In the continuing evolution of IT technology, the vast majority of today’s devices have built-in wireless capabilities. As a result, wireless technologies have largely been adopted by most organisations. This is primarily due to its cost-effectiveness, ease of use and deployment capabilities. Making it a viable solution for corporate networks, both large and small.
Handshakes, a form of friendly greeting, capturing passwords!
With IT security being a concern of every organisation, including those using wireless networks. Particular attention needs to be taken so as to ensure that external access to internal networks is not possible for unauthorised users.
Furthermore, consideration should be given to the fact that, if an attacker is able to gain access to an internal network from an access point. By default, their presence, depending on the type of activity may be harder to detect. Consequently, it is important to verify that wireless security measures are both applied correctly and relevant.
CCC, wireless testing services are conducted by experts, using a combination of in-house tools and techniques together with industry standard equipment.
Zero-day warez?For examples of wireless testing assignments →
Testing is normally undertaken using a similar methodology to that used with our standard penetration testing services. First of all, identifying a representative sample of potential target access points. Then evaluating the type of monitoring and access capabilities available without detection, progressing from there. With the following elements being considered:
- Access points – establishing the number of POA’s within the client’s footprint and their geographical location.
Including authorised and unauthorised POA’s (rogue devices), as these will have a bearing on testing and future monitoring.
- Whether information, including possible vulnerabilities and default configurations, exist within the public domain.
- Whether any target specific access points information, including historical SSID data, is available.
- Passively, test data harvesting via a representative sample of access points.
- Identify guest network capabilities – Access and monitor other connected devices – potentially providing information allowing access to the target.
- Identify the types of encryption in use and actively intercept data transmissions encrypted data, including wireless handshakes.
- Undertake a password quality assessment.
Finally, depending on the brief, other attacks that may be considered or attempted, these are likely to include:
- Packet Decryption
- Packet Sniﬃng
- Forged MAC address association
- Deployment of rogue access points
- Man-in-the-Middle attacks
- Authentication server attacks
- Data collection
- Data analysis
Man in the middle, is that a grown-up version of piggy…?
In addition, the company provided extended testing designed to validate secure wireless activity in the vicinity of addresses associated with executives and other key personnel. To establish whether targeted opportunities exist to compromise assets that would subsequently allow access to client network(s).
Part of the testing process would assess whether any unauthorised corporate data leakage can be identified.For examples of wireless testing assignments →
Our expertise and experience, uniquely combines electronic forensic skills, with an understanding of corporate finance.
Asset Tracing – Audit – Computer Security – Digital Forensics – Due Diligence – eDiscovery – Fraud Investigation
Intelligence Gathering -Passwords Analysis – Penetration Testing – Wireless Security
Services underpinned with expertise and experience.