Traditionally, talking of wireless security in the enterprises we talked about embedded Centrio Wi-Fi, Linksys rogue APs, open source DoS tools, and compliance requirements (PCI, DoD, HIPAA). While these topics continue to be important today, the upcoming proliferation of the smart mobile devices is the new frontier for the enterprise wireless security to address. The inundation of smart mobile devices will result into new monitoring requirements, not hitherto discussed. These requirements would amount to ”stress test” for the WIPS and only the best of the breed can hold up. While the new monitoring requirements will be many and varied ranging from unauthorized BYOD to heightened rogue AP risk, in this post I wish to discuss some interesting and unique scenarios (numerous soft mobile hotspots, Nintendo chat blocking, wireless geo-fencing) I already encountered this year working with the customers.
Read more…
Hemant Chaskar BYOD, smartphones, Windows 7, Wireless gadgets, Wireless security Smart mobile devices security
BYOD (Bring Your Own Device) seems to be the dominant theme for 2012 in the Wi-Fi infrastructure and security space. As people increasingly bring in personal smartphone devices on the enterprise premises, the network/security administrators are grappling with the security implications. Given how engaging the new smartphone and tablet apps are, conflict arises between the users’ desire and the network/security administrators’ intentions. You need to ensure that this conflict does not turn BYOD into BYOR (Bring Your Own Rogue AP)! Read more…
Hemant Chaskar 802.11n, Best practices, Compliance, smartphones, Wireless gadgets, Wireless security Apple Airport Express, BYOD, PCI, Rogue AP, WIPS
As the BYOD (Bring Your Own Device) tide rises, the network and security admins wonder if their existing Wi-Fi infrastructure security will hold on. In particular, will WPA2 with PEAP, which is pretty much the norm for the Wi-Fi infrastructure security in the enterprise networks today, continue to be adequate? WPA2 with PEAP is simple enough, still strong enough, and has served the enterprise Wi-Fi security needs very well in the past several years. The forthcoming BYOD revolution however pops a new challenge for WPA2 and will require additional thinking on part of the network and security admins about how to complement PEAP to address some of the BYOD security issue. This new challenge comes from the ease with which people can bring in personal mobile devices on the enterprise premises and connect them to the WPA2 enterprise Wi-Fi network without administrator knowledge or help.
Read more…
Hemant Chaskar Wireless security Android, BYOD, iPad, iPhone, mdm, mobile malware, tablet, WIPS, WPA2
Right when the Wi-Fi access and security management are moving towards the controller-less architecture, another interesting architecture seems to have evolved at the other extreme. This architecture seems to be advocating not one, but two WLAN controllers in tandem – and that too from two different vendors. And, some optional (additional?) security management servers on top of the tandem. You think I am kidding? Then check this announcement from Aruba Networks, which is a leading controller-based WLAN vendor: http://www.arubanetworks.com/solutions/by-application/byod-services-on-your-existing-wi-fi/. The stated business case seems to be to put a band-aid on the Cisco WLAN’s (another leading controller-based WLAN vendor) insufficient security features.
In this case, the tandem is only for BYOD security, but as a matter of fact there are many more security gaps that will still remain to be addressed even after the twin tandem controllers are deployed. Would we need a third WLAN controller in the tandem to fill the remaining security gap, and who might provide that? Or, is it just easier to deploy a controller-less comprehensive WIPS solution (and that too with the onsite or cloud option) and secure the Cisco WLAN once and for all. Just a practical thought.
Hemant Chaskar Cloud computing, Wireless security aruba, BYOD, Cisco, cloud, WIPS, WLAN controller
Recall “Skyjacking” vulnerability discovered with Cisco LAPs couple of years ago? It allowed hacker to transfer control of enterprise Cisco LAPs from enterprise WLC to hacker controlled WLC in the Internet with over-the-air attack. Once control is transferred, the hacker could change configuration on those LAPs in any way by adding, deleting and modifying SSIDs. The hacker could also tamper with Cisco monitor mode APs and take away the security layer. Cisco Skyjacking exploited vulnerability in Cisco’s over-the-air controller discovery protocol. Know more about it here.
