Cart 0
HOPE Number Six (2006): "Wireless Security Flaws" (Download)

HOPE Number Six (2006): "Wireless Security Flaws" (Download)

  • 099

Saturday, July 22, 2006: 11:00 am (Area "A"): Wireless security flaws are commonplace but not many people realize just how much of the inner workings of infrastructure and management traffic for large networks are often accessible over wireless. Working as a team of professional penetration testers, the first time these three saw routing protocols and management traffic visible over 802.11, they thought the client really lacked clue. The tenth time, it wasn't so funny anymore.

This session will show you the common switching, routing, and management traffic commonly present in urban wireless environments, discuss the security risks (from information disclosure to remote exploit), and show you how to prevent this sort of highly critical data from leaving your network by way of your access points. Using examples from the last five years of growing urban wireless presence, this talk will show the initial signs of backbone control traffic creeping out of poorly secured access points and present statistics on overarching protocol trends over time. The talk will then take a more serious turn, showing the sorts of damage that a malicious attacker can wreak on a network with the information provided in just a few routing protocol packets. Lower level attacks such as switching and CDP will also be covered. Finally, a ray of immediately practical hope will be offered, giving recommendations on actions that will prevent this sort of critical data from being advertised out of your wireless access points.

Hosted by Raven Alder, 3ric Johanson, and Brandon Uttech