710 likes | 876 Views
SIM301-R. Monty WiFion and the Quest for the Holy Grail of Network Security! ( Repeated from 5/17 at 10:15am). Andy Malone MVP, MCT Senior Instructor, Consultant Quality Training (UK) Ltd. Microsoft Certified Trainer MCT (16 Years) Worldwide Security & Systems Trainer & Consultant
E N D
SIM301-R Monty WiFion and the Quest for the Holy Grail of Network Security! (Repeated from 5/17 at 10:15am) Andy Malone MVP, MCT Senior Instructor, Consultant Quality Training (UK) Ltd
Microsoft Certified Trainer MCT (16 Years) Worldwide Security & Systems Trainer & Consultant Microsoft Most Valuable Professional MVP (Enterprise Security) International Event Speaker Winner Microsoft Speaker Idol 2006 Andy Malone (UK)
Session Agenda: • Introductions • Wireless intro & history • Current & Emerging Wireless Technologies • Wireless Security: The Great Oxymoron • Standards & techniques • Threats and Countermeasures • Best Practices
A Wi Fi History Lesson • Wi-Fi was invented in 1991 by NCR Corp & AT&T (later know as Lucent & Agere Systems in Nieuwegein, the Netherlands. • Initially for cashier systems. Originally “WaveLAN” with speeds of 1Mbps/2Mbps. • Invented by Vic Hayes who has been named 'father of Wi-Fi' and involved in designing standards such as IEEE 802.11b, 802.11a and 802.11g. • In 2003, Vic retired. Agere Systems suffered as customers opted for cheaper Wi-Fi solutions. • Agere's 802.11abg all-in-one chipset (code named: WARP) never hit the market • Agere Systems quit Wi-Fi market in late 2004. Courtesy Of CRN
Organizations & Standards • FCC – Regulates ISM bands • 900 Mhz, 2.4 Mhz, 5.8 Mhz • IEEE – Develops wireless LAN standards • ETSI – IEEE for Europe • HiperLAN/2 Similar to IEEE 802.11 standards • WECA (WiFi Alliance) – regulate WiFi labeling Wi Fi Alliance
Ok but What are the benefits? • Unlike packet radio Wi-Fi uses unlicensed radio spectrum and does not require regulatory approval for individual deployers. • Cuts cabling costs • Wi-Fi products are widely available • Competition amongst vendors has lowered prices considerably • Network providers provide roaming agreements • Users can move from one access point to another as part of contract • Various degrees of encryption available to protect traffic from interception. • Wi-Fi is a global set of standards. Unlike cellular carriers, the same Wi-Fi client works in different countries around the world.
The Basics • Each wireless network needs a channel number and SSID (Service Set Identifier) • The channel is a number between 1-11 (13 EU) • SSID is a alphanumeric string that differentiates wireless networks on the same channel • SSIDs are transmitted in clear text • Wi-Fi Can be Deployed in Two Modes • Ad-HOC (Peer to Peer) mode • Infrastructure mode • Shares bandwidth among users • Supports roaming
The Basics • Each access point advertise itself by sending beacon frames • To become part of the wireless network, a client must first authenticate itself • Access point is responsible unless RADIUS is used • MAC address will be used as identity
Wireless Networks: The Basics Security Encryption Wrapper
Antennas • Sending and receiving radio waves • Two types • Omni-directional • Directional • Cantenna
802.11 standards • 802.11a – 54 Mbps@5 Ghz • Not interoperable with 802.11b • Limited to Shot Distances • Dual-mode APs require 2 chipsets, this can look like two APs to clients • 802.11b – 11 Mbps@2.4 Ghz • Full speed up to 300 feet • Coverage up to 1750 feet • 802.11g – 54 Mbps@2.4 Ghz • Same range as 802.11b • Backward-compatible with 802.11b • Speeds slower in dual-mode
802.11 standards (cont.) • 802.11e – QoS • Dubbed “Wireless MultiMedia (WMM)” by WiFi Alliance • 802.11i – Security • Adds AES encryption • Requires high cpu, new chips required • TKIP is interim solution • 802.11n – 100Mbps+ • Wi-Fi Protected Access (WPA) • Subset of 802.11i, forward-compatible with 802.11i (WPA2) • Encryption: Version one uses TKIP • Auth: 802.1x & EAP – allows auth via RADIUS, also allows auth via PSK
