Unauthorized Wireless Network Connections
-
Upload
john-rhoton -
Category
Technology
-
view
1.895 -
download
2
description
Transcript of Unauthorized Wireless Network Connections
![Page 1: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/1.jpg)
1
Unauthorized Wireless Connectivity
John Rhoton
Mobile Technology Lead
HP Services
![Page 2: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/2.jpg)
2
Risk Benefit Analysis• Weak Protocols• Poor Configuration• Careful Monitoring
• Uncertified Devices• Insecure Infrastructure• No User Guidance• No Administrative
Control
![Page 3: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/3.jpg)
3
Agenda
• Unmanaged Bluetooth• Rogue WLANs• WWAN backdoors• Underground IPv6
• Best Practices
![Page 4: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/4.jpg)
4
Bluetooth Threats• Poorly configured devices
– Compromise device• Sensitive data• Credentials
– Compromise network• Unauthorized access• Denial of Service
• Default configurations insufficient
![Page 5: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/5.jpg)
5
• PIN Attack– Often hard-coded– Usually short (4-digit)– Passive key interception
• Bluejacking– Virus Propagation
• Bluesnarfing– Bluesniping
Bluetooth vulnerability
![Page 6: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/6.jpg)
6
Bluetooth Configuration
![Page 7: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/7.jpg)
7
Rogue Access Points
• Highest risk when WLANs are NOT implemented– Completely unsecured by
default– Usually Connected by
naïve users– Can be strategically placed
by intruders
![Page 8: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/8.jpg)
8
Decoy Access Points• Troubleshooting nightmare• Denial of Service• Credential interception• SSL redirection
![Page 9: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/9.jpg)
9
Unauthorized Wireless Bridge
Private LAN
Public Network
![Page 10: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/10.jpg)
10
Trojans, Crawlers and Bots
![Page 11: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/11.jpg)
11
Port Forwarding
![Page 12: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/12.jpg)
12
Reverse Network Address Translation
![Page 13: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/13.jpg)
13
Bridge device
• No need for integrated WWAN• PCMCIA card sufficient• Modem
– Bluetooth phone– USB / RS-232 phone
• Virtually impossible to prevent unless desktops/laptops are locked down!
![Page 14: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/14.jpg)
14
Rogue IPv6Devices / Networks
• Unauthorized IPv6 devices– Windows XP: ipv6
install• Unauthorized
Networks– Internal tunnels
• Compromised Perimeter– External tunnels
• Monitoring• Traffic Inspection
What you don’t know will hurt you
Public Internet
PrivateNetwork
Victim
HijackedComputer
Intruder
![Page 15: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/15.jpg)
15
IPv6 Transition Exposure• IPv6 is available• IPv6 is in use• IPv6 is on many private networks• IPv6 magnifies the wireless vulnerabilities
• Corporate Security– does not monitor IPv6
• Corporate IT– is not familiar with IPv6
• This is irresponsible!
![Page 16: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/16.jpg)
16
Threat Identification and Intrusion Prevention
• Intrusion Detection Products – Manual– Sensors– Infrastructure
• Network Monitoring• Revised Security Model
![Page 17: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/17.jpg)
17
• Binary Access Insufficient
• Health checks become mandatory (NAP/NAC)• Complete Access Layer secured (e.g. 802.1x)
Refined Network Access
InternetIntranetAccess
![Page 18: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/18.jpg)
18
Role-based Access Control
• Bluesocket• Perfigo (Cisco)• Cranite
• Aruba• HP ProCurve
(Vernier)
Role
Schedule
Location
UserAccessControl
IP Address PortTime
VLAN
![Page 19: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/19.jpg)
19
Network Compartmentalization
Virus Throttling
Adaptive Network Architecture
![Page 20: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/20.jpg)
20
User Education
• Danger awareness• Caution on interfaces• Configuration guidance • Corporate policy
![Page 21: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/21.jpg)
21
Mobile Device Security Management
• Platform selection– Software/Firmware Upgrades– Patch Management
• Configuration Management• Policy enforcement
– Passwords– Device lock– Policy updates
• User support– Device lockout– Backup/restore
Security
Usability
![Page 22: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/22.jpg)
22
Summary• Security concerns are the greatest inhibitor to
mobility• Wireless networks and devices introduce new
risks• Ignoring these technologies does not make
the risks disappear!• The key to mobile security is a thorough
reevaluation of existing security
![Page 23: Unauthorized Wireless Network Connections](https://reader033.fdocuments.in/reader033/viewer/2022061120/546c24a3b4af9f7f2c8b4f76/html5/thumbnails/23.jpg)
23
Questions?
Contact me at: http://www.linkedin.com/in/rhoton