In the continuing evolution of IT technology, the vast majority of today’s devices have built-in wireless capabilities. As a result, wireless technologies have largely been adopted by most organisations. Due to its cost effectiveness, ease of use and deployment capabilities, making it a viable solution for corporate networks large and small.
Handshakes, a form of friendly greeting, capturing passwords!
Because security a concern for every organisation, including those using wireless networks. That could allow external access to internal networks, should an unauthorised user be able to successfully gain access. Furthermore, consideration should be given to the fact that, if an attacker is able to gain access to an internal network from an access point. By default, their presence, depending on the type of activity maybe harder to detect. Consequently, it is important to verify that wireless security measures are both applied correctly and relevant.
CCC, wireless testing services are conducted by experts, using a combination of in-house tools and techniques together with industry standard equipment.
Zero-day warez?For examples of wireless testing assignments →
Testing is normally undertaken using a similar methodology to that used with our standard penetration testing services. First of all, identifying a representative sample of potential target access points. Then evaluating the type of monitoring and access capabilities available without detection, progressing from there. With the following elements being considered:
- Access points – establishing the number of POA’s within the client’s footprint and their geographical location.
Including authorised and unauthorised POA’s (rogue devices), as these will have a bearing on testing and future monitoring.
- Whether information, including possible vulnerabilities and default configurations exist within the public domain.
- Whether any target specific access points information, including historical SSID data is available.
- Passively, test data harvesting via a representative sample of access points.
- Identify guest network capabilities – Access and monitor other connected devices – potentially providing information allowing access to the target.
- Identify the types of encryption in use and actively intercept data transmissions encrypted data, including wireless handshakes.
- Undertake a password quality assessment.
Finally, depending on the brief, other attacks that may be considered or attempted, these are likely to include:
- Packet Decryption
- Packet Sniﬃng
- Forged MAC address association
- Deployment of rogue access points
- Man-in-the-Middle attacks
- Authentication server attacks
- Data collection
- Data analysis
Man in the middle, is that a grown-up version of piggy…?
In addition, CCC have also undertaken external wireless audits in the vicinity of executives and other key personnel. To establish whether opportunities exist to compromise assets, subsequently allowing access to client network(s).
Part of testing process would assess whether any unauthorised corporate data leaks can be identified.For examples of wireless testing assignments →
Our expertise and experience, uniquely combines electronic forensic skills, with an understanding of corporate finance.
Asset Tracing – Audit – Computer Security – Digital Forensics – Due Diligence – eDiscovery – Fraud Investigation
Intelligence Gathering -Passwords Analysis – Penetration Testing – Wireless Security
Services underpinned with expertise and experience.