Wireless Vulnerability Assessment Airport Scanning Report Part - II



Similar documents
Wireless Vulnerability Assessment: Airport Scanning Report

Wireless (In)Security Trends in the Enterprise

Wi-Fish Finder: Who will bite the bait?

Understanding WiFi Security Vulnerabilities and Solutions. Dr. Hemant Chaskar Director of Technology AirTight Networks

Wireless Network Security When On the Road

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

ICP DAS WF-2571 FAQ. FAQ Version 1.0. ICP DAS Co., Ltd

9 Simple steps to secure your Wi-Fi Network.

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay

Industrial Communication. Securing Industrial Wireless

Wireless Security and Healthcare Going Beyond IEEE i to Truly Ensure HIPAA Compliance

WLAN Security Why Your Firewall, VPN, and IEEE i Aren t Enough to Protect Your Network

Wireless Security Strategies for ac and the Internet of Things

Closing Wireless Loopholes for PCI Compliance and Security

Security Awareness. Wireless Network Security

How to Turn a Laptop into a Wireless Hot Spot (Microsoft Windows XP)

Best Practices for Securing Your Enterprise Wireless Network

MANUAL FOR CONNECTING TO VIVACOM NET WI-FI NETWORK HIDDEN ENCRYPTED WI-FI NETWORK

All You Wanted to Know About WiFi Rogue Access Points

INFORMATION ASSURANCE DIRECTORATE

How To Protect A Wireless Lan From A Rogue Access Point

The next generation of knowledge and expertise Wireless Security Basics

Wireless Vulnerability Assessment For: ABC

Windows 7 Virtual Wi-Fi: The Easiest Way to Install a Rogue AP on Your Corporate Network

Basic Computer Security Part 2

Ensuring HIPAA Compliance in Healthcare

Certified Wireless Security Professional (CWSP) Course Overview

Wireless Threats To Corporate Security A Presentation for ISACA UK Northern Chapter

Automatic Hotspot Logon

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

Wireless Network Best Practices for General User

Connecting to Wireless networks and hotspots

Using Microsoft Vista and Windows XP to Manage Wireless Network Connections

Nokia E90 Communicator Using WLAN

WHITEPAPER. Wireless LAN Security for Healthcare and HIPAA Compliance

Setting up a SQ20xx WIFI and Laptop for a Peer-to-peer (Ad-hoc) connection

Don t Let Wireless Detour Your PCI Compliance

Designing, Securing and Monitoring a/b/g/n Wireless Networks

PCI Solution for Retail: Addressing Compliance and Security Best Practices

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ ITMC TECH TIP ROB COONCE, MARCH 2008

Security in Wireless Local Area Network

BSc (Hons.) Computer Science with Network Security. Examinations for 2011/ Semester 2

Using Wireless Technology Securely

GW-1. Product Application Guide. Commercial Guest Internet Access. Your HotSpot Service Partner

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

Recommended Wireless Local Area Network Architecture

The Ministry of Information & Communication Technology MICT

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example


AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Securing your Linksys Wireless Router BEFW11S4 Abstract

Robust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been

How To Use The Lutron Home Control+ App On An Ipad Or Ipod

MaaS360 Mobile Service

Connecting your Aiki phone to a network

WIRELESS NETWORKING SECURITY

Ensuring HIPAA Compliance in Healthcare

Wireless Local Area Network Deployment and Security Practices

AXIS 207W Network Camera Technical Information

Common Use Systems and PCI Compliance

Connecting to Wireless in Windows Vista

University of Hawaii at Manoa Professor: Kazuo Sugihara

IdentiFi and Eduroam Roaming Wireless Service Integration CONFIGURATION GUIDE

PCI Wireless Compliance with AirTight WIPS

WiFi-SB-L3 300M WiFi Router WiFi Bridge WiFi Repeater. WiFi Router WiFi Repeater WiFi Bridge WiFi-SB-L3 Quick Setting Guide

TECH BULLETIN NETGEN1 DOOR CONTROLLER WI-FI NETWORK CONFIG

1 Preventing Devices from Connecting to Unsecure Wireless Networks

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

Why Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation

Home WiFi & Networking: Best Practices

Wi-Fi, Health Care, and HIPAA

SwannSecure Monitoring System

The LimitlessLED Wifi Bridge 4.0 is compatible with RGBW(new), RGB(old), and Dual White(current) LimitlessLED lightbulbs.

Best Practices for Outdoor Wireless Security

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance

WHITE PAPER. Best Practices for Wireless Network Security and Sarbanes-Oxley Compliance

INFORMATION TECHNOLOGY. Revised May 07. Home Networking Guide

Cellular Data Offload. And Extending Wi-Fi Coverage. With Devicescape Easy WiFi

Running Head: WIRELESS NETWORKING FOR SMALL BUSINESSES. Wireless Networking for Small Businesses. Russell Morgan. East Carolina University

Charleston to Houston (Hobby) CHS - HOU Chicago Midway to Austin MDW - AUS Chicago Midway to Boston Logan MDW - BOS Chicago Midway

Wireless Security for Mobile Computers

Using Web Security Services to Protect Portable Devices

How To Protect Data From Attack On A Network From A Hacker (Cybersecurity)

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

RTX41xx. Wi-Fi Module

Transcription:

Wireless Vulnerability Management Wireless Vulnerability Assessment Airport Scanning Report Part - II A study conducted by: AirTight Networks, Inc. www.airtightnetworks.com 2008 AirTight Networks, Inc.

