FETC - A Laptop in Every Classroom: Lessons Learned

110101 A Laptop 101010

010101 In Every 0101010

01010 Classroom 101010

Joe Schorr

© Joseph P. Schorr 2003-11


Introduction

Does your grandmother ever ask

you what you do for a living, and

after a 5-minute explanation, she

blinks, then asks you what you do

for a living?

Do you lose patience with

people that can't convert binary

to decimal at a glance?


Agenda

Goals

Threats

Remediation

Lessons learned


The Goals…

An environment that is…

Safe

Secure

Stable

Scalable

And…


They will never know…


Threat Management

SOPHISTICATION

Of TOOLS

1980 2010

Password

Guessing

Self-Replicating Code

Password Cracking

Exploiting Known Vulnerabilities

Disabling Audits

Back Doors

Hijacking Sessions

SweepersSniffers

Packet Spoofing

GUI

Automated Probes/Scans

Denial of

Service

DDoS Attacks

Stealth / Advanced

Scanning Techniques

Burglaries

Network Management Diagnostics

WWW Attacks

EXPERTISE REQUIREDHacker

Tool Kits

75% of respondents to the FBI/CSI survey cite their Internet

connection as a point of attack

40% of respondents detected external penetrations/probes

85% of large corporations and government agencies detected

computer security breaches

64% of respondents experienced malware infection, compared to

2008's 50%

29% experienced denial-of-service attacks, up from 2008's 21%

17% experienced password sniffing, up from 9% in 2008

14% experienced Web site defacement, up from 2008's 6%

Over 1,000,000 WWW pages contain some form of Hacker Tools

OS holes and bugs

User privacy “sploits”

Stalking issues

Wireless


Threats - State of the Web


Threats - Closer to home

Servers and clients via broadband/DSL access

Home broadband/Cable/DSL access

Distributed Denial of Service (DDoS) Zombie Attacks

IM (Instant Messenger), IRQ, Chat

Viruses

SPAM

Unsuitable Content

Music, Games, Video

Pop-ups

Click-jacking

WIRELESS ACCESS !!!


A Simple Problem

InternetReachable

NetworkTotal

Network

Local Network

Any host on the Internet can attack every

reachable node on your internal network.


Just when we thought we „got it‟…


Lesson 1…

“If you reveal your

secrets to the wind

you should not blame

the wind for revealing

them to the trees.”-Khalil Gibran


WLANs are broadcast networks and…

Locators

Windows XP

ApTools

NetStumbler

Kismet


… Sniffers love broadcast networks

Ethereal

AiroPeek


“but whadda„bout WEP?”

Wired Equivalent Privacy was designed to stop casual interception of data

It is not “on” by default

Takes some overhead

64 and 128 Encryption

Static, shared algorithm

All nodes use the same key

You can still capture traffic

And if you can catch it… you can crack it!Airsnort

WepCrack


Wireless Intrusion Detection

Look for WEP traffic from an unknown MAC address

Identify rogue APs by scanning channels

Search for TCP/IP and UDP attack signatures in WEP encrypted traffic

Monitor for high number of failed authentications

ISS Wireless

Scanner

AiroPeek NX

AirMagnet

Air Defense


Countermeasures Summary

Use WEP, dynamic if your hardware allows

Don’t use the default SSID

Don’t broadcast the SSID

Don’t use an obvious name for SSID

If VPN-ing, restrict access to VPN clients only

Limit access of Wireless clients to sensitive resources

Conduct periodic wireless audits

Ongoing WIDS


The “Big Three” Lesson Learned

Get focused

Understand Global

vs. Local threats

Make the technology fit

your goals –

not the other way around


Big Lessons Learned

1) Wireless “Security” is an oxymoron

2) You are not secure

3) Pick a great partner

4) Start early

5) Take care of the perimeter

6) A Firewall will not protect you


Name this man


Big Lessons Learned

1) Wireless “Security” is an oxymoron

2) KISS

3) Pick a great partner

4) Start early

5) Take care of the perimeter

6) A firewall will not protect you

7) Control the laptop

8) Content Filter

9) Intrusion Detection

10)Test!


Little Lessons Learned

1) Try multiple brands of Access Points and stress test

2) Beat up your Telco, early and often

3) UPS the APs

4) Be prepared for breakage

5) Avoid “Do-everything” products

6) Don’t re-invent the wheel

7) “Walk around”

8) The kids are WAAAYYY smarter than youa) Disable Chat, IRQ, IM, Music, Games, Video

9) Establish teacher needs ASAP

10) RELAX!


Questions?


Thank

You!

010101010101010101010101010101010

Contact me: [email protected]

LinkedIn: http://www.linkedin.com/in/jpschorr

FETC - A Laptop in Every Classroom: Lessons Learned

Technology

joe schorr joseph

airsnortwepcrack joseph

khalil gibran joseph

wep traffic

experienced denial

service attacks

whaddabout wep

experienced password