Guerilla Warfare Balakumar Balasubramanian. Security Issues In Wireless/Mobile Networking

Download Guerilla Warfare Balakumar Balasubramanian. Security Issues In Wireless/Mobile Networking

Post on 26-Dec-2015




2 download

Embed Size (px)


<ul><li> Slide 1 </li> <li> Guerilla Warfare Balakumar Balasubramanian </li> <li> Slide 2 </li> <li> Security Issues In Wireless/Mobile Networking </li> <li> Slide 3 </li> <li> AENDA Faces of wireless Who are Cyber Guerillas Who are at RiskWhat do they do Pitfalls Combating Techniques Personal Observations </li> <li> Slide 4 </li> <li> Many Faces of Wireless Wireless Personal Area Networks (WPANs) use very short-range wireless technology to replace cables connecting PCs with peripherals, phones with headsets, etc. Wireless Local Area Networks (WLANs) use short-range wireless to reach at least 300 feet, at speeds up to 11 Mbps (IEEE 802.11b) and 54 Mbps (802.11a/g). WLANs connect computers-desktops, laptops, PDAs and Pocket PC-enabled phones-to each other and to adjacent networks via wireless access points or gateways. </li> <li> Slide 5 </li> <li> Wireless Metropolitan Area Networks (WMANs) use very high-speed wireless for site-to-site connections-for example, a five-mile point-to-point uplink from a subscriber's office to a service provider's network access center. WMAN technologies include LMDS, MMDS, and IEEE 802.16 fixed broadband wireless. Wireless Wide Area Networks (WWANs) are long-range radio networks that deliver mobile voice and data to subscriber devices like cellphones, pagers, smart phones, voice-enabled PDAs and Blackberries. </li> <li> Slide 6 </li> <li> Cyber Guerillas Cyber Guerillas are the newest breed of hackers. They love to hunt and sniff the air for signals emitted from the Wireless Handheld devices that you use to connect to the WLAN </li> <li> Slide 7 </li> <li> Who are cyber guerillas? Wireless Network hackers Deny or destroy wireless services for legitimate user. They search for signals in the spectrums and uses hacking tools to decrypt the transmission. More dangerous than regular hacker. </li> <li> Slide 8 </li> <li> Who are at Risk? A Business Traveler closing a multi million dollar deal Military Personal receiving military alerts Hotspot Users Any body using a wireless device. </li> <li> Slide 9 </li> <li> What do they do? Cyber Guerillas eavesdrop, grab passwords, valid station identifiers and network address( Particularly default ones the system administrator forgot to change). Steal internet bandwidth, user your network as a spring board to attack others Use sniffing tool to search for signals from wireless mobile devices. After successfully intercepting the signals, they divert those signal to high speed connection and then target wireless vulnerabilities. </li> <li> Slide 10 </li> <li> Our Pitfalls Frequency Channel Overlapping - The space between channel can be so narrow that one frequency might overlap with another. Wi-Fi Implementation incompatibility Hotspots in public places. Unauthorized workstations. System defaults that havent been changed. Immature or inadequate wireless standards. </li> <li> Slide 11 </li> <li> Being Prepared What can an intruder see on the target systems? What can an intruder do with that information? Does anyone at the target notice the intruder's attempts or successes? 1. What are you trying to protect? 2. Who are you trying to protect against? 3. How much time, effort, and money are you willing to expend to obtain adequate protection? </li> <li> Slide 12 </li> <li> Prevention is Better If you don't know what you're defending and why, your security measures are just shots in the dark. Who needs access to what and when? Once assets have been identified, enumerate threats and quantify risks. Security is always a balancing act, weighing risk against cost. the trick then is to monitor your network's health to keep it safe. </li> <li> Slide 13 </li> <li> Preparing for Combat Authentication VPN Firewalls Cryptography Biometrics </li> <li> Slide 14 </li> <li> Authentication Authenticate a message senders identity. PKI-Public Key Infrastructure Mechanism provides a set of technologies that relies on certificates. Certificates are messages attachments,issued by certificate authority that authenticate a senders identity and provide encryption keys. Public key cryptography use a single algorithm to create a public and private key. Challenges Wireless devices have a low throughput and computational power. WPKI Wireless PKI Smart cards inserted into a device mounted reader. </li> <li> Slide 15 </li> <li> IEEE 802.11 Security The 802.11 standard's security is composed of authentication and encryption. When shared-key authentication is enabled, stations can associate with the AP only if they have a 40- or 128-bit key known to both parties. Only stations that possess the shared key can join the WLAN Authentication of individual stations not possible with 802.11 802.11i standard's Temporal Key Integrity Protocol (TKIP) provides for more robust encryption. </li> <li> Slide 16 </li> <li> Virtual Private Network Provide security by creating an encrypted tunnel through public internet. Reduces cost by eliminating the need for companies to build secure private networks. Once a handheld devices VPN client obtains an IP address by connecting to the internet, it can authenticate itself to companys VPN server. </li> <li> Slide 17 </li> <li> VPN Deployment </li> <li> Slide 18 </li> <li> Firewalls / Biometrics A WAP gateway can serve as the single point of entry for an enterprises wireless system. Companies can secure and monitor the gateway as they do a traditional firewall. Use of a persons unique physical characteristics. Finger Prints,voice patterns, facial geometry or retinal images. Biometrics are too costly for small wireless devices. </li> <li> Slide 19 </li> <li> Personal Observation Wireless networks are widely used. SEPTA Market East Station PWD Water Treatment plant Security Industry </li> <li> Slide 20 </li> <li> Suggestions? </li> </ul>