Promiscuity And Wireless LANs

VB writes: "I saw this article at ZDNet "cleverly" entitled Hackers poised to land at wireless AirPort. We've probably all seen this coming, but, I'd be curious to see what people think about the possibility of securing a network that sends data through the air. What about promiscuous mode devices within range of transmitters, or satellite communications?"

this problem will never go away unless ...

This problem will never go away unless new security related technologys are shown to the crypto and security community for peer review before deployment. This is why I respected the recording industry when they asked for SDMI to be tested.

Re:Oh, great

Ho hum. Not a single argument that was not completely predictable. Oh well, guess I'll have to restate the obvious for your benefit.

Thus we have total expected storage requirements of ~45 GB, and a total running time of 400 hours to decrypt all future traffic on the network

That's a non-trivial effort. Do you think the average script kiddie is going to take their wireless-equipped laptop, with 45GB worth of storage, and go sit within range of the target network for 400 hours, and then apply all the compute power to crack the keys? Dream on. Yes, some people can do this, but those are specialized organizations devoted to this kind of task - not random script kiddies.

Do you understand the term "script kiddie" at all?

Yes, I do, thanks very much for asking. Do you? One of the things about script kiddies that you seem to have missed is that the programs they like to use are relatively easy to write and don't care very much about the exact flavor of the underlying hardware. The "confusing the firmware" exploit we're talking about would have to be repeated for every hardware/firmware combination, and would not be at all easy to write. Half of this hardware doesn't even work on Linux due to lack of driver support. Do you really think more skill and effort will be applied to "confusing the firmware" than has been to unconfusing it and getting it to work? Again, dream on.

Of course, you're right that all it takes is one person to write the program and thousands to use it, but it might still take a while before that one person gets done. With a responsible approach to security, it might have taken them long enough that the vendors would already have plugged the holes by the time the exploit code was ready.

Your hope that equipment manufacturers address this problem is probably misgiven

That's your opinion. Please back it up.

Do you really think it's that hard for vendors to incorporate a 4096-bit cryptographically secure certificate into the firmware image, such that the card will refuse to operate if the certificate is invalid? Think again. I've worked on firmware, and this is the easiest thing in the world for them. Lots of cards have to decompress their firmware as part of the bootstrap procedure anyway; once you're decompressing, it's trivial to add validation. There is no need for the "hardcoded drivers" (what an absurd concept) or other strawmen you suggest.

However, I do know that if this protocol was indeed opened up to peer review as you seem to suggest (without any evidence)

It's an IEEE standard, moron. Do you know what that means? The IEEE goes to extraordinary lengths to solicit and incorporate input from interested parties, many of whom I'm sure are pretty well qualified in their fields. We're not talking about some obscure closed trade group here. IEEE standards are in many ways more open than the not-really-standards of open source. Without IEEE standards we probably wouldn't be talking. How do you think your packets get to slashdot? In large part you owe thanks to IEEE for that.

It's your claim, that the process was somehow not open, that is absurd and that requires proof. Get to it.

Frankly, I can't believe that any serious peer review wouldn't flag the problems....

You just don't know anything about peer review, do you? How many of these sorts of activities have you participated in? The fact is that when you're dealing with complex new technology people sometimes make mistakes. Sometimes the mistakes are real howlers in retrospect. That's life. How many problems do you suppose these guys anticipated and dealt with that you would have flubbed if you'd been in their place? It's really easy to jeer from the peanut gallery, with full benefit of hindsight, but really people who do that are just being pricks.

• The right thing to do would have been to alert the equipment manufacturers, discreetly, and let them decide how they want to alert their customers

This is so beyond ludicrous I'm not even going to touch it.

No, really, try to give us a responsible rebuttal, instead of trying to substitute sneering for reasoning. Try, anyway. What you dismissed so flippantly is actually a very hot issue among security professionals: who gets to find out first?

Now, I knew when I suggested it that the "tell the vendors" approach wouldn't be very popular here on ScriptKiddieDot, but that doesn't make it a troll (and neither does calling it one). It's worth considering how this audience differs from the Real World. For one, the attitude here is "openness at all costs". There's no room allowed for discretion or careful handling of delicate issues. No, I'm not talking about "security through obscurity" because that never works. What I'm talking about is giving the vendors a reasonable timeframe in which to fix problems before letting every black hat in the world have the info. Let's face it, for every white hat on this site there are probably a hundred black hats, and I doubt that there's a single person involved in this discussion in a position to do good rather than harm with this information. How do you think it benefits anyone but the script kiddies to publicize this problem in this fashion? It doesn't help the problems get fixed any faster, it just maximizes the damage that gets done before the problem is fixed. Screw your "information wants to be free" dogma, and think about social implications for once.

