Tag Archives: Wireless AP

Wifi Devices Leak Potentially Sensitive Information

While I was at a security conference late last year it was demonstrated using the Airodump tool for Linux; the association requests visible for all Wifi devices present within the conference room. The command used was:

airodump-ng wlan0mon -w scan.ams --showack --wps -U -M -e -g

Where scan.ams was the name of a previously gathered packet capture.

I realise this is how Wifi was designed and it is working as intended. I also realise that this issue is not new and may not be of assistance to everyone for that reason.

I was fortunate that my phone had Wifi turned off at the time, especially since I was near the front of the room. The association requests display the SSID (defined) of any previous Wifi access point a device has successfully connected to/has credentials for. These requests were shown to be constantly being sent from the devices present in the room.

Using this list of SSIDs, you can input an SSID into the Wigle website and see where in the world that wireless network is located. If you have a unique SSID that website can show the address of where you work or live.

Further information on the Airodump tool is located in the links below:

Airodump-ng

Aircrack-ng Newbie Guide for Linux

airodump-ng(1) – Linux man page

More information on association requests is available here.

Good advice to prevent this type of information disclosure from the Wifi devices that you carry with you is to turn off Wifi if you are not using it (sorry if that is very obvious). If you administer Wifi access points, set the SSID to something that won’t attract attention and choose a non-unique SSID if you can (this way the exact location of a network will be harder to find).

Thank you.

Blog Post Shout Out: New Wireless Routers Enhance Internet of Things Protection

Happy New Year to all readers of this blog!

With attacks on routers increasing (e.g. this article concerning D-Link) and vulnerabilities being patched within internet of things (IoT) (defined) devices; it’s great news that security technologies are adapting to monitor and protect them.

I wanted to provide a respectful shout out (although not to blog posts) to products from several vendors that promise to better protect from threats such as the Mirai malware and other examples.

Full disclosure: I’m not receiving any incentives or benefits from any of these vendors; I simply wish to promote awareness of existing and upcoming technologies that we can use to better secure the increasing number of IoT devices that we are using in our everyday lives.

For example, early last week Symantec began accepting pre-orders for their new wireless router. Initially this will only be available in the US but will be extended to more regions in the future.

While a wireless router is nothing new, it is one of first that I have encountered that includes protection for Internet of Things (IoT) devices.

In their words it “constantly monitors your connected devices like WiFi thermostats, smart locks, appliances or home security cameras for suspicious activity and identifies vulnerabilities. If a device becomes compromised, it quarantines the threat before it spreads ensuring your digital world is safe.”

A similarly powerful offering from F-Secure is also in progress. Like Symantec, F-Secure’s is scheduled for release in Q2 of 2017.

These solutions are further refinements to wireless router/access point security solutions that have been available since late 2015. For example, Asus’ Ai-Protection feature (using technology licensed from Trend Micro) incorporates most of the features that F-Secure and Symantec offer just without the IoT management and reporting.

There are interesting times ahead as Internet of Things (IoT) devices and wireless router become increasingly more managed and monitored devices allowing us to secure them better. My sincere thanks to a colleague (you know who you are!) for assistance with this post.

Thank you.

Blog Post Shout Out: Securing Internet of Things and WiFi

With Internet of Things (IoT) devices becoming part of everyday life properly implementing public key encryption (defined) within them is a critical step that should not be overlooked.

Facilitating the use of such devices is very widespread wireless access which should also be secured as much as possible (especially in corporate environments) so as not to inadvertently provide an easy means of accessing your internal network.

For both of the above technologies I wanted to provide a respectful shout-out to the following blog posts that provides step by step advice on securing wireless networks (includes physical security and hardening guest network access) as well as how public key cryptography should be implemented and used within IoT devices:

9 things to check after installing wireless access points by Eric Geier (Computerworld)
4.5 million web servers have private keys that are publicly known! by Paul Ducklin (Sophos Security)

I hope that you find the above posts/resources useful. Thank you.