An Overview of Wireless Security

1
An Overview of Wireless Security

• Presenter David Pabin

2
What this presentation covers

• Brief history
• Technologies
• Security
• Security Flaws
• Breaking Security
• Conclusions

3
A Short History of Wireless

• Wireless telegraph
• Radio
• Television
• ALOHANET
• 802.11
• Bluetooth

4
Wireless Technologies

• 802.11
• What everyone thinks of when they hear wireless
• Most networks have access point/NIC
  infrastructure
• Ad hoc possible
• Bluetooth
• Used for Personal Area Networks
• Mostly for peripherals, PDAs, cell phones, etc.
• Ad hoc the default infrastructure possible

5
Security 802.11

• No required security standard
• 2 modes described by the IEEE standard
• Open mode
• No security or encryption
• WEP
• Uses a 40 or 128 bit encryption key shared
  between access point and NIC
• Client authentication and data encryption

6
Security - Bluetooth

• No required security standard
• 3 security options
• Non-secure mode
• No encryption or verification anyone can join
  PAN
• Service level enforced security mode
• Application level filtering
• Occurs after a connection is already established
• Link-level security mode
• Device level filtering
• Occurs prior to establishing a connection

7
Security Flaws 802.11

• WEP improperly uses RC4 algorithm!
• This is the major reason WEP is considered
  insecure
• One-directional authentication
• Man-in-the-middle attacks
• CRC for verification instead of encryption
• Allows for packet modification

8
Security Flaws - Bluetooth

• Disclosure of unit key
• Allows for eavesdropping on encrypted
  conversations
• Bluetooth device address
• If traced to a user, could be used to track their
  movements/device usage patterns
• Power draining attacks
• Via repeat requests for authentication

9
Breaking Security - Tools

• NetStumbler
• Scanning tool
• Popular with war drivers
• AirSnort
• WEP cracking tool
• Both tools freely available on the internet

10
Breaking Security NetStumbler Results

• Easy installation
• Up and running within a minute
• No technical knowledge necessary
• Simple UI
• Information color/sound coded
• Intuitive representation
• Useful features
• Scripting and GPS interoperability
• Evaluation fantastic!

11
Breaking Security AirSnort Results

• Installation tricky
• Random hodgepodge of dependencies
• May need new device drivers
• Simple UI
• Easy to follow what is going on if you know how
  AirSnort works
• UI locks up in windows when the number of
  captured packets is high
• Consumes all your CPU time
• Due to freezing UI/low network traffic/lack of
  time, could not successfully hack my home network!

12
Conclusions

• Someone needs to put the security in wireless
  security
• Wireless protocols fail to compensate for the
  issues their medium inherently creates
• User ignorance makes the problem dangerous
• Its only a matter of time before this all blows
  up in our faces Lets hope the next generation
  of wireless products solves these problems and is
  in place before that can happen!

13

• Questions?