Sat, 22 Jul 2006
Wireless Security Flaws
This workshop was absolutely shocking. It focused on backbone level Internet
routing protocols and IP hardware management protocols being broadcast over
802.11 frequencies in urban areas. Absolutely insane. It reminded me of an
eariler workshop where someone spoke of a client who had a 802.11 signal
bridging his co-lo'd servers subnet over a river to his main office, including
VoIP traffic! Raven, Eric and Brandon described how they have decoded packet
captures with
OSPF,
BGP and other kinds of
IGP traffic.
This stuff can effect thousands of users if it's working incorrectly. Putting
it over radio waves is just stupid, so why are people doing it?
They offered no answer for this question, just confirmation that time and time
again new packet captures are sent to their
public email address containing
this traffic. I can't stress how stupid this is. If something happens to the
network broadcasting this traffic, whole chunks of the Internet can dissapear!
The next part was about IP level device management protocols found on the air.
Namely SNMP and sometimes even telnet. IP devices include switches, firewalls
and routers. Many of these devices have no crypto or require a service contract
and firmware update to add crypto. Cisco is notorious for this.
So how does one obtain packet captures? With open source software of course!
Ethereal can capture any kind of
ethernet traffic, while
Kismet can
capture any kind of 802.11 traffic over your radio. Both save captured packets
to a file on disk which you can decode later.
posted at: 23:55 | path:
/hopenumbersix |
permanent link to this entry
Lockpicking
Locking picking is an ancient tradition. The concept is that a lock is a metal
passage that has a bunch of bars running parallel to the passage. The bars are
different sizes so when you insert a key, it presses the bars out of the way
and the lock opens. This is obvious. What isn't obvious is that it's extremely
simple to bypass or simply fake a key with some cleverness.
I was only interested in this workshop because I have a bicycle lock with a
lot
of history behind it. The current revision has changed the entire system to
a non-tubular design sometimes used in safes. This lock requires much time and
special skills to pick and would probably not be worth it for most potential
theievs.
The basic idea of lockpicking is not too different than any other kind of
security. You need a specialized tool for every job. But once you have those
tools any lock is worthless to whatever it's supposed to be securing. There is
a large
web community discussing all
aspects of lock picking.
The most interesting part of the demonstration was how a $35 fortified master
combination lock was bypassed with a small metal stick.
posted at: 18:34 | path:
/hopenumbersix |
permanent link to this entry
