Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Gathering Information NETW 05A: APPLIED WIRELESS SECURITY By Mohammad Shanehsaz

advertisement 
NETW 05A: APPLIED WIRELESS
SECURITY
Gathering Information
By Mohammad Shanehsaz
February 1, 2005
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
objectives
Locate & Identify Wireless LANs within
and around a facility:
War Driving
War Chalking
War Flying
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
objectives
Describe how intruders use profiling to
select a target or gather information:
Searching publicly available resources
Social engineering
Wireless peer attacks to obtain
corporate information
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Target Profiling
A term that is demonstrated by the
action of choosing a target for hacking,
and then doing some research about it.
Target profiling is not for the casual
seeker of free wireless internet access,
but is done by professional hacker (
profiler), with a set of tools , and plenty
of times.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Publicly Available information
The Internet is a wonderful tool for
finding most anything, including
information about individuals,
corporations, and network security
information.
A small amount of personal information
can expose much more critical data for
a hacker
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Publicly Available Information
A malicious individual can find :
Who you are
Names of family members
Where you live and work
If your work place has a wireless LAN
What wireless security solutions are
used by a particular company
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Public WLAN Maps
Netstumbler can be used to sniff out
wireless LANs, it also offers a unique
mapping of the all reported wireless
LANs that netstumbler have found.
There are many web sites that contains
similar information, www.wigle.net
They provide quick and easy location of
public wireless Internet access.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Search Engines
Search engines are the researcher's
best friends.
Any potential target of a hacker likely
has or knows something of a value to
the hacker, doing a simple search on
Google, or any other search engine, can
turn up a lot of information that can
help a hacker figure out passwords, or
types of security solutions that are in
place.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
War driving
It is used for discovering open wireless
LANs, or free high-speed Internet
access
Using simple auditing tools, a malicious
attacker can scan a network for other
devices or even use the VPN connection
from the gateway into a corporate
network
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Connecting and Trace Routing
After War driving and finding a wireless
network, a hacker can use trace route
utility, to resolves the name of all the
hops between his or her computer, and
that of another host, and the ISP to
which the organization is connected.
Trace routing gives the attacker a way
to find out where he is logically located
on the Internet.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
War chalking
War chalking is a relatively new term that
originated from the practice of war driving.
There is a developing language of signs for
those who practice war chalking, most of which
can be found at www.warchalking.org
It is used by hackers to help other hackers
If a war chalk drawing is found on your
premises, it should be erased, and you should
be alert for further possibility of intrusion.
Configure your wireless network to be closednot broadcasting any SSID at all.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Tools, Traffic, & Social
Engineering
As IT professionals learn how to design and
build secure wireless networks, so the tools
we discussed previously will be useless.
Social Engineering is typically the hacker’s
next approach, which is convincing someone
to give out information that they should not
give hacker.
Social engineering has the potential of
rendering even the most sophisticated
security solution useless.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Tools, Traffic, & Social
Engineering
There are some well-known targets for
social engineering attacks:
The help desk
On-site contractors
Employees ( end-users )
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
The Help Desk
The help desk is in place to assist those
individuals who need help with some
aspect of a computer or network.
It is crucial to train them exactly which
pieces of information related to wireless
network should not be given out
without the proper authorization.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Exclusion items
SSID of access points
WEP key(s)
Physical locations of access points and
bridges
Usernames and passwords for network
access and services (i.e. email)
Passwords and SNMP strings for
infrastructure equipment
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Help Desk ( continue )
The auditor should ( and the hacker will
) use two particular tactics when
dealing with help desk personnel:
Forceful, yet professional language.
Playing dumb
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Contractors
It contractors are commonplace at many
businesses today.
Very few are put through organizational security
training, or given a copy of the company security
policy, or required to sign privacy agreement.
They are privy to the exclusive details about
network resources.
Strong security solutions that rely on multi-factor
authentication are recommended
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Employees
Employees often share private information
such as login information with one another.
Login information on sticky notes under
keyboards and on monitors.
Most computer users are not computer
network or security savvy.
They need to be educated about the danger
that unauthorized access via the wireless
network can pose to the organization and to
themselves
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Traffic Pattern Analysis
Traffic pattern analysis helps the
intruders of where the majority of the
traffic on the network is going, the time
, the types, which help them to
determine what resources are important
the company.
It will help them to determine if there
are honeypots on the network, so they
won’t get trap.
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Resources
CWSP certified wireless security
professional, from McGraw-Hill
This work is supported by the
National Science Foundation under
Grant Number DUE-0302909.
Any opinions, findings and conclusions or recommendations expressed in this material are
those of the author(s) and do not necessarily reflect those of the National Science Foundation.
Related documents
GROUP FACTOIDS
GROUP FACTOIDS
Disclaimers: This is a teacher webpage. It has been approved... Opinions expressed on this page are those of teachers and...
Disclaimers: This is a teacher webpage. It has been approved... Opinions expressed on this page are those of teachers and...
Knowing the difference between facts and opinions
Knowing the difference between facts and opinions
Research Paper Overview
Research Paper Overview
Current Events presentations
Current Events presentations
Reading and Writing With Your Child
Reading and Writing With Your Child
Download
advertisement