexibility and efficiency. Moreover, such high-speed broadband connections provide a cost-effective solution for connecting remote offices. Prof. Suchita Rane 48 Drawbacks of the current VPNs as applied to WLANs are ■ Lack of support for multicasting and roaming between the wireless networks. ■ They are not completely transparent since users receive a login dialog when roaming between VPN servers on the network or when a client system resumes from standby mode.
Prof. Suchita Rane 49
Point-to-Point Tunneling Protocol (PPTP) ■ This protocol is built on the Internet communications protocol called Point to Point Protocol (PPP) and the TCP/IP protocol. ■ PPP offers authentication as well as methods of privacy and compression of data. PPTP allows the PPP session to be tunneled through an existing IP connection. ■ The existing connection can be treated as if it were a telephone line. ■ Therefore, a private network can run over a public network. ■ Tunneling is achieved because PPTP provides encapsulation by wrapping packets of information within IP packets for transmission through the Internet. ■ Upon reception, the external IP packets are stripped away, exposing the original packets for delivery. Prof. Suchita Rane 50 ■ Encapsulation allows the transport of packets that will not otherwise conform to Internet address standards. ■ For data transmission using PPTP, tunneling makes use of two basic packet types: ■ (a) data packets and (b) control packets. ■ Control packets are used strictly for status inquiry and signaling information and are transmitted and received over a TCP connection. ■ The data portion is sent using PPP encapsulated in Generic Routing Encapsulation (GRE) protocol. ■ GRE protocol provides a way to encapsulate arbitrary data packets within an arbitrary transport protocol. ■ Although PPTP did not have any provision for authentication or encryption when it was first developed, it has been enhanced recently to support encryption and authentication methods.
Prof. Suchita Rane 51
Layer-2 Transport Protocol (L2TP) ■ L2TP is basically a tunneling protocol and does not include any encryption or authentication mechanism. ■ The main difference between PPTP and L2TP is that L2TP combines the data and control channels and runs over the User Datagram Protocol (UDP). ■ The latter is faster for sending packets that are commonly used in real-time Internet communication because it does not retransmit lost packets. ■ On the other hand, PPTP separates the control stream, which runs over TCP, and the data stream, which runs over GRE. ■ Combining these two channels and using high performance UDP makes L2TP more firewall friendly than the PPTP. ■ This is the main advantage as most firewalls do not support GRE.
Prof. Suchita Rane 52
Prof. Suchita Rane 53 ■ In PPP, a connection is tunneled using IP. An L2TP access concentrator is the client end of the connection while an L2TP network server is the server side. ■ The PPP packets are encapsulated in an L2TP header that is encapsulated in IP. These IP packets can traverse the network just like ordinary IP datagrams. ■ Data transmission in an L2TP can be implemented as a UDP-based IP protocol. ■ The packet is first generated at the client computer. ■ This IP packet is sourced from the client computer and destined for the remote network.
Prof. Suchita Rane 54
■ This IP packet is sourced from the client computer and destined for the remote network. ■ The packet is encapsulated in PPP. This packet is then encapsulated in L2TP. ■ UDP header is added to this L2TP packet and is encapsulated in an IP datagram. ■ This IP packet is destined for the Internet Service Provider (ISP) network. ■ The IP packets will again be encapsulated at PPP and terminate at the ISP’s network authentication server. ■ This final heavily encapsulated packet will be sent over the circuit switched layer 2 network. Prof. Suchita Rane 55 Internet Protocol Security (IPSec) ■ IPSec is an open standard that is based on network layer 3 security protocol. ■ The latter protects IP datagrams by defining a method of specifying how the traffic is protected and to whom it is sent. ■ In order to protect IP datagrams, the IPSec protocol uses either the Encapsulation Security Payload (ESP) or Authentication Header (AH) protocols
Prof. Suchita Rane 56
Internet Protocol Security (IPSec) ■ The data origin authentication ensures that the received data is the same as that sent and the recipient knows who sent the data. ■ Data integrity ensures data transmission without alteration while relay protection offers partial sequence integrity. ■ Data confidentiality ensures that no one can read the transmitted data which can be possible by using encryption algorithms. Prof. Suchita Rane 57 ■ Integrating L2TP with IPSec offers the ability to use L2TP as a tunneling protocol; however, securing the data is achieved using an IPSec scheme. ■ Using L2TP as the tunnelling protocol gives the added advantage of increased manageability for end-to-end communications. ■ Moreover, L2TP is a widely available standard; therefore the interoperability between vendors is far better than just IPSec alone. Prof. Suchita Rane 58 ■ The same VPN technology can be used to secure wireless systems. ■ The Access Points (APs) are configured for open access with no WEP encryption, but wireless access is isolated from the enterprise network by a VPN server and a VLAN between the APs and VPN servers. ■ Authentication and full encryption over the wireless network is provided using the VPN servers which also act as gateways to the private network. ■ A VPN-based solution has the advantage of being scalable for a very large number of users.