This blog is subject the DISCLAIMER below.

Thursday, June 14, 2007

Wireless Security

Wireless technologies have been growing fast in the last decade, which has introduced a wide range of attacking threats. Corporates or individuals that use wireless technologies should be aware of the consequences of using unsecured wireless devices.

To introduce the possible well-known threats, the Evil Twin threat is the perfect start.

The Evil Twin is one of the most popular threats to Wi-Fi users (also known as WiPhishing). It's an access point that replicates another network name, pretending to be that specific network. Some users find unsecured networks connections and think that it’s just another lucky day; actually its not!! Evil Twin typically awaits users that sign into that false access to do the desired attack on the user. Applications, which automatically detects the change of security settings prevents such attacks, are published and easy to use. Or simply stay away from unsecured wireless networks.


The Promiscuous Client (sniffer) is very similar to the Evil Twin. The thing is that it is not based on fooling a user that finds a free unsecured network, it forces him to connect to it. The Promiscuous Client is simply a user roving around armed with a Wi-Fi enabled laptop, a strong Wi-Fi sensor and directional antenna creating a wireless access point, Offering an irresistibly strong signal. 802.11 wireless cards often look for a stronger signal to connect to, so Promiscuous Clients simply transmit their wireless traffic through their fake access point, making their data transmissions accessible to others and their networks vulnerable to potential attacks. It is suggested to use a wireless "sniffer" that can help in monitoring and testing the network airspace.

Bluejacking and Bluesnarfing is all about attacking the Bluetooth wireless technological devices. It’s extremely dangerous to leave the Bluetooth device connection open, where Bluejacking, for instance, allows unauthorized users to send unsolicited messages to the Bluetooth-enabled phone. Bluejacking doesn’t really cause any harm, howerever, it can cause the client to panic or even think that the device is malfunctioning. Bluesnarfing is another Bluetooth threat, but in a harmful way, not like the Bluejacking. Bluesnarfing can steal data from the device. Bluesnarfing can only be controlled by stopping any incoming requests through pairing devices, allowing the trusted devices only to get access to the data. The problem with those attacks is that they are untraceable, so the user is the only one that can protect him from them.

Wireless network viruses (mobile viruses) are electronic viruses that targets wireless-enabled devices. It has become very difficult to secure the devices against attacks in the form of viruses or other malicious software (malwares). Wireless viruses are different than normal viruses, they can detect inner wireless networks, spread among them, attack and harm. To avoid this, install suitable antivirus and keep it up to date constantly.

Defending the threats:
1- WPA or WEP for access control and privacy. WPA and WEP are technologies that encrypt traffic on the network, where all the systems using that network need a key (password) to access it.

2- End to end encryption where encrypting at the network level only isn’t enough, so end to end encryption (typically SSL) is needed for privacy. The thing is that the entire conversation between the client and server is secured, not just the connection.


For further readings:
http://techdir.rutgers.edu/wireless.html http://www.microsoft.com/smallbusiness/resources/technology/broadband_mobility/6_wireless_threats_to_your_business.mspx http://www.wikipedia.com/

No comments: