SlideShare une entreprise Scribd logo

Unauthorized Wireless Network Connections

Télécharger en tant que PPTX, PDF
John Rhoton
John Rhoton

Unauthorised Wireless Network Access ISSE 2006

Technologie
1  sur  23
Unauthorized Wireless Connectivity John Rhoton Mobile Technology Lead HP Services 1
Risk Benefit Analysis • Weak Protocols • Uncertified Devices • Poor Configuration • Insecure Infrastructure • Careful Monitoring • No User Guidance • No Administrative Control 2
Agenda • Unmanaged Bluetooth • Rogue WLANs • WWAN backdoors • Underground IPv6 • Best Practices 3
Bluetooth Threats • Poorly configured devices – Compromise device • Sensitive data • Credentials – Compromise network • Unauthorized access • Denial of Service • Default configurations insufficient 4
Bluetooth vulnerability • PIN Attack – Often hard-coded – Usually short (4-digit) – Passive key interception • Bluejacking – Virus Propagation • Bluesnarfing – Bluesniping 5
Bluetooth Configuration 6
Rogue Access Points • Highest risk when WLANs are NOT implemented – Completely unsecured by default – Usually Connected by naïve users – Can be strategically placed by intruders 7
Decoy Access Points • Troubleshooting nightmare • Denial of Service • Credential interception • SSL redirection 8
Unauthorized Wireless Bridge Private LAN Public Network 9
Trojans, Crawlers and Bots 10
Port Forwarding 11
Reverse Network Address Translation 12
Bridge device • No need for integrated WWAN • PCMCIA card sufficient • Modem – Bluetooth phone – USB / RS-232 phone • Virtually impossible to prevent unless desktops/laptops are locked down! 13
Rogue IPv6 Devices / Networks What you don’t know will hurt you • Unauthorized IPv6 devices – Windows XP: ipv6 install • Unauthorized Hijacked Networks Computer Private – Internal tunnels Public Internet Network • Compromised Perimeter Victim – External tunnels Intruder 14
IPv6 Transition Exposure • IPv6 is available • IPv6 is in use • IPv6 is on many private networks • IPv6 magnifies the wireless vulnerabilities • Corporate Security – does not monitor IPv6 • Corporate IT – is not familiar with IPv6 • This is irresponsible! 15
Threat Identification and Intrusion Prevention • Intrusion Detection Products – Manual – Sensors – Infrastructure • Network Monitoring • Revised Security Model 16
Refined Network Access • Binary Access Insufficient Access Intranet Internet • Health checks become mandatory (NAP/NAC) • Complete Access Layer secured (e.g. 802.1x) 17
Role-based Access Control • Bluesocket • Aruba • Perfigo (Cisco) • HP ProCurve • Cranite (Vernier) User Role Time Access Schedule IP Address Port Control VLAN Location 18
Network Compartmentalization Adaptive Network Architecture Virus Throttling 19
User Education • Danger awareness • Caution on interfaces • Configuration guidance • Corporate policy 20
Mobile Device Security Management • Platform selection – Software/Firmware Upgrades – Patch Management • Configuration Management • Policy enforcement – Passwords Security – Device lock – Policy updates • User support – Device lockout Usability – Backup/restore 21
Summary • Security concerns are the greatest inhibitor to mobility • Wireless networks and devices introduce new risks • Ignoring these technologies does not make the risks disappear! • The key to mobile security is a thorough reevaluation of existing security 22
Questions? Contact me at: http://www.linkedin.com/in/rhoton 23

Recommandé

Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your Drone
Jose L. Quiñones-Borrero
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
EC-Council
 
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Positive Hack Days
 
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsBank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Michelle Morgan-Nelsen
 
StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware
Lancope, Inc.
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail Industry
Invincea, Inc.
 
NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)
Opposing Force S.r.l.
 

Recommandé

Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
Security B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your DroneSecurity B Sides Puerto Rico - Weaponizing your Drone
Security B Sides Puerto Rico - Weaponizing your Drone
Jose L. Quiñones-Borrero
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
EC-Council
 
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Критически опасные уязвимости в популярных 3G- и 4G-модемах или как построить...
Positive Hack Days
 
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security ThreatsBank ATM Security to Combat Physical and Logical Cyber Security Threats
Bank ATM Security to Combat Physical and Logical Cyber Security Threats
Michelle Morgan-Nelsen
 
StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware StealthWatch & Point-of-Sale (POS) Malware
StealthWatch & Point-of-Sale (POS) Malware
Lancope, Inc.
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail Industry
Invincea, Inc.
 
NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)NFC: Naked Fried Chicken (PHDays VI)
NFC: Naked Fried Chicken (PHDays VI)
Opposing Force S.r.l.
 
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Symantec
 
Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?
Cristian Garcia G.
 
Атаки на мобильные сети
Атаки на мобильные сетиАтаки на мобильные сети
Атаки на мобильные сети
Ekaterina Melnik
 
Top 5 wi fi security threats
Top 5 wi fi security threatsTop 5 wi fi security threats
Top 5 wi fi security threats
gruzabb
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
Icomm Technologies
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
Luca Bongiorni
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
frcarlson
 
Offline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionOffline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encription
malvvv
 
Gen4 Raptor Flyer
Gen4 Raptor FlyerGen4 Raptor Flyer
Gen4 Raptor Flyer
Tyler Rack
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)
military
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for Dummies
Elsa Cariello
 
Ss r164 d4eb4em212t
Ss r164 d4eb4em212tSs r164 d4eb4em212t
Ss r164 d4eb4em212t
securitall
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-A
Jim Stockstill
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a Nutshell
Pieter Cloete
 
Exp w21
Exp w21Exp w21
Exp w21
SelectedPresentations
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Olga Kochetova
 
Penetration Testing as an auditing tool
Penetration Testing as an auditing toolPenetration Testing as an auditing tool
Penetration Testing as an auditing tool
syrinxtech
 
Wireless security
Wireless securityWireless security
Wireless security
Aurobindo Nayak
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
Shakacon
 
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Novell
 
Pruebas de aptitud 2013
Pruebas de aptitud 2013Pruebas de aptitud 2013
Pruebas de aptitud 2013
Roberto Serrano
 
Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1
Patrick Kenney
 

Contenu connexe

Tendances

Атаки на мобильные сети
Атаки на мобильные сетиАтаки на мобильные сети
Атаки на мобильные сети
Ekaterina Melnik
 
Top 5 wi fi security threats
Top 5 wi fi security threatsTop 5 wi fi security threats
Top 5 wi fi security threats
gruzabb
 
Offline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionOffline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encription
malvvv
 
Gen4 Raptor Flyer
Gen4 Raptor FlyerGen4 Raptor Flyer
Gen4 Raptor Flyer
Tyler Rack
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-A
Jim Stockstill
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a Nutshell
Pieter Cloete
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Olga Kochetova
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
Shakacon
 

Tendances (20)

Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to StopPoint of Sale (POS) Malware: Easy to Spot, Hard to Stop
Point of Sale (POS) Malware: Easy to Spot, Hard to Stop
 
Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?Es la Prevención de Fraude un Buen negocio?
Es la Prevención de Fraude un Buen negocio?
 
Атаки на мобильные сети
Атаки на мобильные сетиАтаки на мобильные сети
Атаки на мобильные сети
 
Top 5 wi fi security threats
Top 5 wi fi security threatsTop 5 wi fi security threats
Top 5 wi fi security threats
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Offline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encriptionOffline attacks-and-hard-disk-encription
Offline attacks-and-hard-disk-encription
 
Gen4 Raptor Flyer
Gen4 Raptor FlyerGen4 Raptor Flyer
Gen4 Raptor Flyer
 
UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)
 
An introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for DummiesAn introduction to Unified Threat Management (UTM), for Dummies
An introduction to Unified Threat Management (UTM), for Dummies
 
Ss r164 d4eb4em212t
Ss r164 d4eb4em212tSs r164 d4eb4em212t
Ss r164 d4eb4em212t
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-A
 
Video IQ in a Nutshell
Video IQ in a NutshellVideo IQ in a Nutshell
Video IQ in a Nutshell
 
Exp w21
Exp w21Exp w21
Exp w21
 
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
Hack your ATM with friend's Raspberry.Py (Black Hat EU-2014)
 
Penetration Testing as an auditing tool
Penetration Testing as an auditing toolPenetration Testing as an auditing tool
Penetration Testing as an auditing tool
 
Wireless security
Wireless securityWireless security
Wireless security
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
 
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
 

En vedette

KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013
KarmaCom Inc
 
Nutricio I Dieta
Nutricio I DietaNutricio I Dieta
Nutricio I Dieta
guesteb4ee1
 

En vedette (18)

Pruebas de aptitud 2013
Pruebas de aptitud 2013Pruebas de aptitud 2013
Pruebas de aptitud 2013
 
Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1Renewable Mat Health Care Mkts Rev.Z1
Renewable Mat Health Care Mkts Rev.Z1
 
A Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection SolutionsA Critical Analysis of Microsoft Data Protection Solutions
A Critical Analysis of Microsoft Data Protection Solutions
 
ISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy EnforcementISSE Mobile Device Policy Enforcement
ISSE Mobile Device Policy Enforcement
 
KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013KarmaCom Inc Capabilities Version 2013
KarmaCom Inc Capabilities Version 2013
 
Enterprise Preparation for IPv6
Enterprise Preparation for IPv6Enterprise Preparation for IPv6
Enterprise Preparation for IPv6
 
System Center Mobile Device Manager
System Center Mobile Device ManagerSystem Center Mobile Device Manager
System Center Mobile Device Manager
 
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
Green Harvest Technologies LLC presentation at TEDx Great Pacific Garbage Pat...
 
Nutricio I Dieta
Nutricio I DietaNutricio I Dieta
Nutricio I Dieta
 
Cloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and TrendsCloud Computing 2013: Status and Trends
Cloud Computing 2013: Status and Trends
 
Securing Cloud Services
Securing Cloud ServicesSecuring Cloud Services
Securing Cloud Services
 
Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6Optimizing Cloud Computing with IPv6
Optimizing Cloud Computing with IPv6
 
RSA - WLAN Hacking
RSA - WLAN HackingRSA - WLAN Hacking
RSA - WLAN Hacking
 
IPv6 for the Enterprise
IPv6 for the EnterpriseIPv6 for the Enterprise
IPv6 for the Enterprise
 
Cloud Computing Challenges - Beamap
Cloud Computing Challenges - BeamapCloud Computing Challenges - Beamap
Cloud Computing Challenges - Beamap
 
Cloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to considerCloud Deployment Strategy: Challenges to consider
Cloud Deployment Strategy: Challenges to consider
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
Peter Pan
Peter PanPeter Pan
Peter Pan
 

Similaire à Unauthorized Wireless Network Connections

How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
Positive Hack Days
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slides
guest1c1a9a
 
Issnip Presentation
Issnip PresentationIssnip Presentation
Issnip Presentation
pauldeng
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey Gordeychik
Positive Hack Days
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay alive
qqlan
 
Gigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP Technology
Grant Swanson
 

Similaire à Unauthorized Wireless Network Connections (20)

IPv6 Security - Where is the Challenge?
IPv6 Security - Where is the Challenge?IPv6 Security - Where is the Challenge?
IPv6 Security - Where is the Challenge?
 
Mobile Application Security
Mobile Application SecurityMobile Application Security
Mobile Application Security
 
CSI - Poor Mans Guide To Espionage Gear
CSI - Poor Mans Guide To Espionage GearCSI - Poor Mans Guide To Espionage Gear
CSI - Poor Mans Guide To Espionage Gear
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slides
 
wifi
wifiwifi
wifi
 
2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware2021 01-13 reducing risk-of_ransomware
2021 01-13 reducing risk-of_ransomware
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Issnip Presentation
Issnip PresentationIssnip Presentation
Issnip Presentation
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey Gordeychik
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay alive
 
Sergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay aliveSergey Gordeychik - How to hack a telecom and stay alive
Sergey Gordeychik - How to hack a telecom and stay alive
 
Gigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP TechnologyGigamon U - Missing Link TAP Technology
Gigamon U - Missing Link TAP Technology
 
Secured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRRSecured Internet Gateway for ISP with pfsense & FRR
Secured Internet Gateway for ISP with pfsense & FRR
 
[SOS 2009] D-Link: Red Segura L2 L3
[SOS 2009] D-Link: Red Segura L2 L3[SOS 2009] D-Link: Red Segura L2 L3
[SOS 2009] D-Link: Red Segura L2 L3
 
The Other Side Of The Fence. Dealing With Hackers And Malware
The Other Side Of The Fence. Dealing With Hackers And MalwareThe Other Side Of The Fence. Dealing With Hackers And Malware
The Other Side Of The Fence. Dealing With Hackers And Malware
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber Security
 
Disruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptxDisruptionware-TRustedCISO103020v0.7.pptx
Disruptionware-TRustedCISO103020v0.7.pptx
 
Bluetooth Vulnerabilities
Bluetooth VulnerabilitiesBluetooth Vulnerabilities
Bluetooth Vulnerabilities
 

Plus de John Rhoton

Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise Implementation
John Rhoton
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für Großunternehmen
John Rhoton
 

