Monty WiFion and the Quest for the Holy Grail of Network Security! (Repeated from 5/17 at 10:15am)

Andy Malone MVP, MCTSenior Instructor, ConsultantQuality Training (UK) Ltd

SIM301-R

Microsoft Certified Trainer MCT (16 Years)

Worldwide Security & Systems Trainer & Consultant

Microsoft Most Valuable Professional MVP (Enterprise Security)

International Event Speaker

Winner Microsoft Speaker Idol 2006

Andy Malone (UK)

Session Agenda:

IntroductionsWireless intro & historyCurrent & Emerging Wireless TechnologiesWireless Security: The Great Oxymoron Standards & techniquesThreats and CountermeasuresBest Practices

Wireless Introduction & History…

A Wi Fi History Lesson

Wi-Fi was invented in 1991 by NCR Corp & AT&T (later know as Lucent & Agere Systems in Nieuwegein, the Netherlands.Initially for cashier systems. Originally “WaveLAN” with speeds of 1Mbps/2Mbps. Invented by Vic Hayes who has been named 'father of Wi-Fi' and involved in designing standards such as IEEE 802.11b, 802.11a and 802.11g. In 2003, Vic retired. Agere Systems suffered as customers opted for cheaper Wi-Fi solutions. Agere's 802.11abg all-in-one chipset (code named: WARP) never hit the marketAgere Systems quit Wi-Fi market in late 2004.

Courtesy Of CRN

Organizations & Standards

FCC – Regulates ISM bands900 Mhz, 2.4 Mhz, 5.8 Mhz

IEEE – Develops wireless LAN standardsETSI – IEEE for Europe

HiperLAN/2 Similar to IEEE 802.11 standards

WECA (WiFi Alliance) – regulate WiFi labeling

Wi Fi Alliance

The StandardsName Description Note

IEEE 802.1 Bridging (networking) and Network Management

IEEE 802.2 LLC inactiveIEEE 802.3 EthernetIEEE 802.4 Token bus disbanded

IEEE 802.5 Defines the MAC layer for a Token Ring inactive

IEEE 802.6 MANs disbanded

IEEE 802.7 Broadband LAN using Coaxial Cable disbanded

IEEE 802.8 Fiber Optic TAG disbandedIEEE 802.9 Integrated Services LAN disbandedIEEE 802.10 Interoperable LAN Security disbanded

IEEE 802.11 a/b/g/n Wireless LAN (WLAN) & Mesh (Wi-Fi certification)

IEEE 802.12 100BaseVG disbandedIEEE 802.13 unusedIEEE 802.14 Cable modems disbandedIEEE 802.15 Wireless PANIEEE 802.15.1 Bluetooth certification

IEEE 802.15.2 IEEE 802.15 and IEEE 802.11 coexistence

IEEE 802.15.3 High-Rate wireless PAN Wireless Personal Area Network

IEEE 802.15.4 Low-Rate wireless PAN (e.g. ZigBee)

IEEE 802.15.5 Mesh networking for WPAN

IEEE 802.16 Broadband Wireless Access (WiMAX certification)

IEEE 802.16.1 Local Multipoint Distribution Service

IEEE 802.17 Resilient packet ringIEEE 802.18 Radio Regulatory TAGIEEE 802.19 Coexistence TAG

IEEE 802.20 Mobile Broadband Wireless Access

IEEE 802.21 Media Independent HandoffIEEE 802.22 Wireless Regional Area Network

IEEE 802.23 Emergency Services Working Group New (March, 2010)

Ok but What are the benefits?

Unlike packet radio Wi-Fi uses unlicensed radio spectrum and does not require regulatory approval for individual deployers. Cuts cabling costsWi-Fi products are widely available Competition amongst vendors has lowered prices considerablyNetwork providers provide roaming agreements

Users can move from one access point to another as part of contract

Various degrees of encryption available to protect traffic from interception. Wi-Fi is a global set of standards. Unlike cellular carriers, the same Wi-Fi client works in different countries around the world.