Other “Non Wi Fi Solutions” • CDPD – 19.2 kbps analog • GPRS – 171.2 kbps digital • WAP – bandwidth-efficient content delivery • Ricochet – 176 kbps wireless broadband flop • Bluetooth – personal area networks, range limited only by transmit power • Blackberry – Use cellular & PCS networks, no authentication at console • RFID • NFC (Near Feild Communications)
Bluetooth • Cable replacement technology • Short range communication (10 m) • Operates at 2.45 Ghz • Used for mobile devices • Used to transfer information • Large Number of Hacking Tools Available
Radio-frequency identification (RFID) • R,waves exchange data between a reader and an electronic tag for the purpose of identification and tracking. • Often seen as Barcode NG • Individual & unique like the license plate but for every item in the world • Some tags can be read from several meters away and beyond the line of sight of the reader. • Application of bulk reading enables an almost-parallel reading of tags. • uses Interrogators (also known as readers), and tags (also known as labels), as well as RFID software or RFID middleware. • Most contain at least 2 parts: 1 is an integrated circuit for storing and processing information, modulating and demodulating a radio-frequency (RF) signal, and other specialized functions; the other is an antenna for receiving and transmitting the signal.
RFID Hacking • RFID Tags can be cloned • A Growing number of hacking tools inc Backtrack 4 • Traditionally Hardware was expensive but is getting cheaper. E.g. USB Reader • Can read ID Badges, Credit Cards etc • Once hacked Cards with Authorized ID numbers can be used to unlock doors Source Dreamtime
Near Field Communications (NFC) • NFC, is a set of short-range wireless technologies • Typically requires a distance of 4 cm or less. • Operates at 13.56 MHz and at rates ranging from 106 kbit/s to 848 kbit/s • Always involves an initiator and a target • Initiator actively generates an RF field that can power a passive target • This enables NFC targets to take very simple form factors such as tags, stickers, key fobs, or cards that do not require batteries • NFC peer-to-peer communication is also possible, where both devices are powered.
Near Field Communications (NFC) • Emulation Mode: the NFC device behaves like an existing contactless card • Reader mode: the NFC device is active and reads a passive RFID tag, for example for interactive advertising • P2P mode: two NFC devices communicating together and exchanging information • Uses Include: • Mobile ticketing, such as Mobile Phone Boarding Pass • Mobile payment: the device acts as a debit/credit payment card. • Smart poster: the mobile phone is used to read RFID tags on outdoor billboards. • Pairing of Bluetooth 2.1 & NFC will be as easy as will be replaced by simply bringing the mobile phones close to each other. Source Dreamscape
NFC: The Facts… Source NFC Forum
NFC: Security Concerns • Theoretically Difficult due to Distance Factors….However! • The RF signal for the wireless data transfer can be picked up with antennas • Eavesdropping: NFC offers no protection against eavesdropping and can be vulnerable to data modifications • Applications may use higher-layer cryptographic protocols (e.g., SSL) to establish a secure channel. • Data Modification: One possibility to perturb the signal is the usage of an RFID jammer • Relay Attack • Lost Phone… Source Andy Malone
WiMAX (Worldwide Interoperability for Microwave Access) • A telecommunications protocol that provides fixed and mobile Internet access. • Seen as the next generation of wireless • Improvement over existing standard of 802.11. • No new equipment required • First WiMAX equipment launched in 2005 • Cover wider area, which can be as much as up to 50km • Current WiMAX provides up to 40 Mbit/s with the IEEE 802.16m update expected to offer up to 1 Gbit/s fixed speeds • The name "WiMAX" was created by the WiMAX Forum, formed in 2001 to promote conformity and interoperability of the standard • Forum describes WiMAX as "a standards-based technology enabling the delivery of last mile wireless broadband access as an alternative to cable and DSL Source Andy Malone
WiFi Security • IN 2001 Peter Shipley’s 2001 DefCon presentation on WarDriving alarmed the industry • The US Dept Homeland Security labelled WiFi a potential terrorist threat, demanded regulation • Seen as Shared media – like a network hub • Requires data privacy - encryption • Authentication necessary • Can access network without physical presence in building • Once you connect to wireless, you are an “insider” on the network Source Johan Loos
Wireless Network Security • Link Encryption • Encrypt traffic headers + data • Transparent to users • End-to-End Encryption • Encrypts application layer data only • Network devices need not be aware Source Dreamtime
Link Level Security Vs. End to End Security! Application (HTTP) Application (HTTP) SSL/TLS Transport (TCP) Transport (TCP) End host IPSec Network (IP) Network (IP) Network (IP) Network (IP) network … Link Link Link Link WEP/WPA/WPA2 • IEEE 802.11x security solutions are deployed at the link level • efficiency is very important all traffic will be encrypted
Current Authentication methods • Open Systems Authentication (OSA) • Shared Key Authentication • EAP / 802.1x
Open system authentication • Required by 802.11 • Just requires SSID from client • Only identification required is MAC address of client • WEP key not verified, but device will drop packets it can’t decrypt Source BT
Wireless LAN Security Goals • Access Control • No abuse of wireless network • This requires Key Management • Data Integrity • Data packets are not modified during transit • Confidentiality • Data packets are encrypted Image Source Page: http://krebsonsecurity.com/2010/06/wi-fi-street-smarts-iphone-edition/
Wireless LAN Security Standards • 802.11 WEP • 64/128 bit • Integrity Check • 802.11 + 802.1x • Uses RADIUS • 802.11 + WPA • 128 bit • For data encryption : TKIP • For data integrity: MIC • PSK or Enterprise • 802.11 + WPA2 • AES Image Source Page: http://blog.emixt.com/new-wi-fi-standard-promises-blazing-fast-data-speeds-2/
Shared key authentication • Utilizes challenge/response • Requires & matches key • Steps • Client requests association to AP • AP issues challenge to client • Client responds with challenge encrypted by WEP key • AP decrypts clients & verifies • WEAK! Attacker sniffs plain-text AND cipher-text! Source Dreamtime
WEP – Wired Equivalent Privacy • 3 different key lengths: 64, 128, and 256 bits, known as WEP 64, WEP 128, and WEP 256 respectively • WEP provides a casual level of security but is more compatible with older devices; • It is still used quite extensively despite security flaws • Each WEP key contains a 24 bit Initialization Vector (IV), and a user-defined or automatically generated key; • E.g. WEP 128 is a combination of the 24 bit IV and a user entered 26 digit hex key. ((26*4)+24=128) • WEP also comes in WEP2 and WEP+, which are not as common and still as vulnerable as the standard WEP encryption. Sourcehttp://www.wpacracker.com/
More Problems with WEP • Shared key – 40/104 bits • Initialization vector (IV) = 24 bits • Uses RC4 for encryption • Weaknesses/attacks • FMS key recovery attack – weak IVs • Filter weak IVs to mitigate • IV too short, gets reused after 5 hours • IP redirection, MITM attacks • Traffic injection attacks • Bit-flip attacks • WEP2 added, increases key length to 128 bits Source Dreamtime
TKIP to the rescue…er Almost! • Seen an interim solution developed to fix the key reuse problem of WEP. • TKIP – Temporal Key Integrity Protocol • Protects IV by removing predictability • Broadcast WEP key rotation is a good alternative if you can’t support TKIP • It later became part of the 802.11i and subsequently part of WPA standards. • Same encryption as WEP (RC4) • Variant Cisco Key Integrity Protocol (CKIP).
