An attack that sends unsolicited messages to bluetooth-enabled devices

Security+ Guide to Network Security Fundamentals, Fourth Edition

Chapter 8

Wireless Network Security

1

Wireless Network Security

Wireless data communications have revolutionized computer networking

Wireless data networks found virtually everywhere

Wireless networks have been targets for attackers

Early wireless networking standards had vulnerabilities

Changes in wireless network security yielded security comparable to wired networks

Security+ Guide to Network Security Fundamentals, Fourth Edition

2

2

Blue Tooth

Bluetooth ( )

Wireless technology

Uses short-range radio frequency transmissions

Provides for rapid, ad-hoc device pairings

Example: smartphone and Bluetooth headphones, Bose Mini etc

Personal Area Network (PAN) technology

Two types of Bluetooth network topologies

Piconet

Scatternet

Security+ Guide to Network Security Fundamentals, Fourth Edition

3

3

Bluetooth

Piconet

Established when two Bluetooth devices come within range of each other

One device (master) controls all wireless traffic

Other device (slave) takes commands

Active slaves can send transmissions

Parked slaves are connected but not actively participating

4

4

Scatternet

Group of piconets with connections between different piconets

5

Bluetooth

5

Security+ Guide to Network Security Fundamentals, Fourth Edition

6

Bluejacking

Attack that sends unsolicited messages to Bluetooth-enabled devices

Text messages, images, or sounds

Considered more annoying than harmful

No data is stolen

Popular in Europe

Guerilla Marketing

Bluetooth Attacks

6

Wireless Attacks (cont’d.)

Bluesnarfing

Unauthorized access to wireless information through a Bluetooth connection

Often between cell phones and laptops

Attacker copies e-mails, contacts, or other data by connecting to the Bluetooth device without owner’s knowledge

http://www.youtube.com/watch?v=KfZ7Ek409LM

https://www.youtube.com/watch?v=6iIqB-LI1go

Security+ Guide to Network Security Fundamentals, Fourth Edition

7

7

Wireless Attacks (cont’d.)

Bluesnarfing

Unauthorized access to wireless information through a Bluetooth connection

Often between cell phones and laptops

Attacker copies e-mails, contacts, or other data by connecting to the Bluetooth device without owner’s knowledge

http://www.youtube.com/watch?v=KfZ7Ek409LM

https://www.youtube.com/watch?v=6iIqB-LI1go

All patched years ago

However…

Security+ Guide to Network Security Fundamentals, Fourth Edition

8

8

Wireless Attacks (cont’d.)

Security+ Guide to Network Security Fundamentals, Fourth Edition

9

Good news is that most phones have patches

Next attack surface is Echo, Google Home devices

Patches available also

Best bet, disengage BlueTooth when in public

9

Wireless History

Institute of Electrical and Electronics Engineers (IEEE)

Most influential organization for computer networking and wireless communications

Dates back to 1884

Began developing network architecture standards in the 1980s

1997: release of IEEE 802.11

Standard for wireless local area networks (WLANs)

Higher speeds added in 1999: IEEE 802.11b

Security+ Guide to Network Security Fundamentals, Fourth Edition

10

10

Wireless LAN

IEEE 802.11a

Specifies maximum rated speed of 54Mbps using the 5GHz spectrum

IEEE 802.11g

Preserves stable and widely accepted features of 802.11b

Increases data transfer rates similar to 802.11a

IEEE 802.11n

Ratified in 2009

Speed – up to 300Mbps in real world competing networks

Coverage area – double a, b, g

Security+ Guide to Network Security Fundamentals, Fourth Edition

11

11

Wireless LAN

Access point (AP) major parts

Base Station for wireless network

Antenna and radio transmitter/receiver send and receive wireless signals

Bridging software to interface wireless devices to other devices

Wired network interface allows it to connect by cable to standard wired network

12

12

Wireless LAN Attacks

Wireless broadband routers

Single hardware device containing AP, firewall, router, and DHCP server

Wireless networks have been vulnerable targets for attackers

Not restricted to a cable

Types of wireless LAN attacks

Discovering the network

Attacks through the RF spectrum

Attacks involving access points

Security+ Guide to Network Security Fundamentals, Fourth Edition

13

13

Wireless LAN Attacks (cont’d.)

