Attacking and Securing WPA Enterprise Networks
12 likes20,765 views
This document provides an overview of attacking WPA-Enterprise wireless networks. It discusses the history of wireless security including WEP and the development of WPA/WPA2. It then explains how 802.1X authentication works with EAP types like PEAP and TTLS. Specific misconfigurations of PEAP are demonstrated that could allow attackers to capture credentials by spoofing the network. Defensive techniques like validating certificates and hardening infrastructure/clients are recommended. Regular security assessments are advised to check vulnerabilities.
Attacking and Securing WPA Enterprise Networks
- 1. Attacking WPA-Enterprise Wireless Networks By: Matt Neely Presented: March 17, 2010 at NEO InfoSec Forum
- 2. Speaker Biography • Matt Neely, CISSP, CTGA, GCIH, and GCWN – Manager of the Profiling Team at SecureState – Areas of expertise: wireless, penetration testing, physical security, security convergence, and incident response – Formed and ran the TSCM team at a Fortune 200 company – Over 10 years of security experience • Outside of work: – Co-host of the Security Justice podcast – Licensed amateur radio operator (Technician) for almost 20 years • First radio I hacked: – Fisher-Price Sky Talker walkie talkie
- 3. SecureState Overview • Ohio-Based Company CISSP – Certified Information Systems Security – Founded 2001 Professional CISM – Certified Information Security Manager CISA – Certified Information Systems Auditor • 30+ Security Professionals QDSP – Qualified Data Security Professional GSEC – SANS GIAC Security Essentials NSA INFOSEC Assessment Methodology (IAM) • Information Assurance & Forensics – NTI, EnCase Protection ANSI X9/TG-3 • Audit and business background (Big 10) • Experts in ethical hacking across many specialized areas
- 4. What You Will Learn Today • Short history of wireless security • What is 802.11 Enterprise authentication • How PEAP works • How to attack WPA Enterprise networks • How to defend WPA Enterprise networks
- 5. Brief History of Wireless • WEP died over a decade ago • Cisco released LEAP to make up for the deficiencies in WEP – Proprietary and susceptible to brute force attacks • WPA/WPA2 was developed to provide strong encryption and multiple authentication mechanisms
- 6. Brief History of Wireless - WPA • WPA/WPA2 encryption and authentication options – Encryption • WPA – TKIP (RC4 based algorithm) • WPA2 – CCMP (AES based algorithm) – Authentication • Pre-Shared Key (PSK) Authentication – Designed for home and small offices – Anything that uses a shared password is not secure • Enterprise Authentication – Uses 802.1X as the authentication framework – Provides per-user or per-system authentication
- 7. 802.1X In One Slide • Provides network access authentication – EAP provides authentication – Access point handles encryption (TKIP/CCMP) • Three components: – Supplicant (Client) – Authenticator (AP) – Authentication Server (RADIUS or IAS server) • Supplicant and authentication server use an EAP type to authenticate
- 8. EAP • Extensible Authentication Protocol (EAP) is an authentication framework • 802.1X uses various EAP types to authenticate users – Common EAP types used with wireless: TLS, PEAP, TTLS, and EAP-FAST – EAP type and configuration can greatly impact the security of the wireless network • Breakdown of EAP deployments: – 80% PEAP and TTLS – 15% EAP-FAST or LEAP – 5% TLS
- 9. Introduction To PEAP and TTLS • EAP originally was designed to work over wired networks where interception required physical access. • Interception is a larger concern on wireless networks. • Protected EAP (PEAP) and Tunneled Transport Layer Security (TTLS) use TLS to protect legacy authentication protocols from interception. • Both require a certificate on the RADIUS server for the Supplicant to validate server identity. • PEAP supports MS-CHAPv2 as the inner authentication method. • TTLS supports a large number of inner authentication protocols (MS-CHAPv2, CHAP, PAP, etc).
- 11. Importance of TLS Certificate Validation With PEAP • Network SSID can be spoofed easily. • TLS provides a method for validating the access point (Authenticator) and, therefore, the network. • Once the certificate from the Authenticator is validated, the client passes authentication information to the network (Authentication Server). • Authentication traffic is protected from eavesdropping by the TLS tunnel.
- 12. Web Browser SSL/TLS Validation
- 13. What happens when your wireless client trusts an invalid certificate?
