technology especially wireless devices has immensely
play

Technology, especially wireless devices, has immensely grown over - PowerPoint PPT Presentation

Technology, especially wireless devices, has immensely grown over the past few decades. Most of these wireless devices rely on Wi-Fi for Internet Connectivity. It may seem as if connection to a Wi-Fi network is harmless, however sometimes


  1. • Technology, especially wireless devices, has immensely grown over the past few decades. Most of these wireless devices rely on Wi-Fi for Internet Connectivity. It may seem as if connection to a Wi-Fi network is harmless, however sometimes there are consequences of joining rogue access points. • Rogue access points (AP) are AP with malicious intent which can compromise the information on the connected device. • The average user will not be able to tell the difference between a rogue access point and a legitimate access point. • We have configured a Raspberry Pi as a rogue AP. When users connect, they will be prompted to connect to www.FB.com , a website we created similar to Facebook. Once the user logs in, we will steal his login information.

  2. • Configuring Raspberry Pi as Rogue Access Point • www.fb.com - for users to login to their “Facebook” • SeToolkit - steal the login information • Exports XML file

  3. • Training and educating users. - Users in an organization should be trained on connecting to trusted access points and reporting anything malicious if they notice anything. • Access Control List (ACL) - The access control list enforces only the authorized users are able to access the necessary information/department. • Regular Scanning in the environment. - Active Scans - transmit and listen to probe requests from the user’s workstation to the access point - Passive Scans - listen on each channel for beacons which were sent by the access point to the user’s workstation

  4. • SolarWind – Detection Tool Software

  5. UDT will provide in-depth details, regarding which endpoints connected to the access point and how long they were connected. Digging deeper, it will precisely point out which user was connected to the access point. It will also show how long the access point was active for. In UDT, you can create a device whitelist, where you can add devices which are authorized to connect to that network.

  6. • The rogue access point should be removed as soon as it is discovered. • Network administrator should shut down the client from the network. The most common method of keeping rogue clients away is by configuring their MAC address in the Access Point ʼ s Access Control List (ACL) • Client isolation

  7. • Lock the switch port to which the AP is connected • Network administrator can launch a Denial-of-Service (DoS) attack on the rogue access point, occupying it so it will force it to deny any new requests

  8. Dino Schweitzer, Wayne Brown, and Jeff Boleng. 2007. Using visualization to locate rogue access points. J. Comput. Sci. Coll. 23, 1 (October 2007), 134-140. Kuo-Fong Kao, Tau-Heng Yeo, Wai-Shuen Yong, and Hui-Hsuan Chen. 2011. A location-aware rogue AP detection system based on wireless packet sniffing of sensor APs. In Proceedings of the 2011 ACM Symposium on Applied Computing (SAC '11). ACM, New York, NY, USA, 32-36. DOI: https://doi-org.rdas-proxy.mercy.edu/10.1145/1982185.1982195 Liran Ma, Amin Y. Teymorian, Xiuzhen Cheng, and Min Song. 2007. RAP: protecting commodity wi-fi networks from rogue access points. In The Fourth International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness & Workshops (QSHINE '07). ACM, New York, NY, USA, Article 21, 7 pages. DOI: https://doi-org.rdas-proxy.mercy.edu/10.1145/1577222.1577252 Saruhan, I. (2007). SANS Institute: Reading Room - Intrusion Detection . [online] Sans.org. Available at: https://www.sans.org/reading-room/whitepapers/detection/detecting-preventing-rogue-devices-network-1866 [Accessed 9 Dec. 2019]. Shachar Siboni, Asaf Shabtai, and Yuval Elovici. 2018. Leaking data from enterprise networks using a compromised smartwatch device. In Proceedings of the 33rd Annual ACM Symposium on Applied Computing (SAC '18). ACM, New York, NY, USA, 741-750. DOI: https://doi-org.rdas-proxy.mercy.edu/10.1145/3167132.3167214 Solarwinds.com. (2019). Rogue Access Point Detection Software - Unauthorized AP | SolarWinds . [online] Available at: https://www.solarwinds.com/topics/rogue-access-point-detection [Accessed 9 Dec. 2019]. Volker Roth, Wolfgang Polak, Eleanor Rieffel, and Thea Turner. 2008. Simple and effective defense against evil twin access points. In Proceedings of the first ACM conference on Wireless network security (WiSec '08). ACM, New York, NY, USA, 220-235. DOI: https://doi-org.rdas-proxy.mercy.edu/10.1145/1352533.1352569

Recommend


More recommend