Wireless Technologies…

The Basics

Each wireless network needs a channel number and SSID (Service Set Identifier)The channel is a number between 1-11 (13 EU)SSID is a alphanumeric string that differentiates wireless networks on the same channelSSIDs are transmitted in clear textWi-Fi Can be Deployed in Two Modes

Ad-HOC (Peer to Peer) modeInfrastructure mode

Shares bandwidth among usersSupports roaming

The Basics

Each access point advertise itself by sending beacon framesTo become part of the wireless network, a client must first authenticate itselfAccess point is responsible unless RADIUS is usedMAC address will be used as identity

Wireless Networks: The Basics

SSID Broadcast in Clear Text

SSID

Connection Requires Key

Authentication Process

Authorization Process

Granted / Denied

Resource Access

Security Encryption Wrapper

Antennas

Sending and receiving radio wavesTwo types

Omni-directionalDirectional

Cantenna

802.11 standards

802.11a – 54 Mbps@5 GhzNot interoperable with 802.11bLimited to Shot DistancesDual-mode APs require 2 chipsets, this can look like two APs to clients

802.11b – 11 Mbps@2.4 GhzFull speed up to 300 feetCoverage up to 1750 feet

802.11g – 54 Mbps@2.4 GhzSame range as 802.11bBackward-compatible with 802.11bSpeeds slower in dual-mode

802.11 standards (cont.)

802.11e – QoSDubbed “Wireless MultiMedia (WMM)” by WiFi Alliance

802.11i – SecurityAdds AES encryptionRequires high cpu, new chips requiredTKIP is interim solution

802.11n – 100Mbps+Wi-Fi Protected Access (WPA)

Subset of 802.11i, forward-compatible with 802.11i (WPA2)Encryption: Version one uses TKIPAuth: 802.1x & EAP – allows auth via RADIUS, also allows auth via PSK

Other Wireless Technologies…

Other “Non Wi Fi Solutions”

CDPD – 19.2 kbps analogGPRS – 171.2 kbps digitalWAP – bandwidth-efficient content deliveryRicochet – 176 kbps wireless broadband flopBluetooth – personal area networks, range limited only by transmit powerBlackberry – Use cellular & PCS networks, no authentication at consoleRFIDNFC (Near Feild Communications)

Bluetooth

Cable replacement technologyShort range communication (10 m)Operates at 2.45 GhzUsed for mobile devicesUsed to transfer informationLarge Number of Hacking Tools Available

Bluetooth Hacking Tools

Radio-frequency identification (RFID)

R,waves exchange data between a reader and an electronic tag for the purpose of identification and tracking.Often seen as Barcode NGIndividual & unique like the license plate but for every item in the worldSome tags can be read from several meters away and beyond the line of sight of the reader.Application of bulk reading enables an almost-parallel reading of tags.uses Interrogators (also known as readers), and tags (also known as labels), as well as RFID software or RFID middleware. Most contain at least 2 parts: 1 is an integrated circuit for storing and processing information, modulating and demodulating a radio-frequency (RF) signal, and other specialized functions; the other is an antenna for receiving and transmitting the signal.

RFID Hacking

RFID Tags can be clonedA Growing number of hacking tools inc Backtrack 4Traditionally Hardware was expensive but is getting cheaper. E.g. USB ReaderCan read ID Badges, Credit Cards etcOnce hacked Cards with Authorized ID numbers can be used to unlock doors

Source Dreamtime

Near Field Communications (NFC)

NFC, is a set of short-range wireless technologiesTypically requires a distance of 4 cm or less.Operates at 13.56 MHz and at rates ranging from 106 kbit/s to 848 kbit/s Always involves an initiator and a targetInitiator actively generates an RF field that can power a passive target This enables NFC targets to take very simple form factors such as tags, stickers, key fobs, or cards that do not require batteriesNFC peer-to-peer communication is also possible, where both devices are powered.

Near Field Communications (NFC)

Emulation Mode: the NFC device behaves like an existing contactless cardReader mode: the NFC device is active and reads a passive RFID tag, for example for interactive advertisingP2P mode: two NFC devices communicating together and exchanging informationUses Include:

Mobile ticketing, such as Mobile Phone Boarding PassMobile payment: the device acts as a debit/credit payment card.Smart poster: the mobile phone is used to read RFID tags on outdoor billboards.

Pairing of Bluetooth 2.1 & NFC will be as easy as will be replaced by simply bringing the mobile phones close to each other.

