Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Vulnerability Management  2008 AirTight Networks, Inc. Wireless Vulnerability Assessment – Airport Scanning Report Part - II A study conducted.

Published byKerry Matthews Modified over 9 years ago

Similar presentations

Presentation on theme: "Wireless Vulnerability Management  2008 AirTight Networks, Inc. Wireless Vulnerability Assessment – Airport Scanning Report Part - II A study conducted."— Presentation transcript:

1 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Wireless Vulnerability Assessment – Airport Scanning Report Part - II A study conducted by: AirTight Networks, Inc. www.AirTightnetworks.com

2 Page 2 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. About This Study The Goal  To assess adoption of security best practices at Airport’s Wi-Fi networks  To assess information security risk exposure of laptop users while they are transiting through airports Background  Airtight Networks released the results of its airport wireless vulnerability scan study on March 3, 2008  This follow-up expands the scope by adding vulnerability reports of more airports across the world

3 Page 3 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Study Methodology  Visited 13 new airports world-wide (9 in US, 2 in Europe, 2 in Asia-Pacific) USA: New York (JFK), Washington (IAD), San Antonio (SAT), Fort Lauderdale (FLL), Dallas (DAL), Seattle (SEA), Omaha (OMA), Chicago (MDW), San Diego (SAN) Europe: Southampton (SOU), Dublin (DUB) Asia/Pacific: Bangkok (BKK), Pune (PNQ)  Scanned Wi-Fi signal for 5 minutes at a randomly selected location (typically a departure gate or lounge area)  Total number of APs found = 318 and Clients = 311

4 Page 4 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Previous Study Key Findings & Implications 123 Critical Airport systems found vulnerable to Wi-Fi threats Data leakage by both hotspot and non-hotspot users ‘Viral Wi-Fi’ outbreak continues ~ 80% of the private Wi- Fi networks at Airports are OPEN / WEP! Only 3% of hotspot users are using VPNs to encrypt their data! Non-hotspot users found leaking network information Over 10% laptops found to be infected! Evidence Study Findings

5 Page 5 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. New Study Findings  The same pattern of wireless vulnerabilities were found at all airports again  Vulnerabilities in the core systems at airports more wide-spread than previously assessed Several airports seem to be using WEP-based baggage tracking systems  Insecure configuration practices observed APs with out-of-the-box default configuration Open/WEP APs with hidden SSIDs

6 Page 6 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential.  Majority of APs are OPEN ~ 64%  A significant number of WEP installations are visible ~15%  Only 21% APs are using WPA/WPA2 The ideal break-up: Hotspot APs– OPEN Non-hotspot APs– WPA/WPA2 The ideal break-up: Hotspot APs– OPEN Non-hotspot APs– WPA/WPA2 Wireless Vulnerabilities Revisited – AP Encryption

7 Page 7 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Wireless Vulnerabilities Revisited – Viral SSIDs  The spread of viral SSIDs is seen at European airports too Both SOU and DUB airports had viral SSIDs present  Free Public WiFi is the most common viral SSID Seen at 8 out of 13 newly scanned airports  An active ad-hoc network of 4 users was found at the DAL airport The users were security-conscious – they were using WEP!

8 Page 8 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Viral SSIDs Spread to Europe “Free Public WiFi” found at all major airports! Viral SSIDs spread to Europe!

9 Page 9 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Airport’s Critical Systems are Vulnerable  Previous study reported one instance of baggage system using WEP (at SFO)  New evidence confirms that this occurrence is quite prevalent  Similar vulnerabilities spotted at JFK and IAD airports Wireless APs possibly used for baggage handling are using WEP. E.g. bagscanjfkt1 (JFK), bagscanlhiad (IAD)

10 Page 10 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. JFK Baggage Scan Possible baggage handling system

11 Page 11 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. IAD Baggage Scan Possible baggage handling system

12 Page 12 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Bangkok Customs and Baggage Scan Possible baggage handling system Customs network!

13 Page 13 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Clients Found Connected to Open Customs Network at Bangkok 2 Clients found connected to Customs network

14 Page 14 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Insecure Practices Observed  Continued reliance on Hidden SSIDs for security! Over 40% security conscious users still continue to use Hidden SSIDs instead of using WPA/WPA2  APs with default configuration in use! Over 30% airports have one or more APs with default configuration (which are always insecure) This not only suggests that security practices were overlooked but these APs can inadvertently also act as Honeypots SSIDEncryptionLocation Linksys (1 Client connected) OPENJFK LinksysWEPSAT Default (2)WEPBKK LinksysOPENDAL LinksysOPENBKK

15 Page 15 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Call for Action – Airport Authorities  Airport Authorities and Airlines need to secure their private Wi-Fi networks Secure legacy Wi-Fi enabled handheld devices being used for baggage handling Use at least WPA for Wi-Fi enabled ticketing kiosks Protect the Airport IT networks against active Wi-Fi attacks

16 Page 16 Wireless Vulnerability Management  2008 AirTight Networks, Inc. Proprietary & Confidential. Call for Action – Wi-Fi Hotspot Users  Do not connect to Unknown Wi-Fi networks (e.g. “Free Public WiFi”) while at the airport or any other public places  Be aware of your Windows Wi-Fi network configuration Periodically inspect your Windows Wi-Fi network configuration Remove unneeded Wi-Fi networks from your “Preferred” list  Do not use computer-to-computer (ad-hoc connectivity) while at public places such as airports  Business Travelers - Use VPN connectivity while using hotspot Wi-Fi networks  Turn OFF your Wi-Fi interface if you are not using it!

Download ppt "Wireless Vulnerability Management  2008 AirTight Networks, Inc. Wireless Vulnerability Assessment – Airport Scanning Report Part - II A study conducted."

Similar presentations

Brute Force Attack Against Wi-Fi Protected Setup

Brute Force Attack Against Wi-Fi Protected Setup
Wi-Fi Technology.

Wi-Fi Technology.
A Study Conducted by AirTight Networks Wireless Vulnerability Assessment: Airport Scanning Report www.airtightnetworks.net.

A Study Conducted by AirTight Networks Wireless Vulnerability Assessment: Airport Scanning Report
“All your layer are belong to us” Rogue 802.11 APs, DHCP/DNS Servers, and Fake Service Traps.

“All your layer are belong to us” Rogue APs, DHCP/DNS Servers, and Fake Service Traps.
OPSEC Awareness Briefing Man-In-The-Middle Attacks (MITM)

OPSEC Awareness Briefing Man-In-The-Middle Attacks (MITM)
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein

Security Issues in large scale wireless and VoIP deployment Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
Lack of Security in Hotspots/Wi Fi Areas Yin Wai ISM 158 4/27/10.

Lack of Security in Hotspots/Wi Fi Areas Yin Wai ISM 158 4/27/10.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 Security Olga Torstensson Halmstad University.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wireless Networking. Wi-Fi or 802.11 Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.
Al Williams / DLT October 13,2009 https://wikispaces.psu.edu/display/~alw/Presentations.

Al Williams / DLT October 13,2009
 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.

 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.

Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.

Similar presentations

Ads by Google