WPA – WiFi Protected Access • Originally designed for campus-wired networks • 2 Flavours WPA and WPA2 • Created to resolve several issues found in WEP • Both provide good security however, are not compatible with older devices • WPA was designed to distribute different keys to each client; however, it is still widely used in a (not as secure) pre-shared key (PSK) mode, in which every client has the same passphrase. • To fully utilize WPA, a user would need an 802.1x authentication server, which small businesses and typical home users cannot afford • WPA utilizes a 48 bit Initialization Vector (IV), twice the size of WEP, which combined with other WEP fixes, allows substantially greater security over WEP.
WPA-Personal: Also referred to as WPA-PSK (Pre-shared key) mode. Designed for SOHO networks and doesn't require an authentication server. Each wireless network device authenticates with the access point using the same 256-bit key. WPA-Enterprise: Also referred to as WPA-802.1x mode, and WPA (as opposed to WPA-PSK) Designed for enterprise networks, and requires a RADIUS authentication server Provides additional security (e.g. protection against dictionary attacks) EAP is used for authentication which comes in different flavors (for example EAP-TLS, EAP-TTLS, EAP-SIM). WPA – WiFi Protected Access
WPA2: Wireless Security: The Right Way! • 802.11b (i) Now Default Setting on Many Wireless Routers • FIPS-140 compliant • AES replaces RC4 w/TKIP • Robust Security Network (RSN) for establishing secure communications • Uses 802.1x for authentication • Replaces TKIP • Counter Mode with Cipher Block Chaining (CCMP) for encryption • CCM mode of AES • 128-bit keys, 48-bit IV • CBC-MAC provides data integrity/authentication • CCMP mandatory with RSN • WRAP was initial selection, licensing rights/problems got in the way
Myth: What if I Hide my SSID? • Common Misconception • No such thing as “hiding” an SSID • All that this accomplishes is Access Point beacon being suppressed • Four other SSID broadcasts not suppressed • Probe requests • Probe responses • Association requests • Re-association requests • SSIDs must be transmitted in clear text or else 802.11 cannot function
Myth: Use a Fixed IP Address • Disabling DHCP and forcing the use of Static IP addresses is another common myth • IP schemes are easy to figure out since the IP addresses are sent over the air in clear text as UDP Broadcasts • Takes less than a minute to figure out an IP scheme and statically enter an IP address
Myth: Use MAC Authentication! • Use of the word “authentication” is a joke! • It’s not MAC Spoofing… • MAC address filtering is all that’s going on • MAC addresses are transmitted in clear text • Extremely easy to capture with tools like Wireshark • Extremely easy to clone and defeat • Extremely difficult to manage MAC filtering
MAC Spoofing Example • Regedit – HKLM\System\CurrentControlSet\Control\Class • {4D36E972-E325-11CE-BFC1-08002BE10318} • Lookup for your wireless adapter • Create REG_SZ String • Name: NetworkAddress • Value: MAC address • Restart PC
Myth: Antenna placement and signal Suppression • Antenna placement and signal suppression does nothing to encrypt data • The hacker’s antenna is bigger than yours • Directional high-gain antennas can pick up a weak signal from several kilometers away • Lowering the signal hurts legitimate users a lot more than it hurts the hackers • Wi-Fi paint or wall paper not 100% leak proof and very expensive to implement
Wireless LAN Threats • WarChalking – WarDriving - WarFlying • Unathorized Access • Accidential Association • Malicous Association • MAC Spoofing • Man in the Middle Attack • Denial of Service (DoS) • Network Injection Attack • Caffe Latte attack
Wireless LAN Threats • Open Authentication • Open system authentication, basically everyone can connect • No encryption at all • Rogue and Unauthorized Acess Points • Employee install unmanaged access point • Access Point spoofing for MITM attack • Eavesdropping • Intercepting of radio signals and decode data • Wireless sniffer into promiscuous mode • Use an external antenna