Source Dreamscape

NFC: The Facts…

NFC Bluetooth Bluetooth Low Energy

RFID compatible ISO 18000-3 active active

Standardisation body

ISO/IEC Bluetooth SIG Bluetooth SIG

Network Standard ISO 13157 etc. IEEE 802.15.1 IEEE 802.15.1

Network Type Point-to-point WPAN WPAN

Cryptography not with RFID available available

Range < 0.2 m ~10 m (class 2) ~1 m (class 3)

Frequency 13.56 MHz 2.4-2.5 GHz 2.4-2.5 GHz

Bit rate 424 kbit/s 2.1 Mbit/s ~1.0 Mbit/s

Set-up time < 0.1 s < 6 s < 1 s

Power consumption < 15mA (read) varies with class < 15 mA (xmit)Source NFC Forum

NFC: Security Concerns

Theoretically Difficult due to Distance Factors….However!The RF signal for the wireless data transfer can be picked up with antennasEavesdropping: NFC offers no protection against eavesdropping and can be vulnerable to data modifications Applications may use higher-layer cryptographic protocols (e.g., SSL) to establish a secure channel.Data Modification: One possibility to perturb the signal is the usage of an RFID jammerRelay AttackLost Phone…

Source Andy Malone

WiMAX (Worldwide Interoperability for Microwave Access)

A telecommunications protocol that provides fixed and mobile Internet access. Seen as the next generation of wireless Improvement over existing standard of 802.11. No new equipment requiredFirst WiMAX equipment launched in 2005 Cover wider area, which can be as much as up to 50km Current WiMAX provides up to 40 Mbit/s with the IEEE 802.16m update expected to offer up to 1 Gbit/s fixed speedsThe name "WiMAX" was created by the WiMAX Forum, formed in 2001 to promote conformity and interoperability of the standardForum describes WiMAX as "a standards-based technology enabling the delivery of last mile wireless broadband access as an alternative to cable and DSL

Source Andy Malone

Wireless Security & Authentication…

WiFi Security

IN 2001 Peter Shipley’s 2001 DefCon presentation on WarDriving alarmed the industryThe US Dept Homeland Security labelled WiFi a potential terrorist threat, demanded regulationSeen as Shared media – like a network hub

Requires data privacy - encryption

Authentication necessaryCan access network without physical presence in buildingOnce you connect to wireless, you are an “insider” on the network

Source Johan Loos

Wireless Network Security

Link EncryptionEncrypt traffic headers + dataTransparent to users

End-to-End EncryptionEncrypts application layer data onlyNetwork devices need not be aware

29

Source Dreamtime

Link Level Security Vs. End to End Security!

Link

Network(IP)

Network(IP)

Transport(TCP)

Application(HTTP)

Link

Network(IP)

Transport(TCP)

Application(HTTP)

Link

Network(IP)

Link

…

SSL/TLS

network

End hostIPSec

WEP/WPA/WPA2

IEEE 802.11x security solutions are deployed at the link level• efficiency is very important all traffic will be encrypted

Current Authentication methods

Open Systems Authentication (OSA)Shared Key AuthenticationEAP / 802.1x

Open system authentication

Required by 802.11Just requires SSID from clientOnly identification required is MAC address of clientWEP key not verified, but device will drop packets it can’t decrypt

Source BT

Wireless LAN Security Goals

Access ControlNo abuse of wireless networkThis requires Key Management

Data IntegrityData packets are not modified during transit

ConfidentialityData packets are encrypted

Image Source Page: http://krebsonsecurity.com/2010/06/wi-fi-street-smarts-iphone-edition/

Wireless LAN Security Standards

802.11 WEP64/128 bitIntegrity Check

802.11 + 802.1xUses RADIUS

802.11 + WPA128 bitFor data encryption : TKIPFor data integrity: MICPSK or Enterprise

802.11 + WPA2AES

Image Source Page: http://blog.emixt.com/new-wi-fi-standard-promises-blazing-fast-data-speeds-2/

Shared key authentication

Utilizes challenge/responseRequires & matches keySteps

Client requests association to APAP issues challenge to clientClient responds with challenge encrypted by WEP keyAP decrypts clients & verifies

WEAK! Attacker sniffs plain-text AND cipher-text!

Source Dreamtime

WEP – Wired Equivalent Privacy

3 different key lengths: 64, 128, and 256 bits, known as WEP 64, WEP 128, and WEP 256 respectivelyWEP provides a casual level of security but is more compatible with older devices; It is still used quite extensively despite security flaws Each WEP key contains a 24 bit Initialization Vector (IV), and a user-defined or automatically generated key; E.g. WEP 128 is a combination of the 24 bit IV and a user entered 26 digit hex key. ((26*4)+24=128)WEP also comes in WEP2 and WEP+, which are not as common and still as vulnerable as the standard WEP encryption.

Sourcehttp://www.wpacracker.com/

More Problems with WEP

Shared key – 40/104 bitsInitialization vector (IV) = 24 bitsUses RC4 for encryptionWeaknesses/attacks

FMS key recovery attack – weak IVsFilter weak IVs to mitigate

IV too short, gets reused after 5 hoursIP redirection, MITM attacksTraffic injection attacksBit-flip attacks

WEP2 added, increases key length to 128 bits Source Dreamtime

TKIP to the rescue…er Almost!

Seen an interim solution developed to fix the key reuse problem of WEP. TKIP – Temporal Key Integrity Protocol

Protects IV by removing predictabilityBroadcast WEP key rotation is a good alternative if you can’t support TKIP

It later became part of the 802.11i and subsequently part of WPA standards.Same encryption as WEP (RC4)Variant Cisco Key Integrity Protocol (CKIP).

WPA – WiFi Protected Access

Originally designed for campus-wired networks2 Flavours WPA and WPA2 Created to resolve several issues found in WEP Both provide good security however, are not compatible with older devices WPA was designed to distribute different keys to each client; however, it is still widely used in a (not as secure) pre-shared key (PSK) mode, in which every client has the same passphrase.To fully utilize WPA, a user would need an 802.1x authentication server, which small businesses and typical home users cannot afford WPA utilizes a 48 bit Initialization Vector (IV), twice the size of WEP, which combined with other WEP fixes, allows substantially greater security over WEP.

WPA – WiFi Protected Access

WPA-Personal: Also referred to as WPA-PSK (Pre-shared key) mode.

Designed for SOHO networks and doesn't require an authentication server. Each wireless network device authenticates with the access point using the same 256-bit key.

WPA-Enterprise: Also referred to as WPA-802.1x mode, and WPA (as opposed to WPA-PSK)

Designed for enterprise networks, and requires a RADIUS authentication serverProvides additional security (e.g. protection against dictionary attacks)EAP is used for authentication which comes in different flavors (for example EAP-TLS, EAP-TTLS, EAP-SIM).

WPA2: Wireless Security: The Right Way!

802.11b (i) Now Default Setting on Many Wireless RoutersFIPS-140 compliantAES replaces RC4 w/TKIPRobust Security Network (RSN) for establishing secure communications

Uses 802.1x for authenticationReplaces TKIP

Counter Mode with Cipher Block Chaining (CCMP) for encryptionCCM mode of AES128-bit keys, 48-bit IVCBC-MAC provides data integrity/authenticationCCMP mandatory with RSNWRAP was initial selection, licensing rights/problems got in the way

WEP vs. WPA vs. WPA2 Encryption

WEP WPA WPA2

Encryption RC4 RC4 AES

Key rotation None Dynamic session keys

Dynamic session keys

Key distribution Manually typed into each device

Automatic distribution available

Automatic distribution available

Authentication Uses WEP key as AuthC

Can use 802.1x & EAP

Can use 802.1x & EAP

Myths & Threats…

Myth: What if I Hide my SSID?

Common MisconceptionNo such thing as “hiding” an SSIDAll that this accomplishes is Access Point beacon being suppressedFour other SSID broadcasts not suppressed

Probe requestsProbe responsesAssociation requestsRe-association requests

SSIDs must be transmitted in clear text or else 802.11 cannot function

Myth: Use a Fixed IP Address

Disabling DHCP and forcing the use of Static IP addresses is another common mythIP schemes are easy to figure out since the IP addresses are sent over the air in clear text as UDP BroadcastsTakes less than a minute to figure out an IP scheme and statically enter an IP address

Myth: Use MAC Authentication!

