Presentation is loading. Please wait.

Presentation is loading. Please wait.

This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed."— Presentation transcript:

1 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. NETW 05A: APPLIED WIRELESS SECURITY Unauthorized Access By Mohammad Shanehsaz February 22, 2005

2 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Objectives Explain how intruders obtain network access using wireless LAN protocol analyzers, site surveying tools, and active intrusion techniques. Explain common points of attacks. Describe common non-secure configuration issues that can be the focus of an attack.

3 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Objectives Describe weaknesses in existing security solutions. Explain security vulnerabilities associated with public access wireless networks. Explain how malicious code or file insertion occurs in wireless LAN through the use of Viral attacks and Placement of illegal content. Explain peer-to-peer hacking and how it can be prevented.

4 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Tools For Gaining Access Cisco 350 & Orinoco Gold Cards High gain omni & directional antennas Lophtcrack Manufacturer’s client utilities Lucent Registry Crack ( LRC ) List of manufacturer’s default settings

5 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Rogue Devices A rogue device is any device that is not authorized to be on the network. It is considered a security breach of the highest level. The best way to go about discovering these devices is to learn how a professional intruder would go about placing them.

6 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Items that an intruder consider when placing rogue devices such as Access Points Location WEP settings Placement Costs Visibility SSID settings Frequency Spectrum choice Antenna

7 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Location, placement, visibility Rogue devices will be placed as if the device were designed to be there in the first place, without any disruption in service to the existing network. These devices will be placed near the edge of the building-the closer to a window the better, for better coverage from outside the building. It is well hidden, placing it in the CEO or other executive's office behind his or her desk is ideal, but it require a lot of work.

8 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Costs, WEP, SSID settings Small and cheap access points are usually used, there is a good chance to lose it. Using WEP key making it easier for a rogue device without WEP, to be discover by administrator who is scanning the area. The SSID must be match with the existing wireless LAN implementation, having closed system feature, making it harder to detect the device.

9 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Frequency, Antennas, and Spectrum choice Intruders may use 900 MHz units instead 2.4 GHz or 5 GHz, Wi-Fi compliant unit, because no discovery tools can find it. Horizontally polarized antennas are often used to produce a very small RF signature on any scanning devices. Intruders may use FHSS technology, Bluetooth, OpenAir, or HomeRF instead of DSSS, so to avoid being discovered by discovery tools.

10 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. List of items that an intruder consider when placing rogue devices such as Wireless Bridges Placement Priority MAC Spoofing Antenna Use Costs

11 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Placement, and priority A rogue bridge is placed within the Fresnel Zone of an existing bridge link, which may span several miles, making it tougher to detect. It must be set to a very low priority so it does not become root bridge, and thus give itself away as a rogue device.

12 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. MAC spoofing, Antenna use and Costs If MAC spoofing features are available in the bridge, then the MAC address of an authorized non-root bridge can be spoofed. It will use high-gain directional antennas to ensure a consistently high quality connection. The cost of bridge is higher than access point, even though the chances of being discovered are much lower

13 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. DATA Theft & Malicious Insertion High-speed wireless connectivity allows nearby intruders to pull large amount of data from a network as well as pushing equal amount of data to the network. It can be Illegal, Unethical, or Inappropriate Content that attacker deposits on the corporate server or individual computer which will result in employment termination of the individual or legal battles between companies.

14 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. DATA Theft & Malicious Insertion There are many types of malware ( viruses and spyware ) that an intruder can place on a computer in order to obtain information or damage the network. These worms, Trojans, and other types of viruses can be caught and disinfected before they do damage by properly installed, configured, and updated virus scanning software.

15 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Peer-to-Peer Attacks Peer-to-peer attacks are attacks instigated by one host aimed at another particular host, both of which are clients of the same network system. Targets that hackers commonly seek are sensitive data files, password files, registry information such as WEP keys, or file share properties, and network access info.

16 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Types of peer-to-peer attacks Spread spectrum RF, by using a compatible RF technology in ad hoc or infrastructure mode. Infrared, using the port on the back of PC. Hijacking, using a rogue access point and a rogue DHCP server, to capture layer 2, and layer 3 connections, then using RF jamming device force the user to roam to the rogue access point

17 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Unauthorized Control Network Management Tools Network management tools are powerful utilities for managing large enterprise LANs and WANs from a central point of control. Attacker can take over entire network from a mobile workstation using software packages such as Hyena, Solarwinds

18 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Unauthorized Control Configuration Changes Attacker can reconfigure one access point and having that access point push its configuration to all other access points due to unsecured settings in wireless LAN, or if it start a firmware push followed by terminating the power to all access points because of PoE, it could disable all APs

19 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Unauthorized Control Third Party Attacks Denial of service and SPAM attacks originating from an unsuspecting network with unsecured wireless LAN, the corporation can then be blacklisted and eventually disconnected from their ISP. - Legal Liabilities - ISP termination of service

20 This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect those of the National Science Foundation. Discussion Questions How has this lesson changed your outlook on rogue access points? Is manual searching for rogues, even on a regular basis, is enough to keep them off your network? What are some ramifications of illegal or unethical content being placed on the network over wireless LAN? Could a hacker target a person for termination?

Download ppt "This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.

Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.
Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.

Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.
Wireless LAN Security Understanding and Preventing Network Attacks.

Wireless LAN Security Understanding and Preventing Network Attacks.
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”

WiFi VS Cellular “Bringing Secure Payment to the Point Of Service”
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Wireless Technologies Networking for Home and Small Businesses – Chapter.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World

Similar presentations

Ads by Google