Discovering the network

One of first steps in attack is to discover presence of a network

Beaconing

AP sends signal at regular intervals to announce its presence and provide connection information

Wireless device scans for beacon frames

War driving

Process of passive discovery of wireless network locations

14

14

Wireless LAN Attacks (cont’d.)

War chalking

Documenting and then advertising location of wireless LANs for others to use

Previously done by drawing on sidewalks or walls around network area

Today, locations are posted on Web sites

Security+ Guide to Network Security Fundamentals, Fourth Edition

15

15

Wireless LAN Attacks (cont’d.)

Evil twin

AP set up by an attacker

Attempts to mimic an authorized AP

Attackers capture transmissions from users to evil twin AP

Some discovery tools available

EvilAP_Defender

Always use a VPN, creating an encrypted tunnel between your computer and a third-party server, preventing snoopers from intercepting information enroute.

l

Security+ Guide to Network Security Fundamentals, Fourth Edition

16

16

Combat Attacks - MAC Address Filtering

Method of controlling WLAN access

Limit a device’s access to AP

Media Access Control (MAC) address filtering

Used by nearly all wireless AP vendors

Permits or blocks device based on MAC address

Vulnerabilities of MAC address filtering

Addresses exchanged in unencrypted format

Attacker can see address of approved device and substitute it on his own device

Managing large number of addresses is challenging

Security+ Guide to Network Security Fundamentals, Fourth Edition

17

17

Security+ Guide to Network Security Fundamentals, Fourth Edition

18

Figure 8-7 MAC address filtering

© Cengage Learning 2012

Combat Attacks - MAC Address Filtering

18

Wireless Security Types

Each device must be authenticated prior to connecting to the WLAN

Ranking the current Wi-Fi security methods available on any modern (post-2006) router, ordered from best to worst:

WPA2 + AES

WPA + AES

WPA + TKIP/AES (TKIP is there as a fallback method)

WPA + TKIP

WEP

Open Network (no security at all)

Ideally, you’ll disable Wi-Fi Protected Setup (WPS) and set your router to WPA2 +AES.

Source: HowtoGeek.com

19

19

Wi-Fi Protected Access 2 (cont’d.)

AES encryption and decryption

Should be performed in hardware because of its computationally intensive nature

IEEE 802.1x authentication

Originally developed for wired networks

Provides greater degree of security by implementing port security

Blocks all traffic on a port-by-port basis until client is authenticated

Security+ Guide to Network Security Fundamentals, Fourth Edition

20

20

Other Wireless Security Steps

Antenna placement

Locate near center of coverage area

Place high on a wall to reduce signal obstructions and deter theft

Power level controls

Some APs allow adjustment of the power level at which the LAN transmits

Reducing power allows less signal to reach outsiders

Security+ Guide to Network Security Fundamentals, Fourth Edition

21

21

Other Wireless Security Steps

Organizations are becoming increasingly concerned about existence of rogue APs

Rogue access point discovery tools

Security personnel can manually audit airwaves using wireless protocol analyzer

Continuously monitoring the RF airspace using a wireless probe

Types of wireless probes

Wireless device probe

Desktop probe

Security+ Guide to Network Security Fundamentals, Fourth Edition

22

22

Other Wireless Security Steps

Types of wireless probes (cont’d.)

Access point probe

Dedicated probe

Wireless virtual LANs (VLANs)

Organizations may set up to wireless VLANs

One for employee access, one for guest access

Configured in one of two ways

Depending on which device separates and directs the packets to different networks

Good Read: How to Secure Your Home

Krack here

Review OnGuardOnline.gov

23

23

Applied Sciences

Architecture and Design

Biology

Business & Finance

Chemistry

Computer Science

Geography

Geology

Education

Engineering

English

Environmental science

Spanish

Government

History

Human Resource Management

Information Systems

Law

Literature

Mathematics

Nursing

Physics

Political Science

Psychology

Reading

Science

Social Science

Home

Blog

Archive

Contact