In case you missed it the first time, and the second time, let me repeat a third time: I agree that there's cause for concern in this. Nobody's disputing that. What pisses me off is that people are trying to enhance their own images by panicmongering. The actual security threat here has not been shown to be effectively distinguishable from zero, and yet these people are acting like any semi-literate cracker might already have everyone's credit card numbers. Believe me, we're all threatened much more by existing security problems in the wired network than by any implications of these findings. If there's one thing that's obvious from all this, it's that the biggest security problem is people not even using the security facilities available to them.

Hmm

Promiscuous devices sending matter flying through the air?

Are you sure this is suitable for a family website?

IPSec

with implementations available for linux, bsd, and win2k, is the answer. More information can be found with a google search. [google.com]

Re:IPSec

No it is not. The dynamic key infrastructure and the stack itself are not 100% stable yet. The reason is that due to various vendor intrigues the highly efficient mechanism for dynamic key management initially implemented in early 2.x OpenBSDs (firefly) was replaced by the current one. The PKI for the current one is horrible and noone besides OpenBSD and a handfull of commercial products implements the entire thing. For example linux does not.

Of course, for a house network you can use static keys. But if you are down to static keys something more simple like cipe or windows PPTP services will do the job anyway. Also in the former (cipe) case you can use blowfish which means much lower overhead.

Re:Wireless Worthlessness

One day someone figured out that packet sniffers can be used on the network to see other people's POPmail passwords and AIM conversations, as well as whatever websites they are at. It is genuinely disturbing. However, I am terrified of telling our administration about this because of a kill-the-messenger syndrome.

Why not just send the message anonymously via the administrations' own mail accounts? That would get their attention.

For more info than you ever want to know...

Visit the isp-wireless mailing list and associated archives at http://isp-lists.isp-planet.com/isp-wireless/
.

These guys eat and breathe this stuff 24/7... they have to. And they love to share knowledge.

-Chris
...More Powerful than Otto Preminger...

Re:Security of Wireless vs. Wired

The threat is more than you think. I worked for a big networking company (they should know better) whose internal network was completely firewalled from the Internet (they did a very good job in this area) However, they were falling over themselves to get wireless installed and guess where it went first? That's right - the executive suites tied right into the internal LAN. The execs HAD to have their laptops connected. We used high gain antennas to ensure the R&D building was completely covered. Anyone who parked near the building and intercepted an SSID or had the knowledge to hack in could have walked away with their email, passwords, you name it. I honestly don't think WEP was enabled because it was still 'in development' and we were waiting for firmware releases. But they wouldn't let us wait. I hear that the 2nd generation deployment is a little more secure, but you are kidding yourself if you think this was an isolated incident. The potential for commercial spying is huge since wireless (like all the other gizmos) hit the executives first. And those of you talking about limited range - not quite. I use 802.11 to share my pipe with the inlaws next door. Next door is about 500 feet away through the woods. But the signal strength is great and I'm just using the std antennas, not a high gain patch. So it goes farther than you think outside, even when it seems like its really weak inside at short distances.

Don't get me wrong - I love 802.11b and use it all the time. But I use WEP and my access points are on an isolated LAN tied to an IPSec box which allows me to get to my internal firewalled LAN. Sure, throughput is an issue, but in those cases, I get my ass off the couch and sit at my desktop! :)

More Popular Than You'd Think

Last weekend I was in Boston and it was hard to find a place where I didn't have access to someone's wireless network. Just drove around the back bay and at stop lights would check out my laptop. Most of the time I had a usable signal (typically 20% strength, 90% quality according to the software that came with my card). And I never had to do anything- no trying to find the SSID, no hacking WEP keys, it just worked.

The coolest part is, each time I was on someone's LAN, on the fun side of their firewall. Joy.

Re:Or encryption?

There are 3 major problems with WEP (which stands for "Wired Equivalanet Privacy," BTW. I will list them in order of increasing severity.

1) Key distribution. If you aren't the only person on the network, getting the key out to other people is a non-trivial task and can be the weakest link.

2) 40-bit - the standard WEP keysize is completely insufficient and can be cracked in relatively no time. 128bit versions of the hardware are available, however, so this is an improvement.

