SlideShare une entreprise Scribd logo

Unauthorized Wireless Network Connections

Télécharger en tant que PPTX, PDF
John Rhoton
John Rhoton

Unauthorised Wireless Network Access ISSE 2006

Technologie
1  sur  23
Unauthorized Wireless Connectivity John Rhoton Mobile Technology Lead HP Services 1
Risk Benefit Analysis • Weak Protocols • Uncertified Devices • Poor Configuration • Insecure Infrastructure • Careful Monitoring • No User Guidance • No Administrative Control 2
Agenda • Unmanaged Bluetooth • Rogue WLANs • WWAN backdoors • Underground IPv6 • Best Practices 3
Bluetooth Threats • Poorly configured devices – Compromise device • Sensitive data • Credentials – Compromise network • Unauthorized access • Denial of Service • Default configurations insufficient 4
Bluetooth vulnerability • PIN Attack – Often hard-coded – Usually short (4-digit) – Passive key interception • Bluejacking – Virus Propagation • Bluesnarfing – Bluesniping 5
Bluetooth Configuration 6
Rogue Access Points • Highest risk when WLANs are NOT implemented – Completely unsecured by default – Usually Connected by naïve users – Can be strategically placed by intruders 7
Decoy Access Points • Troubleshooting nightmare • Denial of Service • Credential interception • SSL redirection 8
Unauthorized Wireless Bridge Private LAN Public Network 9
Trojans, Crawlers and Bots 10
Port Forwarding 11
Reverse Network Address Translation 12
Bridge device • No need for integrated WWAN • PCMCIA card sufficient • Modem – Bluetooth phone – USB / RS-232 phone • Virtually impossible to prevent unless desktops/laptops are locked down! 13
Rogue IPv6 Devices / Networks What you don’t know will hurt you • Unauthorized IPv6 devices – Windows XP: ipv6 install • Unauthorized Hijacked Networks Computer Private – Internal tunnels Public Internet Network • Compromised Perimeter Victim – External tunnels Intruder 14
IPv6 Transition Exposure • IPv6 is available • IPv6 is in use • IPv6 is on many private networks • IPv6 magnifies the wireless vulnerabilities • Corporate Security – does not monitor IPv6 • Corporate IT – is not familiar with IPv6 • This is irresponsible! 15
Threat Identification and Intrusion Prevention • Intrusion Detection Products – Manual – Sensors – Infrastructure • Network Monitoring • Revised Security Model 16
Refined Network Access • Binary Access Insufficient Access Intranet Internet • Health checks become mandatory (NAP/NAC) • Complete Access Layer secured (e.g. 802.1x) 17
Role-based Access Control • Bluesocket • Aruba • Perfigo (Cisco) • HP ProCurve • Cranite (Vernier) User Role Time Access Schedule IP Address Port Control VLAN Location 18
Network Compartmentalization Adaptive Network Architecture Virus Throttling 19
User Education • Danger awareness • Caution on interfaces • Configuration guidance • Corporate policy 20
Mobile Device Security Management • Platform selection – Software/Firmware Upgrades – Patch Management • Configuration Management • Policy enforcement – Passwords Security – Device lock – Policy updates • User support – Device lockout Usability – Backup/restore 21
Summary • Security concerns are the greatest inhibitor to mobility • Wireless networks and devices introduce new risks • Ignoring these technologies does not make the risks disappear! • The key to mobile security is a thorough reevaluation of existing security 22
Questions? Contact me at: http://www.linkedin.com/in/rhoton 23

Recommandé

Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your BusinessJose L. Quiñones-Borrero
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneJose L. Quiñones-Borrero
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Positive Hack Days
 
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsBank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsMichelle Morgan-Nelsen
 
StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware Lancope, Inc.
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)Opposing Force S.r.l.
 

Recommandé

Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your BusinessJose L. Quiñones-Borrero
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneJose L. Quiñones-Borrero
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Positive Hack Days
 
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsBank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsMichelle Morgan-Nelsen
 
StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware Lancope, Inc.
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)Opposing Force S.r.l.
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 
Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?Cristian Garcia G.
 