Plus de John Rhoton (8)

Cloud Computing: New Approaches for Security
Cloud Computing: New Approaches for SecurityCloud Computing: New Approaches for Security
Cloud Computing: New Approaches for Security
 
Business Perspectives on Cloud Computing
Business Perspectives on Cloud ComputingBusiness Perspectives on Cloud Computing
Business Perspectives on Cloud Computing
 
Cloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise ImplementationCloud Computing Explained: Guide to Enterprise Implementation
Cloud Computing Explained: Guide to Enterprise Implementation
 
Clouds in the Enterprise
Clouds in the EnterpriseClouds in the Enterprise
Clouds in the Enterprise
 
Cloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für GroßunternehmenCloud Computing: Hindernisse und Chancen für Großunternehmen
Cloud Computing: Hindernisse und Chancen für Großunternehmen
 
Peer-based Enterprise Document Workflow
Peer-based Enterprise Document WorkflowPeer-based Enterprise Document Workflow
Peer-based Enterprise Document Workflow
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device Management
 

Dernier

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Dernier (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Unauthorized Wireless Network Connections

  • 1. Unauthorized Wireless Connectivity John Rhoton Mobile Technology Lead HP Services 1
  • 2. Risk Benefit Analysis • Weak Protocols • Uncertified Devices • Poor Configuration • Insecure Infrastructure • Careful Monitoring • No User Guidance • No Administrative Control 2
  • 3. Agenda • Unmanaged Bluetooth • Rogue WLANs • WWAN backdoors • Underground IPv6 • Best Practices 3
  • 4. Bluetooth Threats • Poorly configured devices – Compromise device • Sensitive data • Credentials – Compromise network • Unauthorized access • Denial of Service • Default configurations insufficient 4
  • 5. Bluetooth vulnerability • PIN Attack – Often hard-coded – Usually short (4-digit) – Passive key interception • Bluejacking – Virus Propagation • Bluesnarfing – Bluesniping 5
  • 7. Rogue Access Points • Highest risk when WLANs are NOT implemented – Completely unsecured by default – Usually Connected by naïve users – Can be strategically placed by intruders 7
  • 8. Decoy Access Points • Troubleshooting nightmare • Denial of Service • Credential interception • SSL redirection 8
  • 9. Unauthorized Wireless Bridge Private LAN Public Network 9
  • 13. Bridge device • No need for integrated WWAN • PCMCIA card sufficient • Modem – Bluetooth phone – USB / RS-232 phone • Virtually impossible to prevent unless desktops/laptops are locked down! 13
  • 14. Rogue IPv6 Devices / Networks What you don’t know will hurt you • Unauthorized IPv6 devices – Windows XP: ipv6 install • Unauthorized Hijacked Networks Computer Private – Internal tunnels Public Internet Network • Compromised Perimeter Victim – External tunnels Intruder 14
  • 15. IPv6 Transition Exposure • IPv6 is available • IPv6 is in use • IPv6 is on many private networks • IPv6 magnifies the wireless vulnerabilities • Corporate Security – does not monitor IPv6 • Corporate IT – is not familiar with IPv6 • This is irresponsible! 15
  • 16. Threat Identification and Intrusion Prevention • Intrusion Detection Products – Manual – Sensors – Infrastructure • Network Monitoring • Revised Security Model 16
  • 17. Refined Network Access • Binary Access Insufficient Access Intranet Internet • Health checks become mandatory (NAP/NAC) • Complete Access Layer secured (e.g. 802.1x) 17
  • 18. Role-based Access Control • Bluesocket • Aruba • Perfigo (Cisco) • HP ProCurve • Cranite (Vernier) User Role Time Access Schedule IP Address Port Control VLAN Location 18
  • 19. Network Compartmentalization Adaptive Network Architecture Virus Throttling 19
  • 20. User Education • Danger awareness • Caution on interfaces • Configuration guidance • Corporate policy 20
  • 21. Mobile Device Security Management • Platform selection – Software/Firmware Upgrades – Patch Management • Configuration Management • Policy enforcement – Passwords Security – Device lock – Policy updates • User support – Device lockout Usability – Backup/restore 21
  • 22. Summary • Security concerns are the greatest inhibitor to mobility • Wireless networks and devices introduce new risks • Ignoring these technologies does not make the risks disappear! • The key to mobile security is a thorough reevaluation of existing security 22
  • 23. Questions? Contact me at: http://www.linkedin.com/in/rhoton 23