Upload
john-rhoton
View
1.906
Download
1
Tags:
Embed Size (px)
Citation preview
WLAN HackingThreats and Countermeasures
WLAN HackingThreats and Countermeasures
RSA Europe, Vienna, 18 OctoberRSA Europe, Vienna, 18 October
John RhotonHP Services, Mobile Technology Lead
John RhotonHP Services, Mobile Technology Lead
Objectives
• Describe state of WLAN security
— Mechanisms
— Vulnerabilities/threats/exploits
• Provide countermeasures and best practices to address threats
• Requires management of authorized MAC addresses
• LAA (Locally Administered Address) can override UAA (Universally Administered Address)
MAC Filters
802.11b Security Vulnerabilities
• Symmetric secret keys
—Poor key management
—Hardware theft is equivalent to key theft
• Algorithmic weaknesses
—WEP
—Packet spoofing, disassociation attack
—Replay attack
• Decoy AP
• Rogue AP
Equipment of a Wi-Fi freeloader
• Mobile device
— Linux
— Windows
— Pocket PC
• Wireless card
— Orinoco card
— Prism 2 card
• Driver for promiscuous mode
• Cantenna and wireless MMCX to N type cable
Tools
• NetStumbler—access point reconnaissance
— http://www.netstumbler.com
• WEPCrack—breaks 802.11 keys
— http://wepcrack.sourceforge.net/
• AirSnort—breaks 802.11 keys
— Needs only 5-10 million packets
— http://airsnort.shmoo.com/
• chopper
— Released August 2004
— Reduces number of necessary packets to 200-500 thousand
• Aircrack, Airopeek, Airsnare, Airmagnet, Airjack, Aerosol, Kismet, Packetyzer, NAI Sniffer, Retina WiFi Scanner…
FBI – ISSA Los Angeles 2005
FBI Computer Scientist James C. Smith (left) &
FBI Special Agent Geoff Bickers (right)
broke 128-bit WEP key in three minutes
Ten-minute WEP crack
• Kismet
— reconnaissance
• Airodump
— WEP cracking
• Void11
— deauth attack
• Aireplay
— replay attack
Source: tom’s networking
Wireless LAN security evolution
1999 2003 2005
WEPWEP
WPAWPA
802.11i /WPA2
802.11i /WPA2
Timeline
Privacy: 40 bit RC4 with 24 bit IV
Auth: SSID and Shared key
Integrity: CRC
Privacy: Per packet keying (RC4) with 48 bit IV
Auth: 802.1x+ EAP
Integrity: MIC
Privacy: AES
Auth: 802.1x+ EAP
Integrity: MIC
Secu
rity
Improved Security Proposals ( WPA)
• Temporal Key Integrity Protocol
—Fast/Per packet keying
—Message Integrity Check (MIC)
• Multilinear Modular Hash (MMH replaces CRC)
• WPA-Personal
—Pre-shared key (Alphanumeric password)
• WPA-Enterprise
—802.1x (adapted for 802.11 MAC by 802.11i WG) with EAP
—No predefined EAP mechanisms
IEEE 802.1x Explanation
Controlled port
Uncontrolled port
Supplicant Authentication Server
Authenticator
• Restricts physical access to the WLAN
• Handles automated key change
• Can use existing authentication system
EAP Methods client/server dependent
• Both Client and RADIUS server must support same EAP method
• Microsoft
—supports EAP API for XP and W2K.
—EAP-MD5 disallowed for wireless
—EAP-TLS in Windows XP release
—Service pack 1 adds protected EAP (PEAP)
• MS-CHAPv2—passwords
• TLS (SSL channel)—certificates
PEAP-EAP-TLS a little slower than EAP-TLS
• SecurID—but not tested/supported for wireless
802.1x Implementation
• 802.1x supplicant
• 802.1x capable Access Point
• 802.1x Authorization Server
Supplicant(Client)
Authenticator(Access Point)
Authentication Server(RADIUS Server)
RADIUS802.1xEAP EAP
TKIP / MIC
• Ratified June 2004
• AES selected by National Institute of Standards and Technology (NIST) as replacement for DES
• Symmetric-key block cipher
• Computationally efficient
• Can use large keys (> 1024 bits)
• Cipher Block Chaining Message Authentication Code (CBC-MAC or CCMP) replaces TKIP—RFC 3610
• May require equipment upgrades—Some WPA implementations already support AES
• Update for Windows XP (KB893357)
• Transition Security Networks (TSN) interoperate with WEP
• Robust Security Networks (RSN) prohibit WEP
802.11i / WPA2
Role-based Access Control
• Bluesocket
• Perfigo (Cisco)
• Cranite
• Aruba
• HP ProCurve (Vernier)
Role
Schedule
Location
UserAccessControl
IP Address PortTime
VLAN
Enterprise WLAN Security Options
• WPA – Enterprise— Eventual transition to 802.11i
— Requires WPA-compliant APs and NICs
• VPN Overlay— Performance overhead (20-30%)
— VPN Concentrator required
• RBAC— Additional appliance and infrastructure
— Most refined access
Home WLAN: WEP key rotation, firewall, intrusion detection
Public WLAN: MAC address filter, secure billing, VPN passthrough
Rogue Access Points
• Highest risk when WLANs are NOT implemented
— Usually completely unsecured
— Connected by naïve (rather than malicious) users
• Intrusion Detection Products
— Manual, Sensors, Infrastructure
• Multi-layer perimeters
— 802.1x
— RBAC, VPNInternetIntranetAccess
Summary
• WLAN security had a bad start
— WEP is insufficient
— MAC filtering is even worse
• WPA and 802.11i are solid
— As far as we know today…
• Consider multi-layer perimeter control (VPN, RBAC)
• Opt-out disabled
— Rogue access points are the biggest threat of all!
Send mail to: [email protected]