Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certain security vulnerabilities exist in every mode of wireless communications.

Published byCandace Joseph Modified over 8 years ago

Similar presentations

Presentation on theme: "Certain security vulnerabilities exist in every mode of wireless communications."— Presentation transcript:

1 Certain security vulnerabilities exist in every mode of wireless communications.

2 Wired and wireless IP communications concerns Traffic Sniffing Traffic Sniffing Wrong location delivery Wrong location delivery Logging Logging Corporate espionage and spying Corporate espionage and spying Identity Theft Identity Theft Man in the middle captures Man in the middle captures

3 IP traffic sniffing may be different depending on the mode of communications used. Wireless Wireless – WiFi – EV-DO – CDMA – TDMA – GPRS – GSM – iDEN (Nextel) – CDPD Wired Wired – Dedicated LAN – DIA Leased Lined – Frame Relay – PRN – ISDN – DSL – Cable

4 Sniffing WiFi Plain Text Plain Text –Everything is readable WEP WEP –Encryption is easily broken WPA WPA –More difficult to break –More difficult to manage WPA2 WPA2 –Harder to break –Difficult to manage –Unmanageable for road warriors

5 Sniffing EV-DO Encrypted with 128 bit known method Encrypted with 128 bit known method Requires at this time special hardware to monitor and read (i.e. test equipment not readily accessible) Requires at this time special hardware to monitor and read (i.e. test equipment not readily accessible) Black Hat has published a calculator for decryption (takes 100 hours on pentium 200 which breaks down to 1 hour on an HP 2620) Black Hat has published a calculator for decryption (takes 100 hours on pentium 200 which breaks down to 1 hour on an HP 2620)

6 EV-DO Specific Concerns 1) The data is transmitted in Encrypted using a 64bit key from the card and 64bit key from the base station (see http://www.faqs.org/ftp/internet-drafts/draft-lizhiming- pppext-eap-cave-00.txt). I am looking for a more up to date version of this document. Note: not able to find on US search engines. 2)There is a (black hat) paper out there that includes a link to a calculator program to decrypt the communication. 3) Working on receiver modifications so I can capture the packets from the air and put them back together. Steps 1 and 2 are done waiting on hardware for step 3

7 Sniffing a Dedicated Connection Only sniffable with a tap into the circuit or access point in the network Only sniffable with a tap into the circuit or access point in the network Still vulnerable through wireless devices connected to the wired network Still vulnerable through wireless devices connected to the wired network

8 Sniffing DSL Less difficult to sniff than dedicated wired connections Less difficult to sniff than dedicated wired connections DSL can be connected into at different connection points along the way DSL can be connected into at different connection points along the way Still vulnerable through wireless devices connected to the wired network Still vulnerable through wireless devices connected to the wired network

9 What do you need to sniff cable? Requires a modified cable modem Requires a modified cable modem Access to all traffic along the cable Access to all traffic along the cable More open than WiFi, since few people know about the modified cable modems More open than WiFi, since few people know about the modified cable modems

10 Breaking SSL Subject to man in the middle attack (see Blue Coat – commercial product) Subject to man in the middle attack (see Blue Coat – commercial product) Can be broken if the handshake is captured but reqiures significant cpu resources (5 to10 hours of crunch time on dual Itanium server) Can be broken if the handshake is captured but reqiures significant cpu resources (5 to10 hours of crunch time on dual Itanium server)

11 Sniffing Email Email is sent and received via open text Email is sent and received via open text Utilizes no author validation Utilizes no author validation Username and password can be used to access other messages in the email account even though those messages were not captured directly Username and password can be used to access other messages in the email account even though those messages were not captured directly

12 Why Use Protexx? High level of encryption (2048 bits) High level of encryption (2048 bits) Runs inside of all modes of wireless transmission and encryption (WEP, WPA, EVDO…) Runs inside of all modes of wireless transmission and encryption (WEP, WPA, EVDO…) Wrappers around all known TCP/IP based technologies such as VPN(s) and SSL connections Wrappers around all known TCP/IP based technologies such as VPN(s) and SSL connections Provides a certificate for user that can be used to sign and/or encrypt emails in outlook and thunderbird Provides a certificate for user that can be used to sign and/or encrypt emails in outlook and thunderbird Dual level (client/server) authentication Dual level (client/server) authentication

13 Any Questions?

Download ppt "Certain security vulnerabilities exist in every mode of wireless communications."

Similar presentations

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
Security in Wireless Networks Juan Camilo Quintero D. 1041718.

Security in Wireless Networks Juan Camilo Quintero D
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – 3910006 Tel: +972-(0)3-5604744 Fax:

ELKAT Security Engineering Ltd. Poland Activity Plan Avi Arbili Regional Sales Director – Europe Cell:+972-(0) 52 – Tel: +972-(0) Fax:
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
File Transfer Methods : A Security Perspective. What is FTP FTP refers to the File Transfer Protocol, one of the protocols within the TCP/IP protocol.

File Transfer Methods : A Security Perspective. What is FTP FTP refers to the File Transfer Protocol, one of the protocols within the TCP/IP protocol.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
Wireless Networking. Wi-Fi or 802.11 Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Similar presentations

Ads by Google