InfoSec Philippines

Information Security, Technology News and Opinions

Archive for the ‘Wireless’ Category

Quick Tips: Securing Your AP

Posted by Daniel Tumalad on November 15, 2009

jeepney_cover

"El Sibakero", Rollin' Down the Street...

A few years ago, a German hacker visited the Philippines and went wardriving on the streets of Ayala. He observed the lack of security in most of the wireless networks he discovered, prompting people to address the situation.

Today, many are still ignoring the importance of protecting their wireless networks. There are plenty of APs in condominiums, corporate buildings and commercial establishments that still use insecure WEP or don’t use any form of encryption at all. [results=car+laptop+airodump, office->home]

With a lot of information and software pertaining to hacking wireless networks freely available on the Internet, almost anyone can obtain illegal access to insecure wireless networks.

Protect your AP:

1. Enable Encryption
With both WEP and WPA-TKIP having security flaws, your best bet is WPA2-CCMP. Make sure you choose a difficult-to-guess passphrase (alpha-numeric+special characters) and “try hard” to change your key every 3 months.

2. Configure AP Administration
Change the default AP admin password, disable remote administration and restrict AP management to local encrypted access (SSL) only. If you are feeling the need to overkill then also disable the wireless LAN access, make the administration console accessible only through the wire.

3. Security through Obscurity
Replace the default SSID and disable SSID broadcast.

4. White-list the MAC-Addresses of your Users
If all else fails, this can possibly make it hard for attackers to join the wireless network.


Internal Links:
Wireless Hacking
Using Nmap to Detect Rogue APs
Password Tips

 

Advertisements

Posted in El Sibakero, Wireless | Tagged: , | 2 Comments »

SPAM drops, DDoS Attacks, Whitepapers

Posted by Jaime Raphael Licauco, CISSP, GSEC on November 15, 2008

There’s apparently been a huge drop in SPAM after two ISPs were cut off.
Stories from Washington Post, and BBC. Brian Krebs of the Wash Post also talks about this in his Security Fix Blog.


More ISPs are allocating resources for DDoS attacks according to Arbor Network’s 2008 Worldwide Infrastructure Security Report. A related article is on ZDNet and an article on Vunet talks about ISP’s fear on IPv6 threats.

A study by Google, presented at the RIPE Meeting in Dubai reports that France and Russia are ahead in IPv6 .


Security Focus reports that, “Anti-malware testing group releases standards“, and they can be downloaded here.


SANS will also have a Webcast on Understanding the WPA/WPA2 Break.

Since we’re on the topic of webcasts, SourceBoston’s 2008 Conference from March of this year have been up on Blip.tv for a while now. They have great presentations on Incident response, Secure Coding, etc.


And since I enjoyed Schneier’s essay on, “The Psychology of Security“, I just thought that InfoSec professionals would find it funny that the Washington Times reports that Paranoia is on the rise :).


SC Magazine Whitepaper Roundup

Top five strategies for combating modern threats – is anti-virus dead?
By: Sophos Plc.
Today’s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce. Organizations need innovative approaches to protect the web, email servers and endpoint. This paper discusses the security implications of modern…

Complying with the Payment Card Industry’s Data Security Standard
By: DeviceLock, Inc.
The Payment Card Industry Data Security Standard (PCI DSS) was drawn up in order to reduce leakage and inappropriate use of credit card information. It contains over 100 clear information security requirements for all companies who process, store or transfer data about cardholders: banks, processing…

Addressing the Operational Challenges of Administrative Passwords
By: ManageEngine
Enterprises making use of various IT systems (servers, devices, applications etc.) face numerous challenges due to the proliferation of administrative passwords (also called as privileged passwords). This white paper discusses the problems associated with administrative password proliferation with…

Tripwire PCI DSS Solutions- Automated, Continuous Compliance
By: Tripwire, Inc.
Find out step-by-step what it takes to become compliant with the Payment Card Industry (PCI) Data Security Standard (DSS), and how Tripwire can help your company achieve and maintain PCI compliance.

Malware Security: Taking the Botnet Threat Seriously
By: FireEye, Inc.
How does malware continue to infiltrate networks? Primarily because traditional defenses only address the threat in pieces and parts, which leaves gaps in the enterprise security infrastructure. Meanwhile, malware has become organized to form massive ‘botnets’ (networks of compromised…

ComputerWorld Technical Briefing: Mission-Critical Security – The Threat from Within
By: PacketMotion
We all know blind spots are bad for drivers but are you aware of how potentially disastrous they can be for IT security professionals? Take a few minutes to review this Computerworld report and you’ll get a clear picture of both the problem and the solution!.

Automating Code Reviews: How to Manage Application Risk on a Shrinking Budget
By: Veracode
In a tightening economy many organizations are faced with a “do more with less” mandate on their budgets and their security strategies. On-demand application security testing offered as an outsourced service – based on binary analysis and multiple scanning technologies…

Database Auditing Tools and Strategies
By: Sensage
Learn about a new set of software tools that provide low overhead audit collection with storage, alerting and reporting capabilities. This paper details the trade-offs and strategy of each option.

Posted in News, Whitepapers, Wireless | Tagged: , , , , , , , , , , , , | Leave a Comment »

Wireless Hacking part 2

Posted by Jaime Raphael Licauco, CISSP, GSEC on November 7, 2008

Yesterday, I had a post on Using Nmap to detect Rouge Wireless Access Points. With that post were various links to tools on hacking wireless networks that are freely available on the net. This is of course to help inform the public on the perils of wireless network computing. However, I also posted a link on the advantages on wireless and how to secure it. As is often the case, one must seek a balance or prioritize among that OTHER security triad of COST vs SECURITY vs CONVENIENCE.

For the history buffs, there is a A Brief History of Wireless Security from SecurityUncorked.com. CSOonline, back in May 2008, also published a very informative article on Wireless Security: The Basics.

News from SC Magazine US, SecurityFocus.com and Heise Security just came out that WPA can now be cracked in around 15 minutes.

The SecurityFocus.com news item above talks about Recovering a WEP key in less than a minute using the aircrack-ptw tool that is used with the aircrack-ng toolsuite.

I remember a few months ago Risky Business podcasts interviewed the maker of Metasploit framework, HD Moore, regarding his evil Eee PC. It’s about the new KARMA+Metasploit 3 framework which is a set of tools that listens to all client probe requests and can then become a fake wireless AP for any requested network. The scary thing here is that you can possibly get owned as long as your wireless is enabled and its automatically looking for a wireless access point, without the user even knowing it. The older Karma framework is available here.

If the Risky Business podcast didn’t get you a wee bit paranoid, an interview by Network World on, Wireless security foiled by new exploits, just might do the trick. They interviewed Joshua Wright who writes the security blog WillHackforSushi.com and is also the author of the six-day SANS Institute course, Assessing and Securing Wireless Networks.

I wonder what tools were used for the “Wall of Sheep” at the Defcon conferences, which was also at the BlackHat, this year. In case you’ve never heard of the “Wall of Sheep”, its a wall with a projection of Usernames and part of the passwords for the users foolish enough to not have enough security on their wireless connections. MySpace and Gmail accounts have also shown up (in spite of Gmail using the default https, but just for log-on) through the use of replay attacks. Apple iPhones and Window’s mobile phones have also shown up.

Since you’ll want to save some of the information from the KARMA+Metaploit 3 framework, I’m guessing newer mini-notebooks like the Acer Aspire One which retails for around $350, and Lenovo Ideapad S10 which retails for around $400, would both be great for this.

Since its related, there’s an On Demand Webcast sponsored by Nokia on, Corporate Mobility Policy and Device Management. In case your organization is PCI compliant or is looking forward (or dreading) compliance in the future, Network World will be having a webcast next month on PCI Wireless Compliance Demystified.

Posted in ISMS, News, Philippines, vulnerability, Wireless | Tagged: , , , , , , , , , , , , , , , , , | 1 Comment »

Using Nmap to detect rogue Wireless Access Points

Posted by Jaime Raphael Licauco, CISSP, GSEC on November 6, 2008

Pauldotcom interviewed Gordon “Fyodor” Lyon (the Nmap dude) back in Sept 24. Check out the transcript of the interview here.

Direct audio download of the show can be found here.

If you use Nmap, Paul Asadoorian, GCIA, GCIH (who started the website), also released a script for the new version of Nmap (4.76) here.

Other wireless tools you can use can be found in the Top 5 Wireless Tools page of the insecure.org site. The likes of Kismet, NetStumbler, Aircrack-ng, Airsnort and KisMac are all there.

I am both amazed and appalled by the current state of wireless security in the Manila area. Although its probably better than when Van Hauser checked it out back in 2004, users still aren’t aware of how dangerous it is to pass off confidential or private information using wireless access points. Back in June 2008, Inquirer posted this on the FBI warning wi-fi users.

Recent articles regarding cracking of Wireless Access Points using Nvidia cards can be found in SCmagazineUK and Heise Security.

A dated (May 2007) blog on WPA cracking might be interesting to you, an even older video (2005) with a really annoying soundtrack can also be found online. You may also want to check this out.

On the lighter side, I found two articles on hacking for smartbro. Here and here. One of which should be reserved for April fools, the other for more adventurous people.


Speaking on wireless security and its problems, here’s a 36 minute video from the IT Briefing Center on
The Evolution of the Wireless Enterprise: Networking in a World Without Wires sponsored by Motorola. It talks about the cost savings of going wireless, additional benefits of going wireless and there’s a case study they cite on using wireless for the healthcare industry.


On a totally different topic, and since I can’t get enough of web app security (aside from security metrics), here’s a 25 minute podcast by Gartner, sponsored by IBM entitled, “Stay Ahead of the Hackers: Strategies to Protect your Web Applications – and Your Organization“.


Gartner also has a 27 minute video on “Using Secure Remote Management to Drive the Convergence of IT Operations and Security Compliance” also from the IT Briefing Center.

Posted in Philippines, Wireless | Tagged: , , , , , , , , , , , , | 2 Comments »