Атаки на мобильные сети
Атаки на мобильные сетиАтаки на мобильные сети
Атаки на мобильные сетиEkaterina Melnik
 
Top 5 wi fi security threats
Top 5 wi fi security threatsTop 5 wi fi security threats
Top 5 wi fi security threatsgruzabb
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksIcomm Technologies
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection SystemLuca Bongiorni
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityfrcarlson
 
Offline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionOffline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionmalvvv
 
Gen4 Raptor Flyer
Gen4 Raptor FlyerGen4 Raptor Flyer
Gen4 Raptor FlyerTyler Rack
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)military
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesElsa Cariello
 
Ss r164 d4eb4em212t
Ss r164 d4eb4em212tSs r164 d4eb4em212t
Ss r164 d4eb4em212tsecuritall
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-AJim Stockstill
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a NutshellPieter Cloete
 
Exp w21
Exp w21Exp w21
Exp w21SelectedPresentations
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Olga Kochetova
 
Penetration Testing as an auditing tool
Penetration Testing as an auditing toolPenetration Testing as an auditing tool
Penetration Testing as an auditing toolsyrinxtech
 
Wireless security
Wireless securityWireless security
Wireless securityAurobindo Nayak
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherShakacon
 
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Novell
 
Pruebas de aptitud 2013
Pruebas de aptitud 2013Pruebas de aptitud 2013
Pruebas de aptitud 2013Roberto Serrano
 
Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1Patrick Kenney
 

Contenu connexe

Tendances

Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopSymantec
 
Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?Cristian Garcia G.
 
Атаки на мобильные сети
Атаки на мобильные сетиАтаки на мобильные сети
Атаки на мобильные сетиEkaterina Melnik
 
Top 5 wi fi security threats
Top 5 wi fi security threatsTop 5 wi fi security threats
Top 5 wi fi security threatsgruzabb
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksIcomm Technologies
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection SystemLuca Bongiorni
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityfrcarlson
 
Offline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionOffline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionmalvvv
 
Gen4 Raptor Flyer
Gen4 Raptor FlyerGen4 Raptor Flyer
Gen4 Raptor FlyerTyler Rack
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)military
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesElsa Cariello
 
Ss r164 d4eb4em212t
Ss r164 d4eb4em212tSs r164 d4eb4em212t
Ss r164 d4eb4em212tsecuritall
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-AJim Stockstill
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a NutshellPieter Cloete
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Olga Kochetova
 
Penetration Testing as an auditing tool
Penetration Testing as an auditing toolPenetration Testing as an auditing tool
Penetration Testing as an auditing toolsyrinxtech
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherShakacon
 
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Novell
 

Tendances (20)

Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
 
Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?
 
Атаки на мобильные сети
Атаки на мобильные сетиАтаки на мобильные сети
Атаки на мобильные сети
 
Top 5 wi fi security threats
Top 5 wi fi security threatsTop 5 wi fi security threats
Top 5 wi fi security threats
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Offline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionOffline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encription
 
Gen4 Raptor Flyer
Gen4 Raptor FlyerGen4 Raptor Flyer
Gen4 Raptor Flyer
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for Dummies
 
Ss r164 d4eb4em212t
Ss r164 d4eb4em212tSs r164 d4eb4em212t
Ss r164 d4eb4em212t
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-A
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a Nutshell
 
Exp w21
Exp w21Exp w21
Exp w21
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
 
Penetration Testing as an auditing tool
Penetration Testing as an auditing toolPenetration Testing as an auditing tool
Penetration Testing as an auditing tool
 
Wireless security
Wireless securityWireless security
Wireless security
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
 
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
 

En vedette

Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1Patrick Kenney
 
A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsJohn Rhoton
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementJohn Rhoton
 
KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013KarmaCom Inc
 
Enterprise Preparation for IPv6
Enterprise Preparation for IPv6Enterprise Preparation for IPv6
Enterprise Preparation for IPv6John Rhoton
 
System Center Mobile Device Manager
System Center Mobile Device ManagerSystem Center Mobile Device Manager
System Center Mobile Device ManagerJohn Rhoton
 
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...Patrick Kenney
 
Nutricio I Dieta
Nutricio I DietaNutricio I Dieta
Nutricio I Dietaguesteb4ee1
 
Cloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsCloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsJohn Rhoton
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud ServicesJohn Rhoton
 
Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6John Rhoton
 
RSA - WLAN Hacking
RSA - WLAN HackingRSA - WLAN Hacking
RSA - WLAN HackingJohn Rhoton
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the EnterpriseJohn Rhoton
 
Cloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapCloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapJohn Rhoton
 
Cloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerCloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerJohn Rhoton
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 

En vedette (18)

Pruebas de aptitud 2013
Pruebas de aptitud 2013Pruebas de aptitud 2013
Pruebas de aptitud 2013
 
Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1
 
A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection Solutions
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy Enforcement
 
KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013
 
Enterprise Preparation for IPv6
Enterprise Preparation for IPv6Enterprise Preparation for IPv6
Enterprise Preparation for IPv6
 
System Center Mobile Device Manager
System Center Mobile Device ManagerSystem Center Mobile Device Manager
System Center Mobile Device Manager
 
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
 
Nutricio I Dieta
Nutricio I DietaNutricio I Dieta
Nutricio I Dieta
 
Cloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsCloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and Trends
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud Services
 
Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6
 
RSA - WLAN Hacking
RSA - WLAN HackingRSA - WLAN Hacking
RSA - WLAN Hacking
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the Enterprise
 
Cloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapCloud Computing Challenges - Beamap
Cloud Computing Challenges - Beamap
 
Cloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerCloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to consider
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Peter Pan
Peter PanPeter Pan
Peter Pan
 

Similaire à Unauthorized Wireless Network Connections

IPv6 Security - Where is the Challenge?
IPv6 Security - Where is the Challenge?IPv6 Security - Where is the Challenge?
IPv6 Security - Where is the Challenge?RIPE NCC
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Securitycclark_isec
 
CSI - Poor Mans Guide To Espionage Gear
CSI - Poor Mans Guide To Espionage GearCSI - Poor Mans Guide To Espionage Gear
CSI - Poor Mans Guide To Espionage Gearshawn_merdinger
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)Digital Bond
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AlivePositive Hack Days
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slidesguest1c1a9a
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomwareAlgoSec
 
Issnip Presentation
Issnip PresentationIssnip Presentation
Issnip Presentationpauldeng
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikPositive Hack Days
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay aliveqqlan
 
Sergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveSergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveDefconRussia
 
Gigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGrant Swanson
 
[SOS 2009] D-Link: Red Segura L2 L3
[SOS 2009] D-Link: Red Segura L2 L3[SOS 2009] D-Link: Red Segura L2 L3
[SOS 2009] D-Link: Red Segura L2 L3Chema Alonso
 
The Other Side Of The Fence. Dealing With Hackers And Malware
The Other Side Of The Fence. Dealing With Hackers And MalwareThe Other Side Of The Fence. Dealing With Hackers And Malware
The Other Side Of The Fence. Dealing With Hackers And MalwarePrasanna V
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityCambridge Intelligence
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDebra Baker, CISSP CSSP
 
Bluetooth Vulnerabilities
Bluetooth VulnerabilitiesBluetooth Vulnerabilities
Bluetooth VulnerabilitiesVictorYee
 

Similaire à Unauthorized Wireless Network Connections (20)

IPv6 Security - Where is the Challenge?
IPv6 Security - Where is the Challenge?IPv6 Security - Where is the Challenge?
IPv6 Security - Where is the Challenge?
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
CSI - Poor Mans Guide To Espionage Gear
CSI - Poor Mans Guide To Espionage GearCSI - Poor Mans Guide To Espionage Gear
CSI - Poor Mans Guide To Espionage Gear
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slides
 
wifi
wifiwifi
wifi
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Issnip Presentation
Issnip PresentationIssnip Presentation
Issnip Presentation
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey Gordeychik
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay alive
 
Sergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveSergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay alive
 
Gigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP Technology
 
Secured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRRSecured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRR
 
[SOS 2009] D-Link: Red Segura L2 L3
[SOS 2009] D-Link: Red Segura L2 L3[SOS 2009] D-Link: Red Segura L2 L3
[SOS 2009] D-Link: Red Segura L2 L3
 
The Other Side Of The Fence. Dealing With Hackers And Malware
The Other Side Of The Fence. Dealing With Hackers And MalwareThe Other Side Of The Fence. Dealing With Hackers And Malware
The Other Side Of The Fence. Dealing With Hackers And Malware
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber Security
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptx
 
Bluetooth Vulnerabilities
Bluetooth VulnerabilitiesBluetooth Vulnerabilities
Bluetooth Vulnerabilities
 