Now a similar vulnerability seems to have been discovered in Aruba OS and AirWave console. The advisory states: “[a]n attacker could plant an AP with maliciously crafted SSID in the general vicinity of the wireless LAN and might trigger a XSS vulnerability in reporting section of the ArubaOS and AirWave WebUIs. This vulnerability could potentially be used to execute commands on the controller with admin credentials.” Though modus operandi is different from Cisco, the end result is similar – transferring the control of Wi-Fi controller to hacker by launching over-the-air attack.
No system is free from vulnerabilities and such things will continue to be discovered. But, you don’t have to give away “hack one, get one free”. You don’t have to give hackers control of Wi-Fi coverage and Wi-Fi security in a single shot. This can be achieved by ensuring that the Wi-Fi security layer operates independent of Wi-Fi infrastrucutre. Read more…
Hemant Chaskar Best practices, Wireless security aruba, Cisco, skyjacking, WIPS
Will deploying wireless intrusion prevention make me better “protected” or will it leave me “frustrated” because of the increased operational overhead? If you as a network or security administrator are looking for answer to this question, the answer is: Depends! That is because; it depends on how your wireless intrusion prevention is architected. This video will tell you more about it .
Hemant Chaskar Wireless security
Last week we saw Google facing legal tangles for “accidental interception” of WiFi signals and this week it was Apple facing “mysterious disappearance” of WiFi signals during iPhone-4 demo at WWDC keynote. So “what’s going on”, does WiFi not like us any more? Well, because these things struck Eric and Steve, we got to hear about them, but in fact they strike Tom, Dick and Harry everyday.
But there is a way out of this WiFi chaos. Read more…
Hemant Chaskar Wireless scanning, Wireless security iphone 4 wifi, iphone launch wifi, iphone WiFi problem, WiFi performance, WiFi security
We often hear that WiFi network performance degrades due to radio interference. We also hear that interference is a complex beast which cannot be easily tamed. There are two types of interference sources which affect WiFi network performance – non-WiFi sources and WiFi sources. This post provides a guide to some practical steps to combat often cited non-WiFi interference sources such as microwave oven, Bluetooth, baby monitors, cordless phones, wireless cameras and jammers. The WiFi interference sources will be discussed in later post.
Overall, some awareness of environment around WiFi network coupled with some simple network planning steps can help win over non-WiFi interference to great extent. Additionally, ability to detect high interference levels on WiFi channels helps detect “unmanaged” sources of interference such as jammer or any unknown source. Many WLAN and wireless security systems today have ability to monitor interference levels on channels on 24×7 basis to facilitate such detection.
Hemant Chaskar Best practices, WLAN planning baby monitor, bluetooth, cordless phone, interference, jammer, microwave, oven, spectrum analysis
The SSL renegotiation vulnerability disclosure created mood swings in the security community over last month. Immediately after the disclosure, security community was split in opinion about its severity and relevance.
All that changed a fortnight later, when real life exploit targeted to Twitter site was demonstrated using this vulnerability and it all started looking REAL! Afterall, it was a vulnerability of great relevance and severity.
The final question now is how prevalent is this vulnerability. To this effect, SSLLabs has actually created an online tool where you can enter HTTPS URL to know if that URL is vulnerable to SSL renegotiation vulnerability. In fact you will notice that many critical HTTPS sites are vulnerable, though a few have already patched it up.
If any doubt is now left before calling it prevalent, it is about prevalence of man-in-the-middle (MITM) attacks. The flaw requires presence of MITM between the client and the SSL server. How easy is it for an attacker to be MITM? This is where WiFi comes into picture. In fact it is very easy to be MITM in WiFi connection using honeypot (evil twin) access points or ARP poisoning through rogue access points.
Overall, it is appropriate to conclude that the vulnerability is severe and prevalent. Fortunately, the fix is available through a patch, though it will take some time before all websites apply it. Until then, we keep our fingers crossed!
Hemant Chaskar Wireless security flaw, renegotiation, ssl, tls, vulnerability
Ever cared to take objection to someone putting flower vase on the table in your office, as it violates your wireless security policy? That is preposterous, isn’t it? Not any more. Look at the artistic WiFi router design from STC.
So next time you see a flower vase on someone’s table, you have to “check it out” to ensure that it is not a rogue AP in the enterprise network.
Just a thought, can the flower stems also serve as antennas?
Hemant Chaskar Wireless security
