Wireless security query

Hi, I was looking for a bit of advice. I have just recently carried out an audit on a wireless network. One of my findings was the guest SSID (which has no passcode so you can just connect) is able to route to some of their main production networks. I raised this as high risk. I should state this was an implementation issue due to limitations of the wireless kit and lack of knowledge from the company who implemented this. The client is disputing the high grade stating "any potential security breach would require high level networking skills to firstly identify the devices and usernames and passwords to these specific devices, which is seen as highly unlikely and therefore not high risk." I have high level knowledge of wirless networks and in my opinion you should not be able to route to production networks from an unprotected wireless network. Does anyone have any opinions on this? - See more at: http://globalriskcommunity.com/#sthash.YM0mC4oM.dpuf

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

Votes: 0
Email me when people reply –

Replies

  • Consider that potentially, 97% of firms subject to the popularized Heart Bleed vulnerability have not patched all their vulnerable systems.  MetaSploit is moving to put a benign exploit for Heart Bleed into its inventory.  Not because it wants harm, but to show the true harm of the unresolved Known Vulnerability that has been identifiable and fixable for more than six months now; but somehow under appreciated in the true risk it represents.

    Consider that 4.5 million healthcare records were lost due abuse of the Heart Bleed Vulnerability already, in this case due to an unpatched Juniper SSL-VPN.  The notification of risk was given and time to evade the risk was possible but the medical institution did not appreciate this risk and was later harmed.  Unpatched, known vulnerabilities like this are proven to be damaging but remain under addressed.  Read more on the avoidable harm of unpatched, known vulnerable Heart Bleed vulnerability and the quantifiable damaged caused.  http://www.healthcareitnews.com/news/breach-alert-hackers-swipe-dat...

  • Simple use of a vulnerability scanner results can provide lists of known vulnerabilities.  These can include a brief on the risk and occasionally proof of concept exploit code.

    Since I specialize in freeware tools, Both BackTrack and Kali Linux implementations of MetaSploit are available, but on the whole, it is not closing lists of known vulnerabilities served up by a vulnerability scanner that is the greater risk and closer to the root cause of avoidable risk management.

    Rather, please think of MetaSploit as a non-destructive proof of concept tool used by friend of the Business Pen-Testers.  Just as I would not identify the abundance of Fire Extinguishers as proof of fire threat, but a handy solution for early management of risk and early suppression of materialized fire hazard.  MetaSploit is not the fire risk, it is a handy proof of concept tool to manage unmitigated risk earlier in the defect identification and resolution process.  Why wait for a raging fire of open attack by a non-friend of the business to identify materialized hazards rather than risk before it is hazard.  If one does not believe the risk is real, then benignly test it.

    As an actuarial matter, MetaSploit is not really used by determined attackers directly.  These tend only to use MetaSploit to benignly prove out their test bed environment for attacking systems, then these build custom code in a QA environment fully capable of modeling general vulnerability or even target firm environments.   Rather, MetaSploit still tends to be used by friend of the business testers and tends to have default tests built in for the direct purpose of motivating firms to avoid Known Vulnerabilities.

    Proof of concept exploit is educational for IT Staff that simply cannot wrap there head around known vulnerability inventories presented by Vulnerability Scanning results.  MetaSploit can help with the "Show Me" -- Missouri State of mind.

  • Utilities like Metasploit have made it easy for someone with average technical ability to launch sophisticated attacks.  There are so many potential vulnerabilities that a defense-in-depth strategy is crucial toward protecting these systems.  Without solid Network Access Control, there is one less layer of protection available.

     

  • You are most welcome.  

    Don Turnblade:

    https://www.linkedin.com/in/arctific

  • Thank you very much for the information and knowledge. It is certainly pointing me in the direction if the client still disagrees to keep this as a high recommendation. My next step was to direct them to some links to back up what I am recommending so the likes from Don and yourself along with what I found will certainly help. After sitting in on a network penetration seminar earlier this year it really opened my eyes to how insecure networks can be. We are not changing the recommendation regardless of the feedback so it is really down to them to resolve this a lot quicker than they are planning to.

    Will be sure to look you up on LinkedIn

    Thanks for your time

  • Yet I have to add following:

    Absolutely the best practice is not to use WIFI in corporate networks, if possible. From time to time (because people ary really lazy) it is necessary to use WIFI.

    In that case we have to use accordingly network segmenting. Separate the segment of network, where WIFI are connected to sole segment and properly define route tables at the router such a way, that only those TCP/UDP connections can pass through the router, that are really necessary to use.

    Also it is necessary to have implemented network monitoring and from time to time to arrange penetration testing accordingly.

    You know, this is not a place where all the aspects would be mentioned, but at the beginning it might help you. Anyhow, you can freely look for me at linked-in, I am opened to new connections.