- 14. Vulnerable PEAP Misconfiguration One • Many deployments disable all validation • PEAP supplicant will trust any RADIUS server
- 15. How An Attacker Can Exploit This • Attacker sets up a fake AP – Mirrors target network’s SSID, encryption type (WPA/WPA2), and band (a/b/g/n) – Configures the AP to accept Enterprise authentication – Sets AP to visible • Attacker connects the fake AP to the special FreeRADIUS-WPE server that captures and records all authentication requests • Attacker waits for users to attach to the fake network and captures their credentials – Impatient attackers can de-auth clients from the legitimate network • Attacker cracks the challenge/response pair to recover the password
- 16. FreeRADIUS-WPE • Josh Wright created the Wireless Pwnage Edition (WPE) patch for FreeRADIUS 2.0.2 • Adds the following features: – Returns success for any authentication requests – Logs all authentication credentials • Challenge/response • Password • Username – Performs credential logging on PEAP, TTLS, LEAP, EAP-MD5, EAP-MSCHAPv2, PAP, CHAP, and others
- 17. DEMO
- 18. DEMO
- 19. Vulnerable PEAP Misconfiguration Two • Configuration: – “Validate server certificate” is enabled – Default Wireless Zero Configuration (WZC) settings – Prompts users to validate server certificate • Minimal detail is shown in the dialog box • Attack: – Same attack applies but requires users to validate the certificate
- 20. Vulnerable PEAP Misconfiguration Three • Configuration: – “Validate server certificate” is enabled – Trusted Root Certificate Authority is selected – Does not validate certificate CN! • Attack: – Sniffs a valid login and identifies the CA of the TLS certificate – Purchases a certificate from the trusted CA • Any CN value can be used – Configures the RADIUS server to use this certificate
- 21. Concerns Around Mobile Devices
- 22. If At First You Don’t Succeed • Some clients try multiple EAP types while trying to authenticate to a wireless network. – Easy for attackers to detect by analyzing a packet capture. • Attackers can use this weakness to trick clients into authenticating to a fake AP with an insecure EAP type. – Often de-auth floods are used to prevent the client from connecting to a legitimate AP.
- 24. Encryption and Authentication • Use CCMP for encryption – Migrate off TKIP – Never use WEP • Use PEAP, TTLS, or TLS for authentication – TLS requires a PKI – Avoid Pre-Shared Keys (PSK) • Anything that is shared is not secure • If you must use PSK, choose a unique SSID and use a complex passphrase over 14 characters
- 25. Secure the Infrastructure • Harden and patch the infrastructure: – Access points – Wireless controllers – Authentication servers • Apply the latest service pack to Windows Internet Authentication Service (IAS) servers • Do not use hidden access points • Make sure insecure EAP types such as MD5 are disabled • Prevent insecure clients from using the wireless network • Firewall and isolate the wireless network from the internal network
- 26. Wireless IDS • Consider deploying a wireless IDS • Can detect: – De-auth attacks – RTS and CTS denial of service attacks – Rogue APs • Both on and off your wired network • Remember IDS is only detection and not prevention • Be very careful with wireless IPS – IPS system could end up attacking neighboring networks • Wireless IDS will not protect users while traveling
- 27. Secure the Clients • Require long and complex passwords • Apply all patches quickly – Including firmware patches for wireless cards • Harden the system – Run Anti-Virus software and keep definitions up to date – Have users login with a non-administrative level account – Encrypt sensitive data on drive – Turned on and configured personal firewall • Disable ad-hoc networks • Prevent network bridging • Ensure the Supplicant is properly configured
- 28. Secure WZC PEAP Configuration • Ensure the following items are configured: – Enable “Validate server certificate” – Enable “Connect to these servers” and specify the CN of the RADIUS server – Under “Trusted Root Certificate Authorities” check ONLY the CA that issued the certificate – Enable “Do not prompt user to authorize new servers or trusted certification authorities • Enforceable through Group Policy • Refer to KB941123 for additional information
- 29. Perform Regular Assessments Act • The Shewhart or Deming Cycle, used in Quality Assurance – instead of PDCA, it’s Check-Act-Plan-Do when relating to security strategy. • It’s imperative to perform assessments on a regular basis. • Have a third party perform a wireless security assessment. • Ensure the assessment includes architecture and client configuration reviews.
- 30. QUESTIONS? For More Information: www.SecureState.com www.MatthewNeely.com @matthewneely