3) This is the biggie - the WEP authentication protocol relies on DNS and is therefore prone to massive man-in-the-middle attacks. There is a paper by Jesse Walker called "Wireless LANs Unsafe at Any Key Size; and analysis of the WEP encapsulation" that I encourage everyone to read.

WEP is especially dangerous because it establishes a false sense of security that cause people to be more willing to send sensitive data over the network. You still need to use some other encryption method on to of WEP - even at best it gives the privacy of a standard ethernet LAN.

Other technologies are under development to improve the state of wireless security, such as the IEEE 802.11 Task Group E, which is trying to develop an authentication scheme suitable for 802.11 wireless networks, or the IEEE 802.1x protocol which will do similar things at a more generic level.

There is no existing good solution to the wireless problem (PPPoE hacks aside).

-Alison

Re:Wireless lans a hacking tool. 802.11 planted on

Computers don't hide in the wall as easy due to size, ventillation issues, noise, vulnerability to dust, etc.

I can build a PC to do the job that's the size of a rubik's cube; Or I can use an off-the-shelf libretto. One would need an additional filter to solve the dust problem, assuming the machine has active cooling, which is not a safe bet at all.

Real taps leave evidence behind, fingerprints, DNS, etc. And of course, someone has to "plug in" from time to time to collect their spoils. Wireless just makes all the more harder to detect.

1. Ever heard of latex gloves?
2. The machine is on the network anyway. You can always have it send any interesting-looking data to you though a form submission.

There are strict regulations of the production, sale, and use of "spy devices". These cover telephone taps, hidden cameras, etc. Should computer networks not also be included in this?

A telephone tap is depressingly easy to make in your home. A "hidden camera" is regulated, but a CCD camera which is about 3cm long and is on a PC board approximately 3cm square is not controlled, and can be hidden in all sorts of interesting devices, like smoke detectors. So, no. This is a networking device. People who don't set up their network for security are bound to be in trouble. If you have a switch (If you're too small to have a switched network, no one cares about your data) with any intelligence at all, you can limit the mac addresses which can live on it; Or in some cases, the IP addresses. True, macs can be changed, but this allows some reasonable security.

And making crypto work invisibly across Windows, Macs, Linux, etc. is just impossible. There needs to be some controllable space that is considered "secure".

Most companies will only have to care about crypto between windows and windows. Some will have to care about windows to unix. More than that will probably be more concerned about unix to unix. Very few will be worried about encryption to their macs, since most shops use macs to feed their artists. WindowsWindows and UnixUnix encryption isn't so tough. WindowsUnix is fairly doable. Anything else is just icing.

--

Not quite correct...read on

Frequency hopping is basically like an ordinary radio transmitter which is tuned to a different frequency every 100ms or whatever your rate is. The signal strength on each frequency is max, and if you know the hop sequence, you can follow the signal.

Direct Sequence does not hop!! It takes the input signal and combines it with a long chipping sequence in such a way that what was a peak at one frequency becomes a very low broad signal. The military like this because you can get the whole signal to lie at a lower level than rf noise - making it an absolute bugger to find, let alone read. The radio for these is much more expensive but the price is coming down.

Most of the major manufacturers sell both kinds - Symbol and Cisco being the two top brands. Symbol's kit is rebadged by people like 3Com, and Cisco bought Aironet or Telxon, before Symbol bought Telxon. Lucent do quite a good 11Mbit/s Point to Point link as well.


Frog51

Promiscuous

"What about promiscuous mode devices within range of transmitters, or satellite communications?"

Sounds like my last experiance at a bar........

Re:Oh, great

I took another look at the link to the paper [berkeley.edu] provided in cid #13 (thanks!) and here are some observations.

The first attack follows directly from the above observation. A passive eavesdropper can intercept all wireless traffic, until an IV collision occurs.

"IV" is "initialization vector" and is the same as what is elsewhere called a "salt". The IV is 24 bits; in a previous paragraph the authors had calculated that for a access point an IV is likely to get reused after about five hours. From this we're apparently supposed to conclude that it's a trivial matter to store every packet until an IV collision occurs, and then use the contents of both packets to recover plaintext. They even seem to be aware that two packets often won't be enough, but fail to mention that you need to save and search another five hours' worth of peak-bandwidth traffic to get anywhere in that case.

To be fair, they do point out a pretty serious flaw in a particular implementation of 802.11b, specifically Lucent's, which sets the IV to zero when the card is initialized and merely increments it for each packet. That does indeed make life way too easy for crackers.

we have been able to successfully intercept WEP-encrypted transmissions by changing the configuration of the drivers. We were able to confuse the firmware enough that the ciphertext (encrypted form) of unrecognized packets was returned to us

I would say that this is likely to be well beyond the capabilities of most script kiddies, and is probably pretty easy for 802.11b equipment vendors to address.

Many 802.11 products come with programmable firmware, which can be reverse-engineered and modified to provide the ability to inject traffic to attackers. Granted, such reverse-engineering is a significant time investment (we have not done this ourselves)

Damn right they haven't. Writing drivers is enough of a pain when the hardware engineer is sitting right next to you. It's harder when you have no access to hardware docs, and harder still when the hardware vendor might actively be attempting to thwart your efforts.

The real problem is not in the paper itself, though, but in the way it was reported. Consider this conclusion, from the paper:

The protocol's problems is a result of misunderstanding of some cryptographic primitives and therefore combining them in insecure ways. These attacks point to the improtance of inviting public review from people with expertise in cryptographic protocol design; had this been done, the problems stated here would have surely been avoided.

Yeah, like there have never been any problems discovered in crypto products from the self-appointed experts. Uh huh. But I'll let that slide. Now, for contrast, here's an excerpt from the ZDnet article:

."During the design process, the crypto community wasn't invited to participate," says Goldberg, now chief scientist at Zero Knowledge Systems Inc., a privacy-software firm in Montreal.

That's a pretty inflammatory statement, and apparently not far from being an outright lie. It was irresponsible (or possibly venal) of Ian Goldberg to make such a statement, and doubly so for WSJ's Jared Sandberg. As I said before, there is a matter for serious concern here, but the scaremongering from these people is not helping. The right thing to do would have been to alert the equipment manufacturers, discreetly, and let them decide how they want to alert their customers.

Wireless lans just asking to be hacked

A wireless lan can be tapped by anyone with a radio and some electronics skills. The only way to secure it is with encryption. But of course, as we saw with ssh, even encrypted protocols arent totally secure. Wireless lans would probably be useful, but for a security minded user, they are completely useless. Of course, that won't stop high sales from people who just don't care about people downloading whatever they happen to be saying on IRC, but i'll be sticking with ugly wires for now =)

Direct link and my experiences

Some information about their analysis [berkeley.edu] is available.

Personally, I wasn't counting on WEP anyway, which is why I didn't bother buying the Lucent Gold cards. I just wish IPsec were more common, so that I wouldn't have to tunnel quite so much through ssh.

Of course, then there are unencrypted wireless networks like the ones at USENIX. Dug Song's presentation on dsniff [monkey.org] was a big hit; look for the "Passwords Found on a Wireless Network" paper. (PostScript only, sorry.)

a new cottage industry

Hepa filters for wireless network traffic...

*Shrug*

E.
www.randomdrivel.com [randomdrivel.com] -- All that is NOT fit to link to

WaveLAN Security

You'd be surprised the fun which goes on at conferences such as RIPE and IETF when WaveLAN virgins get onto the network and realise it isn't secure.

You might have heard of a guy called Randy Bush, whose favourite party trick at such events is to sniff the WaveLAN, and email out to captured POP3 usernames their own password with the message 'Be careful with radio!'. It's not even a switched network as a default install.

Setting up some sort of VPN using PoPToP isn't a bad idea in such cases, although WaveLAN does have some security built into it. Personally I use the Buffalo Technology kit which seems to work for 'doze, BSD and Linux.

I've heard rumours that if you wander through Stockholm's business district or through the Square Mile in London, if you're in promiscuous mode you can pick up all sorts of transmissions and a large number of DHCP servers offering IPs to anyone who gets the ESS ID right.

Hope this helps someone. Just be careful out there ;)

Wireless lans a hacking tool. 802.11 planted on me

One day, while tracing a network cable, I came across a D-Link 802.11 base station hidden inside the ceiling just above the network wiring closet. No one knews who put it there nor how long it had been there. The mfg date on the device was 1998, so it couldn't have been longer than that, but still...

This is scary shit.

It takes 10 seconds to plug one of these into your network and a power outlet and you're instantaneously wide open, without knowing it. And if you've got network outlets all over your building, it's just that much easier for you to be "bugged", especially since network outlets often appear in rooms not considered to need securing, like lobbys and waiting rooms and such.

If you're a sysadmin in a really large building, can you really know that every RJ45 jack is being used legitimately? If the spy device is listen -> xmit only, and ignores arp requests, it is invisible other than one extra link light among hundreds on the rack or on some distant hub/switch.

