Wow, this week went fast but I didn't get enough done. It is Thursday night and I have been sleeping pretty irregular hours. September 11th wasn't fun at all. I didn't get a chance to visit any protests because I was morning my friends. It took the readers four hours to read all the names of the deceased.
Tuesday I went to a wireless seminar given by the company
AirDefense, titled "Wireless Insecurity: Why Your Next Breach Will Be Over The Air (Next-Generation Attacks & Defenses". It was horrible and probably a good vendor to bring in for deficiency Buzzword competition. I thought it would cover the products that AirDefense produces but for some reason, Trapeze Networks were there. Now, if you don't work in wireless networking, you might not know that Trapeze is one of the bottom feeders of the business class wireless networks. They were even so uncool to bad mouth other vendors in their talk, not talking bad about features, but saying "And it's not like Cisco isn't hacked all the time". The CTO Amit Sinha started out by introducing the agenda, taking a survey and then pointed out some tools/flaw in wireless systems today. Some tools that he pointed out are true because they were for RF Jamming and Masquerade. On the other hand they left out talking about proper wireless configurations to avoid most wireless hacks. Amit Sinha then leaned into the growing demand for wireless and demographics of insecure wireless. He then went to the IEEE list of 802.11 extensions but he didn't cover the old wireless. He said wireless started with 802.11b but it actually didn't. Wireless started with 2Mb cards. He just was trying to baffle the audience with technical knowledge. I could see where this was going since they had Trapeze Networks there and going through slides, I knew what they were going to push. This is only 20 minute into the presentation. I figured I would wait for the break to leave so I was not rude. The CSO, Chief Security Officer, was up next going to talk about the current attacks. I figured I would see what he was talking about.
Now from the survey part of the seminar I saw that the crown said they were technical but not security minded. So I was wondering what level they would speaking. The CSO Richard Rushing introduced himself and went into the "Wireless Risks & Attacks, Part 1" segment of the presentation. The first slide talked about the characteristics of wireless LANs and how easy wireless was to attack as compared to wired networks. It didn't wow anyone who knew wireless networks. The second slide stated "What is the Real Security Problem?" He stated that wireless networks devices will always be a weak link. This of course isn't true since there is network security like 802.1x, when setup correctly, has not been penetrated yet. He went on to state that 802.11i was meant to fix this but "Needs new hardware" and "Needs much more management". I was shocked he was saying this because he seems to forget that most devices now offer AES encryption and most business class wireless (i.e.
Cisco,
Aruba) support 802.11i and do not require more management that other systems.
After talking about problems in securing wireless the CSO touched upon the
wigle.net database of wireless hotspots, detailing on how many SSIDs didn't have WEP or WPA. He failed to say that many SSIDs are not up anymore nor APs do not need WEP or WPA to protect access. Encryption will slow a network and is crackable. Lowest common denominators can secure through MAC or Captive Portal. He talked about going into a company and maybe going to a computer and changing it to a soft AP. He didn't talk about buying a $50 AP router/switch and MINM to the network.
This talk seemed to go on forever. From a talk that was scheduled for only 60 minutes, it was reaching 90 minutes easy. I started to get more and more fustrated at this guy because he referred to himself as a hacker. He showed off all this information he had found on the web but didn't demonstrate that he knew how to use it. He played with Ethereal and that was it. He talked about DoSing wireless and bought up
FakeAP, saying this is what hackers do do make it more confusing for the network. It would be hard to sit in Times Square and pick out one bulb because it is so busy. This is not true, the guys who created FakeAP created it to confuse people who try to use your AP as a hotspot.
He then covered 802.1x stuff. He said "802.1x Allows for connection to the AP". This is not always true, business class wireless will disconnect your session and put you on a blacklist if elected. He talked about Proxim APs how there was a backdoor that allowed access with WEP key 12345. Are you kidding me, who uses a proxim AP anymore. Then the thing that showed me that this was drink the koolaid time. He started talking about 802.1x. I never heard such crap that was so one sided. He talked about a computer running host AP after a DeAuthentication and DisAssociation could take over/hijack someone's session. I couldn't take it anymore, I raised my hand. I asked how can you say that someone could just light up a HostAP and Man-in-the-Middle the network. I continued, you can't just light up an AP because there are controls in an 802.1x network such as a supplicant with SSL cert checking and RADIUS communication. Also there is a RADIUS secret that the AP and the RADIUS share because the AP can authenticate with the RADIUS server. He stammered and then both the CSO and CTO asked if we can talk about this offline. I could tell that he didn't want to get called on his lies. He jumped to WPA hacking but didn't go into WPA's changes. He just talked about WPA-PSK (Pre-Shared Key) but not WPA-TKIP (Temporal Key Integrity Protocol), or AES. He breezed through that quickly because he knew that that would lead to more sales lies. He even received a question about WPA but kept it to PSK. He then went into devices like printers and other wireless devices not configured but this is where I had enough.
I have to tell you, if you want wireless for your business I suggest you go to Aruba or Cisco. They have architect tools to design your network and are better when it comes to security. Their talks are also better. Ebay, Google, Microsoft and Yahoo all use Aruba. I am personally very educated in both as well well versed in 802.1x networks and secure wireless.
Later Tuesday I went to Kmart and I bought some pots and pans also a cookie sheet. I figure now I can order from
FreshDirect.
Wednesday, I didn't get much accomplished. I did go to
Revival and I got to see Melanie and Danielle. Danielle asked me if I had the Saved by the Bell theme song to give her and I told her I would email it. Yes, I am that lame that I have that in my library. I was there for a couple of drinks but got home plenty early to try to get my sleep on track. I didn't, I slept four hours.
Thursday, it was spent doing some more socal engineering calls and emails to the company I am doing a security test for. I have to move my car in the morning.
The rest of the week goes like this. On Friday I have to move the car, then I will do some security work again. I want to hit some stores for some moisturizer. I also need sponges and cleaning products. I am thinking about inviting Gustav to my house for a movie or two and some drinking. Saturday there are two show I plan on hitting at
Upright Citizens Brigade Theater. One is
Reuben Williams and the other is
UCBW SummerSlamMamia. It should be lot of fun and I think Alaina and Max will be joining me. Sunday the week will start with my Improv class at 3pm and after class I plan on hitting Gustav's house for his Birthday.
Another event coming up that I can recall is next Saturday there is a
Hacker Halfway House party. Thats all from the mind of tommEE, night night.
