Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,870 --> 00:00:01,470
OK.
2
00:00:01,560 --> 00:00:06,860
Now let's talk about how to secure your systems from the attacks that we've seen so far.
3
00:00:07,290 --> 00:00:13,590
So the first thing that we seen was the authentication attack and we see how that can be used to disconnect
4
00:00:13,710 --> 00:00:20,700
any device from any network without having to know the network key even if the network uses encryption.
5
00:00:20,740 --> 00:00:26,100
Now unfortunately there is no proper way of protecting against this attack.
6
00:00:26,130 --> 00:00:32,240
So there is no way for you to prevent people from sending the authentication packets.
7
00:00:32,430 --> 00:00:41,330
The only proper way to protect your systems from this attack is to move to the age old to dot 11 w standard.
8
00:00:41,500 --> 00:00:48,160
Now the standard uses protected management frames which is a method designed by Cisco to detect and
9
00:00:48,160 --> 00:00:51,920
protect against the authentication attacks.
10
00:00:51,970 --> 00:00:57,880
The only thing that you need to keep in mind is both the access point and the clients connecting to
11
00:00:57,880 --> 00:01:01,900
this access point need to support the standard.
12
00:01:01,900 --> 00:01:06,760
Now I'm going to include links in the resources of this lecture for more information about protective
13
00:01:06,760 --> 00:01:10,710
management frames and the age old to dot 11 w standard.
14
00:01:11,020 --> 00:01:13,730
So feel free to go and read more about it.
15
00:01:16,160 --> 00:01:21,230
The next thing that we've seen is how to discover the names of the networks.
16
00:01:21,320 --> 00:01:25,450
Now we see how easy it is to discover the names of hidden networks.
17
00:01:25,640 --> 00:01:31,140
So you simply shouldn't use that or think of that as a way of protecting a network.
18
00:01:31,280 --> 00:01:36,610
You can hide and the network name if you want but don't think that'll protect you from hackers.
19
00:01:37,840 --> 00:01:43,330
The next thing that we've seen was bypassing back filtering whether it's implemented using a blacklist
20
00:01:43,420 --> 00:01:45,030
or whitelist.
21
00:01:45,100 --> 00:01:47,210
Now we see how easy that is.
22
00:01:47,320 --> 00:01:53,230
And from that you should already know that you shouldn't use MAC filtering for access control.
23
00:01:53,380 --> 00:02:00,070
If you want to be able to control the actions of individual clients on your network then don't rely
24
00:02:00,070 --> 00:02:08,350
on the MAC address instead use WPA enterprise with a radius server so that you authenticate each user
25
00:02:08,350 --> 00:02:13,900
individually so each user will have their own user name and their own password and password will be
26
00:02:13,900 --> 00:02:16,680
sent using WPA or WPA.
27
00:02:16,690 --> 00:02:19,720
So everything is going to be encrypted and secure.
28
00:02:19,900 --> 00:02:25,880
And at the same time you'll be able to control the access for each individual user.
29
00:02:25,900 --> 00:02:30,730
So if there a certain user that you want to deny them from connecting you just to leave their password
30
00:02:30,730 --> 00:02:32,060
from the radius server.
31
00:02:32,230 --> 00:02:39,030
So you never rely on the MAC address now I'm going to talk about the enterprise later on in the course.
32
00:02:39,160 --> 00:02:45,280
So just wait for that lecture and you'll learn more about how they work and what they can be used for.
33
00:02:45,940 --> 00:02:49,110
But for now switch to 8 or to that 11.
34
00:02:49,120 --> 00:02:53,280
W if you can support it to prevent the authentication attacks.
35
00:02:53,350 --> 00:02:59,290
Never use it the networks or at least don't think that using a hidden network will secure you or secure
36
00:02:59,290 --> 00:03:00,370
your network.
37
00:03:00,370 --> 00:03:06,340
Third don't use blacklists or whitelist as a method of access control.
38
00:03:06,340 --> 00:03:11,950
Do not rely on the mac address if you want to control the access of clients connect into your network.
39
00:03:11,950 --> 00:03:14,190
Then use WPA enterprise.
40
00:03:14,290 --> 00:03:17,650
And we'll talk about developing enterprise later on in the course.
4424
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.