Wireless Worthlessness

My high school [k12.mn.us] is one of the first in the country to use Apple's AirPort wireless technology in the classroom. We all have Apple iBooks. Everyone uses AOL Instant Messenger in class all day long. :-)

One day someone figured out that packet sniffers can be used on the network to see other people's POPmail passwords and AIM conversations, as well as whatever websites they are at. It is genuinely disturbing. However, I am terrified of telling our administration about this because of a kill-the-messenger syndrome.

Let me just say that this is one of the most ridiculously insecure technologies in the world, just waiting for the packets to be pulled down out of the air with a packet sniffer program like EtherPeek. People have been doing this for months around here.

This is just a school. It's terrifying to think that the world's important financial institutions rely on this technology's security.

--

Re:Narrow beam antennas and gain

I agree on the impact of using high gain antennas for sniffing. A wireless port has a short 1/4 or 5/8th wave antenna which usualy has a gain of less than 6 DB because of it's non directional signal.

Every 3 DB gain doubles the power recieved. Every 6 DB increase in antenna gain doubles the distance. (line of sight not over the horizon) A narrow beam dish antenna (old c-band TV dish) can have a gain over 36 DB.

If your 6 DB laptop has a range of 500 feet, the guy with the dish has 30 DB more receiving power and will get the same signal you get but from 16,000 feet. He doesn't have to be in your parking lot to sniff you. He just needs a reasonably clear line of sight. Do not be fooled thinking the range a low non directional antenna provides is all the further your signal travels. It isn't. It gets 6 DB weaker every doubling the distance it travels.

It may become too weak for you, but not for a high gain directional antenna. This gain is why a dish antanna can pick out one of many satelites spaced every 6 degrees in the sky over the equator that is transmitting with 50 watts per transponder 22,000 miles away.

Re:Or encryption?

WEP is especially dangerous because it establishes a false sense of security that cause people to be more willing to send sensitive data over the network.

Don't single out WEP for this problem. You run this risk with any security measure. To quote Bruce Schneier, security is a process, not a product. Not that I disagree with your general argument.

__________________

Security of Wireless vs. Wired

I see minimal additional threat being generated from wireless networks. Wireless networks tend to be short range. Several college campuses and business have them, but wireless can only do so much and only transmit so far. Vulnerability is localized, not global like over wireless' wired cousin.

You still need a wired network regardless. And the hacking opportunities are better on a wired network. Several factors prevent hacking from being a viable activity over a wireless network. Low bandwidth is the most obvious. There are some implications for a denial-of-service attack, but these will affect end users, not servers, and with triangulation, it shouldn't be too hard to figure out who is jamming the signal.

The biggest thing is you need a good parity algorithm to account for data loss and encryption to prevent people from picking up sensitive data. However, I dismiss the claim that there is more exposure on a wireless network then a wired one, and hopefully you are using encryption when you give your credit card over the net anyway.
----------------------
Kurt A. Mueller
kurtm3@bigfoot.com
PGP key id:0x75D2DCCD

Oh, great

I think a lot of people just don't realize how wireless networking can change the way you feel about computing. Until you've actually surfed from the couch, continued reading on a laptop while you get a drink out of the fridge - or even take a leak - all unencumbered and uninterrupted, I don't think you can fully appreciate the difference. It's amazing to think how accustomed we had all become to the limitations of wired connectivity.

Now this comes along. Right or wrong technically, real or imaginary, this will slow adoption of wireless networking technology. The risk-averse business types who make decisions about deployment will hesitate, so there will be fewer access points both within organizations and in public spaces (hotels, airport lounges, and so on). Companies will forbid their employees to use wireless networking when on the road, or simply not provide the equipment necessary for them to do so. I expect email from our own IT department any moment telling me that wireless is off limits until "investigation of this matter is complete" (which will take months).

All this loss of convenience occurs because a bunch of people who felt left out of a public IEEE standardization process have said the sky is falling. If you read the article, you'll notice that there's practically no real information that would allow anyone to judge how serious the risk really is, and there's a lot of scaremongering about how easy it will be for "script kiddies" to get the right software. How about the hardware? Yes, folks, you need extra hardware to do this, and you also need to be physically proximate to the target. I'm not at all convinced that the script kiddies will be able to take advantage of this hole - whatever it really is.

Yes, it sucks that there's any hole of any size in WEP, and even if the script kiddies can't exploit it the professional crooks might, but the sensationalistic way this is being reported is simply not responsible.