1 / 17

Hacking, Tracking, and Baiting Surveillance, Wardriving and Honeypot Technologies

Hacking, Tracking, and Baiting Surveillance, Wardriving and Honeypot Technologies. Larry Korba Institute for Information Technology National Research Council of Canada. PST 2005 Workshop, October 12, 2005. Overview. Goal Wardriving Honeypots Other Surveillance Techniques Surreptitious

kipling
Download Presentation

Hacking, Tracking, and Baiting Surveillance, Wardriving and Honeypot Technologies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Hacking, Tracking, and BaitingSurveillance, Wardriving and Honeypot Technologies Larry Korba Institute for Information Technology National Research Council of Canada PST 2005 Workshop, October 12, 2005

  2. Overview • Goal • Wardriving • Honeypots • Other Surveillance Techniques • Surreptitious • Organization • Conclusions

  3. GOAL • Describe some “interesting” technologies related to surveillance, • and what to expect next • Raise privacy, responsibility, legal questions

  4. Wardriving • In the News Wi-Fi Security Wakes Up to Reality June, 2005 Wardriving around town February, 2005 How vulnerable is Wi-Fi Authentication? November, 2004 Florida man charged with stealing WiFi signal July, 2005

  5. Wardriving - Background • Wi-Fi: Wireless Fidelity • Wireless network communication (GHz range) • Wireless Access points provide bridge to Internet • Problems: • Network access through thin air • Wireless networks often configured without any security • Commonly used Wi-Fi security protocols broken • Looking for wireless access points is fun! • Using them is… illegal? Immoral?

  6. Wardriving – Technologies • Antenna • PowerfulSensitiveWi-FiCards

  7. Wardriving – Technologies • WEP 40 and 104 bit (+24 bit initialization vector = 64 bit/128 bit) • Poor implementation (2001), capture 5 million packets, attach IV in clear • Firmware improvements, then Korek 2004: WEP statistical cryptanalysis about 2 million packets required to break WEP • WPA Personal (WPA-PSK) Attack found in 2003, Tools appeared in 2004, WPA Cracker, WPAtty (Brute force, dictionary attacks on WPA-PSK four-way handshake (works on weak pass phrases) • Aircrack, WepLab, Airsnort, Kismet, Decrypt, among others (MAC address spoofing) # decrypt -f /usr/dict/words -m 00:02:2D:27:D9:22 -e encrypted.dump -d [RETURN] out.dump Found key: Hex - 61:6c:6f:68:61, ASCII - "aloha"

  8. Wardriving: Results? • Coverage maps

  9. Wardriving – Remedies • Security Enabled, WEP, WPA (Choose strong key) Change it regularly • Ensure admin password is enabled • Enable MAC address authentication • Use VPN access

  10. Wardriving – Other Remedies • Conventional • Radius server • Security audit: Wireless AP detection, WEP/WPA strength testing, coverage mapping • Others • Antenna design • Shielding • Windows, Walls • Paint? Forcefieldwireless.com • Future • Better AP configuration (secure out of the box) • Intel range determination 1’ over 231’ • Mapping wireless: alternative to GPS (Microsoft) • WPA2 improvements? • Responsibility? Laws? Morality?

  11. Honeypots New Gatesweeper firewall collects information about attackers • News Items… Skype Honeypot snares dirty IMers Wi-Fi ‘WarTrappers’ nab drive-by hackers Cops tempt crook with technology ‘Honeymonkeys’ find web threats Avoiding Sticky Legal Traps: Hackers have rights too! How can you deploy honeypots without running afoul of the law.

  12. Honeypots – Background • Definition/Description/Origin • “An evening with Bereford: In which a cracker is lured, endured and studied” Bill Cheswick, 1991 • Any system resource whose value lies: in being probed, attacked, or compromised ; in unauthorized or illicit use of that resource • Don’t solve a particular problem, but contribute to Sec. Arch. • Not for prevention • Ineffective against automated attacks • Provide early warning, prediction • Discover new tools/tactics • Track behavior patterns • Develop forensic analysis skills • Low and High interaction types

  13. Honeypots- Application • Capture low-hanging fruit • Network configurations • Emulation • OS with bugs • Open ports…

  14. Honeypots – Spin-offs/Future • Further Honeypot/Honeynet development • Integrated, proactive 0-day security response • GHH: Google Hack Honeypot • Honeymonkey • Web spider (client) (unpatched XP) • Gathers malicious code hosted by web servers • Technology “traps” • Automobiles (Black Box and Bait)

  15. Other Surveillance Techniques • Keystroke monitoring (Historical and present day (surreptitious screen shots, keystroke monitoring) • Trojans, rootkits, backdoors via web and email • Email monitoring • Metalincs • Smarsh • SpectorSoft • Instant Messaging • IMbrella • Global Relay • File usage • Network monitoring • Government Surveillance • Google! • Legal Issues remain!

  16. The Bottom Line • Surreptitious monitoring and network access • There are many ways, There will be more • Who is responsible? What is the law? • Privacy protection? • Is there a “Reasonable Expectation for Privacy” in network related activities? • Entrapment? • Do possible network intruders have rights? • If you operate an open wireless access point are you offering a service? • Jurisdictional issues

More Related