An Analysis of Wireless Security at U of M Dearborn: Found Problems - - PowerPoint PPT Presentation

an analysis of wireless
SMART_READER_LITE
LIVE PREVIEW

An Analysis of Wireless Security at U of M Dearborn: Found Problems - - PowerPoint PPT Presentation

Sep 19, 2022 48 likes •292 views

An Analysis of Wireless Security at U of M Dearborn: Found Problems and Proposed Solutions (CASL Only) Summary Basic Networking Concepts Description of vulnerabilities Demonstration Possible solutions Networking Addresses 3

slide-1
SLIDE 1

An Analysis of Wireless Security at U of M Dearborn:

Found Problems and Proposed Solutions

(CASL Only)

slide-2
SLIDE 2

Summary

  • Basic Networking Concepts
  • Description of vulnerabilities
  • Demonstration
  • Possible solutions
slide-3
SLIDE 3

Networking Addresses

3 types of addresses

  • DNS address, ex. www.aol.com
  • IP address, ex 64.12.89.242
  • MAC address, ex. 00:05:2E:8D:C7:B2
slide-4
SLIDE 4

Translating Network Addresses

  • DNS  IP  MAC
  • www.aol.com  64.12.89.242 00:05:2E:8D:C7:B2
slide-5
SLIDE 5

Port Explanation

All incoming and

  • utgoing data is

filtered through ports in the router Imagine toll booth lanes on a highway

Port 1 2 3 4 … …

slide-6
SLIDE 6

Vulnerability #1 : Non-filtered

  • utgoing traffic on port 53
  • Should allow outgoing DNS information
  • Should not allow all outgoing information
  • Allows complete bypass of firewall by

anyone

slide-7
SLIDE 7

Unfiltered Port

Port 51 52 54 55 56

53

HTTP SSH FTP Telnet etc…

Attacker

slide-8
SLIDE 8

Solution

  • Reconfigure firewall
  • Only allow outgoing DNS on port 53
slide-9
SLIDE 9

Vulnerability #2: Firewall only uses MAC address to determine identity

  • MAC addresses are publicly broadcasted
  • MAC addresses are easily changed, or

spoofed

  • Spoofing = impersonating, forging, etc…
slide-10
SLIDE 10

Solutions

  • Many appoaches
  • Need earlier authentication
  • Wireless encryption
slide-11
SLIDE 11

Vulnerability #3: Client and server MAC tables changable

  • Reroutes traffic
  • Allows for more advanced attacks like

recording sessions encrypted by SSH or HTTPS

slide-12
SLIDE 12

ARP Poisoning

Client

141.215.4.97

MAC IP

00:2F:CD:8E:9A 141.215.4.1 ….. ….. ….. …..

Firewall

141.215.4.1

MAC IP 00:2F:CD:8E:9A 141.215.4.97

….. ….. ….. …..

Attacker

slide-13
SLIDE 13

Solution

  • Many approaches
  • Need earlier authentication
  • Wireless encryption
slide-14
SLIDE 14

Vulnerability # 4: Rogue Access Points

  • BYO-AP!
  • Tricks people into connecting to your AP
  • Get to client before the firewall does
slide-15
SLIDE 15

Rogue Access Point

Client School Router Rogue Access Point

Sure, why not? “I’m the school router. Connect to my stronger signal.”

slide-16
SLIDE 16

Solution

  • Wireless Encryption
  • Wireless Intrusion Detection System or

WIDS

slide-17
SLIDE 17

Wireless Networks

  • No physical security like wired networks
  • Accessible from far away
  • Multiplies dangers of vulnerabilities
slide-18
SLIDE 18

High Power Antenna

slide-19
SLIDE 19
slide-20
SLIDE 20
slide-21
SLIDE 21
slide-22
SLIDE 22

Scope of Project

  • Only a month long
  • Wireless network not completely evaluated
  • More problems then we can present
slide-23
SLIDE 23

Conclusion

  • A lot of changes needed
  • Little work to make changes
  • Until then, assume all traffic is being

watched

slide-24
SLIDE 24

Q and A