Use of the word “authentication” is a joke!It’s not MAC Spoofing…MAC address filtering is all that’s going onMAC addresses are transmitted in clear textExtremely easy to capture with tools like WiresharkExtremely easy to clone and defeatExtremely difficult to manage MAC filtering

MAC Spoofing Example

Regedit – HKLM\System\CurrentControlSet\Control\Class{4D36E972-E325-11CE-BFC1-08002BE10318}Lookup for your wireless adapterCreate REG_SZ String

Name: NetworkAddressValue: MAC address

Restart PC

Myth: Antenna placement and signal Suppression

Antenna placement and signal suppression does nothing to encrypt dataThe hacker’s antenna is bigger than yoursDirectional high-gain antennas can pick up a weak signal from several kilometers awayLowering the signal hurts legitimate users a lot more than it hurts the hackersWi-Fi paint or wall paper not 100% leak proof and very expensive to implement

Wireless LAN Threats

WarChalking – WarDriving - WarFlyingUnathorized Access

Accidential AssociationMalicous Association

MAC SpoofingMan in the Middle AttackDenial of Service (DoS)Network Injection AttackCaffe Latte attack

Wireless LAN Threats

Open AuthenticationOpen system authentication, basically everyone can connectNo encryption at all

Rogue and Unauthorized Acess PointsEmployee install unmanaged access pointAccess Point spoofing for MITM attack

EavesdroppingIntercepting of radio signals and decode dataWireless sniffer into promiscuous modeUse an external antenna

Wireless LAN Threats

Authentication flood attackLarge amount of EAPOL messagesAuthentication cannot respondCannot authenticate other wireless client

Deauthentication flood attackTarget is individual clientAttacker uses authentication frame of existing wireless client

Wireless LAN Threats

Network jamming attack (DoS)Targets entire wireless networkUse transmitter to flood airwavesIts a magnetronBut its dangerous if you are close to the transmitter

Equipment destruction attackTargets access pointHigh energy power can damage the access point

Free WiFi: The New Reality!

Source http://www.pcworld.com/article/222589/dutch_court_rules_wifi_hacking_is_now_legal.html

Not in the US…

PATRIOT Act (Provides Appropriate Tools Required to Intercept and Obstruct Terrorism) Legally classifies many hacking attacks as acts of terrorism

Source Dreamtime

WiFi Hacking Tools

A New Generation of WiFi Hacking Tools

Source Fern )Open Source)Source http://www.pentestit.com/2010/06/04/grimwepa-wep-wpa-password-cracker/

demo

Tools are Easy to Find…

The Countermeasures…

Wireless LAN Security: Recommended Best Practices

Deploy AD Secure Wireless Policies with CertificatesImplement Secure Management Policy for APs/BridgesDisable Telnet, disable http access, disable CDP, enable SSH, and enable TACACS for Admin authenticationPublicly Secure Packet Forwarding: no Inter-client communication on specific VLANsVirus Scanning + Firewall recommended on WLAN ClientsRF Monitoring and Rogue AP Detection

Radio, client & network based scanningWireless IPS / IDS

Select appropriate EAP mechanismConsider Fixed IP Address Range

Home / SOHO User Best Practice

1. Ensure you change the router’s default passwords2. Change the SSID name and disable SSID broadcast3. Setup MAC filters to limit which computers can connect4. Ensure you use WPA2 encryption5. Review your wireless logs regularly6. Look out for upgrades from the manufacturer7. Practice good security – Updates, AV, ASW etc

So What’s the Holy Grail of Security Then?

127.0.0.1

Review

IntroductionsWireless intro & historyCurrent & Emerging Wireless TechnologiesWireless Security: The Great Oxymoron Standards & techniquesThreats and CountermeasuresBest Practices

My Other Sessions…

SIM 301 Monty WiFion and the Quest for the Holy Grail of Network Security!

SIM 302 Lessons from Hackwarts Vol 1: Defense against the Dark Arts 2011

SIM 327 Rethinking Cyber Threats: Experts Panel

Find Me Later At…

Safety and Security Centerhttp://www.microsoft.com/security

Security Development Lifecyclehttp://www.microsoft.com/sdl

Security Intelligence Reporthttp://www.microsoft.com/sir

End to End Trusthttp://www.microsoft.com/endtoendtrust

Trustworthy Computing

Resources

www.microsoft.com/teched

Sessions On-Demand & Community Microsoft Certification & Training Resources

Resources for IT Professionals Resources for Developers

www.microsoft.com/learning

http://microsoft.com/technet http://microsoft.com/msdn

Learning

http://northamerica.msteched.com

Connect. Share. Discuss.

Complete an evaluation on CommNet and enter to win!

Scan the Tag to evaluate this session now on myTech•Ed Mobile

Andy Malone (UK)

E: andrew.malone@quality-training.co.uk

Twitter: AndyMalone

LinkedIn: Andy Malone (UK)

Thanks For Listening & Enjoy TechEd!