    The best regards

    S.D.

  • http://www.nowiressecurity.com/articles/things_wi-fi_hackers_hope_y...  important is "Cracking the wireless encryption" paragraph...

    http://unlimitedhacks.com/wifi-hacker  this is a tool that requires knowledge of SSID and it resolves the password, it is currently recomended to keep passwords at least 14 characters big+small+numbers, simply strong password, more is better according to current knowledge of attackers

    http://www.makeuseof.com/tag/how-easy-is-it-to-crack-a-wifi-network...  

    I have to emphasize that also when the SSID is HIDDEN it is possible to find it in network relatively quickly

    USE ALL THESE links if possible from a compuiter that is very strongly secured please...

    I hope it will help you, however I will still discuss to my son that is trained as ethical hacker also in this relation

  • "any potential security breach would require high level networking skills to firstly identify the devices and usernames and passwords to these specific devices, which is seen as highly unlikely and therefore not high risk."
    .... this is a trademark of ignorancy of technical risks. In fact a young boy aging 12 can get in without any doubts.
    I will review some more serious discussions at this issue and post it later
  • Thank you very much for your response which is helping me explain in better words why I graded this a high risk, in particular the "for fun" reply is where I am directing my manager to ensure him I am correct (to be fair he never doubted me). So this is now back with the client, we briefly described why we believe it is graded high and that this should remain. Also explained we do not believe that advanced networking skills are required, just someone with an interest and access to Google could try attacking this network, especially considering the nature of the environment that this network is installed. Hopefully they see sense and accept the High recommendation, if not I may need to quote some of your fun analysis!

    Response much appreciated. If this escalates any further I will keep this post updated with the goings on.

     

  • For extra points:  

    I include links to Internet freeware that would enable the average person to identify systems and wireless networks with ease.  Anyone can find YouTube videos on how to use these tools for free should they wish.

    Enumerating Systems in a network: Nmap:

    http://nmap.org/zenmap/

    Identifying Wireless Networks: Kismet:

    https://www.kismetwireless.net/download.shtml

    The IT organization that does not know these tools are freely available to the public is might be either naive, off its game or knowingly lying to Governance Risk and Compliance.

    Danger Will Robinson.

    https://www.youtube.com/watch?v=OWwOJlOI1nU

This reply was deleted.

[Free COVID-19 Framework] What's the path to recovery look like?

We created a free presentation (attached), which discusses both global and organizational impacts of the COVID-19 pandemic, along with critical actions organizations should take immediately. This presentation introduces a framework that helps regions and organizations navigate a path to recovery via 9 potential scenarios. These scenarios capture outcomes related to GDP impact, public health response, and economic policies. The presentation also breaks down 6 immediate and critical actions…

Read more…
4 Replies · Reply by Steve Diaz Jul 8, 2023
Views: 204

If risk management is about decision making, are current risk management solutions irrelevant?

Now that the updated COSO and ISO risk management standards emphasize a connection to enterprise objectives and decision making, does this mean ERM and GRC solutions focused on risk registers and regulatory compliance are missing the true value of risk management?Will current risk management solutions evolve to integrate more decision support functionality or will standalone prescriptive analytics and other technology solutions take a more prominent role in enabling risk-informed…

Read more…
3 Replies
Views: 129

A question related to classification of instruments between trading and banking book.

We have an interesting question from one of our members.       "We usually perform OTC FX transactions with clients backed-to-back on the market (with Banks). Now we are going to perform a FX swap (i.e. Spot + forward) JPY/EUR for the Bank account for 1 week at the longest. The purpose is to get EUR place @ CB for LCR compliance purpose (no trading purposes). Bank's Management think that this should be considered as a trading position and therefore be classified within the Bank's trading book.…

Read more…
5 Replies · Reply by Prisha Singh Dec 26, 2023
Views: 308

Plunging oil prices: curse or blessing in disguise?

The recent sudden crash of oil prices has had a major impact on the world economy, leading to many troubled faces in the international arena. The Russians fear the effects of yet another powerful hit on their economy, Venezuela seems to be considering default and the Americans are weary of the consequences for its young and emerging shale oil industry. And then you have the Middle East, where the smallest match is enough to ignite the largest fire. But are these worries really justified or…

Read more…
1 Reply
Views: 90

Introducing the Global Risk Series - Book 1 Risk Management How Tos

Dear GlobalRisk Community member, Our community’s mission is to foster business, networking and educational explorations among members. Learn from some of the top experts in the industry as they clearly explain how to approach the most important Risk management concepts. Check out their expert tips and use the link at the end of each article to navigate back to the website to leave your comment or ask a question.   Some of the topics include: How do you Explain Risk Appetite?  How to Prepare a…

Read more…
16 Replies · Reply by GlobalRiskCommunity Mar 21
Views: 888

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead