260 likes | 453 Views
Copyright (C) Manageworx 2003. 2. . . Copyright (C) Manageworx 2003. 3. Agenda. The business impact of wirelessWireless Networking basicsBrief history of WLANWLAN threats (802.11b)WLAN risk mitigationConclusions. Copyright (C) Manageworx 2003. 4. The Impact. Wireless is at the same state today that the Internet was in 1995As of 2003, 1/5th of the world's population using wireless devicesWLAN Business Drivers:Faster realization of ROI32 users with a total cost of ownership of $20,000 o29970
E N D
1. Wireless Networks: There Be Dragons! Marc Rogers PhD, CISSP
Director of Information Security Services
Manageworx Infosystems Inc.
2. Copyright (C) Manageworx 2003 2
3. Copyright (C) Manageworx 2003 3 Agenda The business impact of wireless
Wireless Networking basics
Brief history of WLAN
WLAN threats (802.11b)
WLAN risk mitigation
Conclusions
4. Copyright (C) Manageworx 2003 4 The Impact Wireless is at the same state today that the Internet was in 1995
As of 2003, 1/5th of the world’s population using wireless devices
WLAN Business Drivers:
Faster realization of ROI
32 users with a total cost of ownership of $20,000 over three years would deliver a benefit of $300,000 over a three-year period.
150 users with a total cost of ownership of $60,000 over three years would deliver a benefit of $1,000,000 over a three-year period.
1000 users with a total cost of ownership of $400,000 over three years would deliver a benefit of $5,000,000 over a three-year period.
(Source: IntelFinance 2002)
5. Copyright (C) Manageworx 2003 5 Growth of WLAN
6. Copyright (C) Manageworx 2003 6 Vertical Mobile Application Trends
7. Copyright (C) Manageworx 2003 7 Impact of Mobile Applications
8. Copyright (C) Manageworx 2003 8 Basic Overview Wireless Networks
Transport mechanism between devices and the traditional wired networks
Covers various technologies
2G Cellular, Cellular Digital Packet Data (CDPD), Global System for Mobile Communication (GSM), WLAN
Ad Hoc Networks
Shifting network topologies
Short distances
Blue tooth
Cell phones
Laptops
PDAs
Wireless LANS (WLANS)
Connects computers and other components to networks using an access point device
802.11 IEEE Standard
9. Copyright (C) Manageworx 2003 9 WLAN History Late 1980’s Motorola developed the first commercial WLAN
1990 – IEEE initiated the 802.11 project
1997 - IEEE approves the 802.11 international interoperability standard
1999 – IEEE ratifies the 802.11a & 802.11b wireless network communication standard
802.11b is the current, most used standard
Frequency 2.4GHz – 2.5GHz Industrial, Scientific, and Medical (ISM)
Maximum transmission speed 11Mbits per second
802.11a is soon to be released
5 GHz frequency
54 Mbps
10. Copyright (C) Manageworx 2003 10 WLAN Threats All the vulnerabilities that exist in a wired network
Plus others
General consensus on at least 8 top issues
11. Copyright (C) Manageworx 2003 11 WLAN Security Top 8 Security Issues with 802.11b
Access Point Mapping
SSID Broadcasting
SSID Naming Conventions
Security Architecture
Radio Frequency Management
Default Settings
Encryption
Authentication
12. Copyright (C) Manageworx 2003 12 Top 802.11b Security Issues 1. Access Point Mapping
Access points can be monitored and located using freely available software, known as ‘war driving.’ Mapping tools can give you information that can allow you to become part of their network, such as channel number (you can change the name of your wireless to match the ssid, and at that point you can actually become part of the network, as long as they assign you an ip address, through dhcp, or if you can sniff an ip address you can simply change yours to match.
You also get longitude and latitude parameters with gps capabilities.Mapping tools can give you information that can allow you to become part of their network, such as channel number (you can change the name of your wireless to match the ssid, and at that point you can actually become part of the network, as long as they assign you an ip address, through dhcp, or if you can sniff an ip address you can simply change yours to match.
You also get longitude and latitude parameters with gps capabilities.
13. Copyright (C) Manageworx 2003 13 Top 802.11b Security Issues 1. Access Point Mapping
By getting the latitude and longitude parameters from the software, you can know exactly where the access points are, and at that point you can basically do anything you like within the realm of your creativity.By getting the latitude and longitude parameters from the software, you can know exactly where the access points are, and at that point you can basically do anything you like within the realm of your creativity.
14. Copyright (C) Manageworx 2003 14 Top 802.11b Security Issues 2. SSID Broadcasting The ssid is essentially the network name, which allows an attacker to simply change the network name on his/her laptop, which in effect allows the attacker to become part of the network. That’s all it really takes.The ssid is essentially the network name, which allows an attacker to simply change the network name on his/her laptop, which in effect allows the attacker to become part of the network. That’s all it really takes.
15. Copyright (C) Manageworx 2003 15 Top 802.11b Security Issues 3. SSID Naming Conventions Vendors will have ‘default’ ids and passwords set that can be used by attackers. Shown in the box is the default Cisco wireless id.Vendors will have ‘default’ ids and passwords set that can be used by attackers. Shown in the box is the default Cisco wireless id.
16. Copyright (C) Manageworx 2003 16 Top 802.11b Security Issues 4. Security Architecture If you’ve got an access point in the internal network, then you’ve basically opened it up to everyone. A better to solution is to create a dmz where you have an access point, which is shown on the next slide.
If you’ve got an access point in the internal network, then you’ve basically opened it up to everyone. A better to solution is to create a dmz where you have an access point, which is shown on the next slide.
17. Copyright (C) Manageworx 2003 17 Top 802.11b Security Issues 5. Radio Frequency Management Making sure that your footprint doesn’t go past what you can control. Bluetooth can impact the availability of your 802.11b network, because bluetooth can disrupt your signals (that’s why they don’t allow you to use your cellphones in hospitals, etc.)Making sure that your footprint doesn’t go past what you can control. Bluetooth can impact the availability of your 802.11b network, because bluetooth can disrupt your signals (that’s why they don’t allow you to use your cellphones in hospitals, etc.)
18. Copyright (C) Manageworx 2003 18 Top 802.11b Security Issues 6. Default Settings Unless you take some steps to increase the security of the ‘default’ shipment of wireless, then you don’t really have any security at all.Unless you take some steps to increase the security of the ‘default’ shipment of wireless, then you don’t really have any security at all.
19. Copyright (C) Manageworx 2003 19 Top 802.11b Security Issues 7. Encryption Encryption can protect your wireless transmissions.Encryption can protect your wireless transmissions.
20. Copyright (C) Manageworx 2003 20 Top 802.11b Security Issues 8. Authentication You need to add user and device authentication to increase the security of your wireless networks. Eg, two-factor, radius, tacacs, vpns,etc.You need to add user and device authentication to increase the security of your wireless networks. Eg, two-factor, radius, tacacs, vpns,etc.
21. Copyright (C) Manageworx 2003 21 Risk Mitigation Management Countermeasures
Security Policy
WLAN specific Policy
Operational Countermeasures
Physical security
Access controls
Placement of the AP
Location
Range
22. Copyright (C) Manageworx 2003 22 Risk Mitigation Technical Countermeasures
Hardware/Software solutions
Access Point configuration
Updating default passwords
Proper encryption settings
Controlling the reset function
MAC ACL functionality
Changing the SSID
Changing the default crypto keys
23. Copyright (C) Manageworx 2003 23 Risk Mitigation Technical Countermeasures (cont’d)
Change default SNMP parameter
Change default channel
DHCP
Authentication
VPNs
BIOMETERICS
Personal firewalls
IDS
Security Assessments
24. Copyright (C) Manageworx 2003 24 Conclusions Wireless technology is in boom phase
Businesses are “leaping” into the wireless arena
Caution is required
Still an evolving technology
WLAN has risks
Need to properly manage the “risk”
No magic bullet for complete protection
Treat WLAN traffic as “Untrusted” traffic
25. Copyright (C) Manageworx 2003 25 Wireless Security Tools Net Stumbler
http://www.netstumbler.com
WEP Crack
http://wepcrack.sourceforge.net
MAC Stumbler
http://macstumbler.com
Airsnort
http://airsnort.shmoo.com
26. Copyright (C) Manageworx 2003 26 QUESTIONS
27. Copyright (C) Manageworx 2003 27 Contact Information
Dr. Marc Rogers
(204) 989-8750
mkr@manageworx.com
www.manageworx.com