Your SlideShare is downloading. ×
0
Unauthorized Wireless
    Connectivity

           John Rhoton
      Mobile Technology Lead
            HP Services

     ...
Risk Benefit Analysis
• Weak Protocols       •   Uncertified Devices
• Poor Configuration   •   Insecure Infrastructure
• ...
Agenda
•   Unmanaged Bluetooth
•   Rogue WLANs
•   WWAN backdoors
•   Underground IPv6

• Best Practices


               ...
Bluetooth Threats
• Poorly configured devices
  – Compromise device
     • Sensitive data
     • Credentials
  – Compromis...
Bluetooth vulnerability
• PIN Attack
  – Often hard-coded
  – Usually short (4-digit)
  – Passive key interception
• Bluej...
Bluetooth Configuration




                          6
Rogue Access Points
• Highest risk when
  WLANs are NOT
  implemented
   – Completely unsecured by
     default
   – Usual...
Decoy Access Points
•   Troubleshooting nightmare
•   Denial of Service
•   Credential interception
•   SSL redirection


...
Unauthorized Wireless
       Bridge

         Private LAN




                   Public Network



                       ...
Trojans, Crawlers and Bots




                             10
Port Forwarding




                  11
Reverse
Network Address Translation




                              12
Bridge device
• No need for integrated WWAN
• PCMCIA card sufficient
• Modem
  – Bluetooth phone
  – USB / RS-232 phone


...
Rogue IPv6
            Devices / Networks
            What you don’t know will hurt you

• Unauthorized IPv6
  devices
  –...
IPv6 Transition Exposure
•   IPv6 is available
•   IPv6 is in use
•   IPv6 is on many private networks
•   IPv6 magnifies ...
Threat Identification and
         Intrusion Prevention
• Intrusion Detection Products
  – Manual
  – Sensors
  – Infrastr...
Refined Network Access
• Binary Access Insufficient



              Access   Intranet   Internet




• Health checks beco...
Role-based Access Control
• Bluesocket           • Aruba
• Perfigo (Cisco)      • HP ProCurve
• Cranite                (Ve...
Network Compartmentalization
Adaptive Network Architecture




                                Virus Throttling
          ...
User Education
•   Danger awareness
•   Caution on interfaces
•   Configuration guidance
•   Corporate policy




        ...
Mobile Device Security
          Management
• Platform selection
  – Software/Firmware Upgrades
  – Patch Management
• Con...
Summary
• Security concerns are the greatest inhibitor to
  mobility
• Wireless networks and devices introduce new
  risks...
Questions?
         Contact me at:
http://www.linkedin.com/in/rhoton
                                    23
Upcoming SlideShare
Loading in...5
×

Unauthorized Wireless Network Connections

1,077

Published on

Unauthorised Wireless Network Access
ISSE 2006

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,077
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
25
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Unauthorized Wireless Network Connections"

  1. 1. Unauthorized Wireless Connectivity John Rhoton Mobile Technology Lead HP Services 1
  2. 2. Risk Benefit Analysis • Weak Protocols • Uncertified Devices • Poor Configuration • Insecure Infrastructure • Careful Monitoring • No User Guidance • No Administrative Control 2
  3. 3. Agenda • Unmanaged Bluetooth • Rogue WLANs • WWAN backdoors • Underground IPv6 • Best Practices 3
  4. 4. Bluetooth Threats • Poorly configured devices – Compromise device • Sensitive data • Credentials – Compromise network • Unauthorized access • Denial of Service • Default configurations insufficient 4
  5. 5. Bluetooth vulnerability • PIN Attack – Often hard-coded – Usually short (4-digit) – Passive key interception • Bluejacking – Virus Propagation • Bluesnarfing – Bluesniping 5
  6. 6. Bluetooth Configuration 6
  7. 7. Rogue Access Points • Highest risk when WLANs are NOT implemented – Completely unsecured by default – Usually Connected by naïve users – Can be strategically placed by intruders 7
  8. 8. Decoy Access Points • Troubleshooting nightmare • Denial of Service • Credential interception • SSL redirection 8
  9. 9. Unauthorized Wireless Bridge Private LAN Public Network 9
  10. 10. Trojans, Crawlers and Bots 10
  11. 11. Port Forwarding 11
  12. 12. Reverse Network Address Translation 12
  13. 13. Bridge device • No need for integrated WWAN • PCMCIA card sufficient • Modem – Bluetooth phone – USB / RS-232 phone • Virtually impossible to prevent unless desktops/laptops are locked down! 13
  14. 14. Rogue IPv6 Devices / Networks What you don’t know will hurt you • Unauthorized IPv6 devices – Windows XP: ipv6 install • Unauthorized Hijacked Networks Computer Private – Internal tunnels Public Internet Network • Compromised Perimeter Victim – External tunnels Intruder 14
  15. 15. IPv6 Transition Exposure • IPv6 is available • IPv6 is in use • IPv6 is on many private networks • IPv6 magnifies the wireless vulnerabilities • Corporate Security – does not monitor IPv6 • Corporate IT – is not familiar with IPv6 • This is irresponsible! 15
  16. 16. Threat Identification and Intrusion Prevention • Intrusion Detection Products – Manual – Sensors – Infrastructure • Network Monitoring • Revised Security Model 16
  17. 17. Refined Network Access • Binary Access Insufficient Access Intranet Internet • Health checks become mandatory (NAP/NAC) • Complete Access Layer secured (e.g. 802.1x) 17
  18. 18. Role-based Access Control • Bluesocket • Aruba • Perfigo (Cisco) • HP ProCurve • Cranite (Vernier) User Role Time Access Schedule IP Address Port Control VLAN Location 18
  19. 19. Network Compartmentalization Adaptive Network Architecture Virus Throttling 19
  20. 20. User Education • Danger awareness • Caution on interfaces • Configuration guidance • Corporate policy 20
  21. 21. Mobile Device Security Management • Platform selection – Software/Firmware Upgrades – Patch Management • Configuration Management • Policy enforcement – Passwords Security – Device lock – Policy updates • User support – Device lockout Usability – Backup/restore 21
  22. 22. Summary • Security concerns are the greatest inhibitor to mobility • Wireless networks and devices introduce new risks • Ignoring these technologies does not make the risks disappear! • The key to mobile security is a thorough reevaluation of existing security 22
  23. 23. Questions? Contact me at: http://www.linkedin.com/in/rhoton 23
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×