Re: Wireless security question...
From: Austin Murkland (amurkland_at_merydion.com)
Date: 10/31/05
- Previous message: Adrian Floarea: "RE: integrity and mail encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 31 Oct 2005 12:56:14 -0800 To: Marty <m_samson@videotron.ca>
Marty wrote:
> Hi,
>
> We're having an in-house discussion regarding the risk
> related to wireless security.
>
> The mobile users would like to be able to use the wireless
> technology within their laptops to access the office while
> they are away. Right now we don't allow wireless access
> points.
>
> The questions we have are:
>
> 1- Can a wireless router (installed in their home-office) be
> hacked into AND can this hacker take control of the wireless
> laptop. If so I would need some detail on how we can prevent
> that (besides WEP). Let's assume for the sake of discussion
> that there is no WEP encryption on the router.
>
Q1.a. Can a wireless router be hacked into?
Yes, but it depends on what you mean by that, if you're referring to
obtaining administrator level privileges
on the router in question, the difficulty in that relies upon the
provider of the equipment, and how well setup that equipment is. If
you're talking about just breaking into the network, or gaining access
to the computer on that network that's a little different, and arguably
easier, which leads to the next question...
Q1.b. Can this hacker take control of the wireless laptop?
Yes, but it depends on the security running on said laptop..if they have
some sort of firewall/anti-virus in place it'll will be more difficult
for an attacker to gain access to their laptop, however all form of
security are not methods of keeping people out, but just slowing them
down. An attacker gaining access to a laptop or not largely depends on
what their motives are, if it's free Internet, they'll might, just stop
with access to your network, if it's industrial sabotage, their going to
get as much information as possible, then deliver whatever payload is
intended be it destroying information on your network, or just stealing
all information that passing through it.
Preventing that (in my scenario...slowing down that) would involve
giving each wireless client their own vlan, and do not permit them to
talk to other wireless clients locally, or perhaps even wired clients.
WEP is crackable, usually in a matter of hours.
http://www.tomsnetworking.com/Sections-article118.php
http://www.tomsnetworking.com/Sections-article120-page1.php
those links provide a good basic ideology of how to crack a wireless
network with WEP turned on.
you're going to want to use an alternate form of authentication.
Q1.c. Assume no WEP on router.
No protection against anything is what you're saying there. Understand
that information that travels across networks using original protocols
was not designed to be secure, and thus, Isn't. When you login to
email, aim/messenger/yahoo, when you access something on the network,
this all occurs in cleartext (i.e. readable english), and anyone with
network access and a basic understanding of network topology and
router/switches will be able to see all of this information, and use it
later, to send emails to your mistress& wife, withdraw funds from your
bank account/stocks, and talk to your contacts during chat...FUD(Fear,
Uncertainty, and Doubt) aside, a corporate network is assumed secure
because you have a network admin. or equiv. constantly making sure
things *are *secure. Wireless doesn't yet have the tools/ability to be
as secure as a wired line, and the assumptions that follow through wired
security, should not carry over. Anyone within the wireless range can
come near/in your building (or aim a long distance antenna at your
building) and pickup a signal, jump on your network, and do what they
feel like. Not a good idea.
>
> 2- How easy is it to access the laptop once you're into the
> router? Is it child splay or do we need a specialist?
>
Q2.a How easy is it?
Accessing the network is child's play, accessing the laptop depends on
what operating systems is running, what procedures if any they've gone
through to "harden" (i.e. secure) the laptop against attack, and what
software they've installed to yield basic protection from attacks. If
they have none of that, and are running windows... it's child's play, if
it's a default install with no patches/protection of particular flavors
of linux/unix, it's child's play...If they're running os x with no
patches/protections... it's child's play... if either linux/unix or os x
are updated, depending on the configurations options chosen at install
they may be closer to being "hardened" , and it will take longer than a
few minutes/hours to get in.
Q2.b Do we need a specialist?
Judging purely by the questions, lack of specificities and a
demonstrated lack of wireless/networking/security knowledge.... I'd
advise either learning a lot more before you choose to implement a
wireless solution, or hiring a CWSP, to calm your wireless security fears.
> 3- If the laptop's wireless router is secured with WEP and
> connected to the office via VPN can it be EASILY hacked
> into? The VPN connection gives them little access to the
> network, barely what they need to work. Will the intruder
> have access to our network?
>
Q3.a Hack a VPN connection?
If the laptop has a rootkit, or some kind of backdoor software
installed... it would be easy, if it is properly hardened, and has basic
protection software (firewall/antivirus) it would be more difficult. It
sounds like your VPN connection is setup in a secure manner. How far
that person would be able to get on your network depends on how skilled
they are, whether you had IDS/IPS software on your network (alerting
your net. admin that someone is actively trying to gain access to your
network) and how well the attack may/maynot be able to circumvent all of
this protection and intrusion detection/prevention software. in short,
yes (the answer is always yes...security just makes it harder), but not
easily. How uneasily largely depends on how much effort you put into
security and following security policy (e.g. no easy passwords!!!)
Q3.b Will Intruder have access?
What you should be worried about is how easy/difficult it is for an
intruder (i.e. compromised laptop) to gain access to the rest of your
network...and how well you'll be able to detect an attack of this magnitude.
>
>
> 4- How secure is my sales rep. running around hotels with
> his laptop?
>
Q4. How secure is a laptop traveling across the country/world/state,
etc...jacking onto strange networks....
If he's doing it to just web surf, he's fine....if he's using
email...*make sure it's secure*, if he's doing anything with company
information or passwords... *make sure it's secure or over VPN....
*Hotel networks, or public wifi networks are always in the same spot,
and have thousands of users flying on/off their networks. Their
locations are WELL known to hackers, and the passwords/encryption which
protect these networks should always be assumed as compromised.
Don't use then without protection, Don't access any information you
wouldn't want the random thug to have unless your 100% sure the
connection is encrypted...even then you may want to change your
password(s) after you're on a secure network again...
As a sidenote on laptops carrying confidential data to random locations,
you may want to invest in a rainbow key, or USBKey which provides a
hidden encrypted drive on the laptop. While this protection is not
foolproof, attaching the USBKey to your keychain, and then keeping all
confidential info within that encrypted drive would shield that info
from compromise if the laptop were lost or stolen. Without the USBKey
there's nothing identifiable to the operating system on the drive, just
encrypted information (using AES encryption) hiding in unallocated
partition space. If this key is ever lost...so is that information.
Duplicate keys are a GOOD idea. one on site, one with the user. If one
of the pair is ever lost, a new key can be stored on them, but never
reuse a lost key (i would hope that is obvious).
>
>
>
> We are trying to assess the risk...should we, should we not
> allow wireless for the mobile workforce.
>
>
>
You should, but as with all networking technologies involving security,
you should do it right, and do it right the first time.
HTH (Hope this helps),
Austin Murkland
>
> Thanks!
>
> Marty
>
>
>
>
- Previous message: Adrian Floarea: "RE: integrity and mail encryption"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