About This Study Background Airtight Networks released the results of its airport wireless vulnerability scan study on March 3, 2008 This follow-up expands the scope by adding vulnerability reports of more airports across the world The Goal To assess adoption of security best practices at Airport s Wi-Fi networks To assess information security risk exposure of laptop users while they are transiting through airports Page 2 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Study Methodology Visited 13 new airports world-wide (9 in US, 2 in Europe, 2 in Asia-Pacific) USA: New York (JFK), Washington (IAD), San Antonio (SAT), Fort Lauderdale (FLL), Dallas (DAL), Seattle (SEA), Omaha (OMA), Chicago (MDW), San Diego (SAN) Europe: Southampton (SOU), Dublin (DUB) Asia/Pacific: Bangkok (BKK), Pune (PNQ) Scanned Wi-Fi signal for 5 minutes at a randomly selected location (typically a departure gate or lounge area) Total number of APs found = 318 and Clients = 311 Page 3 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Previous Study Key Findings & Implications Evidence Study Findings Critical Airport systems found vulnerable to Wi-Fi threats ~ 80% of the private Wi- Fi networks at Airports are OPEN / WEP! 1 2 3 Data leakage by both hotspot and non-hotspot users Only 3% of hotspot users are using VPNs to encrypt their data! Non-hotspot users found leaking network information Viral Wi-Fi outbreak continues Over 10% laptops found to be infected! Page 4 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

New Study Findings The same pattern of wireless vulnerabilities were found at all airports again Vulnerabilities in the core systems at airports more wide-spread than previously assessed Several airports seem to be using WEP-based baggage tracking systems Insecure configuration practices observed APs with out-of-the-box default configuration Open/WEP APs with hidden SSIDs Page 5 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Wireless Vulnerabilities Revisited AP Encryption Majority of APs are OPEN ~ 64% A significant number of WEP installations are visible ~15% Only 21% APs are using WPA/WPA2 The ideal break-up: Hotspot APs OPEN Non-hotspot APs WPA/WPA2 Page 6 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Wireless Vulnerabilities Revisited Viral SSIDs The spread of viral SSIDs is seen at European airports too Both SOU and DUB airports had viral SSIDs present Free Public WiFi is the most common viral SSID Seen at 8 out of 13 newly scanned airports An active ad-hoc network of 4 users was found at the DAL airport The users were security-conscious they were using WEP! Page 7 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Viral SSIDs Spread to Europe Viral SSIDs spread to Europe! Free Public WiFi found at all major airports! Page 8 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Airport s Critical Systems are Vulnerable Previous study reported one instance of baggage system using WEP (at SFO) New evidence confirms that this occurrence is quite prevalent Similar vulnerabilities spotted at JFK and IAD airports Wireless APs possibly used for baggage handling are using WEP. E.g. bagscanjfkt1 (JFK), bagscanlhiad (IAD) Page 9 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

JFK Baggage Scan Possible baggage handling system Page 10 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

IAD Baggage Scan Possible baggage handling system Page 11 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Bangkok Customs and Baggage Scan Possible baggage handling system Customs network! Page 12 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Clients Found Connected to Open Customs Network at Bangkok 2 Clients found connected to Customs network Page 13 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Insecure Practices Observed APs with default configuration in use! Over 30% airports have one or more APs with default configuration (which are always insecure) This not only suggests that security practices were overlooked but these APs can inadvertently also act as Honeypots SSID Encryption Location Linksys (1 Client connected) OPEN Continued reliance on Hidden SSIDs for security! Over 40% security conscious users still continue to use Hidden SSIDs instead of using WPA/WPA2 JFK Linksys WEP SAT Default (2) WEP BKK Linksys OPEN DAL Linksys OPEN BKK Page 14 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Call for Action Airport Authorities Airport Authorities and Airlines need to secure their private Wi-Fi networks Secure legacy Wi-Fi enabled handheld devices being used for baggage handling Use at least WPA for Wi-Fi enabled ticketing kiosks Protect the Airport IT networks against active Wi-Fi attacks Page 15 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

Call for Action Wi-Fi Hotspot Users Do not connect to Unknown Wi-Fi networks (e.g. Free Public WiFi ) while at the airport or any other public places Be aware of your Windows Wi-Fi network configuration Periodically inspect your Windows Wi-Fi network configuration Remove unneeded Wi-Fi networks from your Preferred list Do not use computer-to-computer (ad-hoc connectivity) while at public places such as airports Business Travelers - Use VPN connectivity while using hotspot Wi-Fi networks Turn OFF your Wi-Fi interface if you are not using it! Page 16 Wireless Vulnerability Management 2008 AirTight Networks, Inc. Proprietary & Confidential.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information