Plus de John Rhoton

Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityJohn Rhoton
 
Business Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingBusiness Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingJohn Rhoton
 
Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationJohn Rhoton
 
Clouds in the Enterprise
Clouds in the EnterpriseClouds in the Enterprise
Clouds in the EnterpriseJohn Rhoton
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenJohn Rhoton
 
Peer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowPeer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowJohn Rhoton
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesJohn Rhoton
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device ManagementJohn Rhoton
 

Plus de John Rhoton (8)

Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for Security
 
Business Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingBusiness Perspectives on Cloud Computing
Business Perspectives on Cloud Computing
 
Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise Implementation
 
Clouds in the Enterprise
Clouds in the EnterpriseClouds in the Enterprise
Clouds in the Enterprise
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für Großunternehmen
 
Peer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowPeer-based Enterprise Document Workflow
Peer-based Enterprise Document Workflow
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device Management
 

Dernier

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Unauthorized Wireless Network Connections

  • 1. Unauthorized Wireless Connectivity John Rhoton Mobile Technology Lead HP Services 1
  • 2. Risk Benefit Analysis • Weak Protocols • Uncertified Devices • Poor Configuration • Insecure Infrastructure • Careful Monitoring • No User Guidance • No Administrative Control 2
  • 3. Agenda • Unmanaged Bluetooth • Rogue WLANs • WWAN backdoors • Underground IPv6 • Best Practices 3
  • 4. Bluetooth Threats • Poorly configured devices – Compromise device • Sensitive data • Credentials – Compromise network • Unauthorized access • Denial of Service • Default configurations insufficient 4
  • 5. Bluetooth vulnerability • PIN Attack – Often hard-coded – Usually short (4-digit) – Passive key interception • Bluejacking – Virus Propagation • Bluesnarfing – Bluesniping 5
  • 7. Rogue Access Points • Highest risk when WLANs are NOT implemented – Completely unsecured by default – Usually Connected by naïve users – Can be strategically placed by intruders 7
  • 8. Decoy Access Points • Troubleshooting nightmare • Denial of Service • Credential interception • SSL redirection 8
  • 9. Unauthorized Wireless Bridge Private LAN Public Network 9
  • 13. Bridge device • No need for integrated WWAN • PCMCIA card sufficient • Modem – Bluetooth phone – USB / RS-232 phone • Virtually impossible to prevent unless desktops/laptops are locked down! 13
  • 14. Rogue IPv6 Devices / Networks What you don’t know will hurt you • Unauthorized IPv6 devices – Windows XP: ipv6 install • Unauthorized Hijacked Networks Computer Private – Internal tunnels Public Internet Network • Compromised Perimeter Victim – External tunnels Intruder 14
  • 15. IPv6 Transition Exposure • IPv6 is available • IPv6 is in use • IPv6 is on many private networks • IPv6 magnifies the wireless vulnerabilities • Corporate Security – does not monitor IPv6 • Corporate IT – is not familiar with IPv6 • This is irresponsible! 15
  • 16. Threat Identification and Intrusion Prevention • Intrusion Detection Products – Manual – Sensors – Infrastructure • Network Monitoring • Revised Security Model 16
  • 17. Refined Network Access • Binary Access Insufficient Access Intranet Internet • Health checks become mandatory (NAP/NAC) • Complete Access Layer secured (e.g. 802.1x) 17
  • 18. Role-based Access Control • Bluesocket • Aruba • Perfigo (Cisco) • HP ProCurve • Cranite (Vernier) User Role Time Access Schedule IP Address Port Control VLAN Location 18
  • 19. Network Compartmentalization Adaptive Network Architecture Virus Throttling 19
  • 20. User Education • Danger awareness • Caution on interfaces • Configuration guidance • Corporate policy 20
  • 21. Mobile Device Security Management • Platform selection – Software/Firmware Upgrades – Patch Management • Configuration Management • Policy enforcement – Passwords Security – Device lock – Policy updates • User support – Device lockout Usability – Backup/restore 21
  • 22. Summary • Security concerns are the greatest inhibitor to mobility • Wireless networks and devices introduce new risks • Ignoring these technologies does not make the risks disappear! • The key to mobile security is a thorough reevaluation of existing security 22
  • 23. Questions? Contact me at: http://www.linkedin.com/in/rhoton 23