Release the Kracken!

Got a WiFi baby monitor? Got a fancy WiFi kettle? Bought a smart TV with WiFi? How's that WiFi connection in the car working out for you? Because they are all very likely to be vulnerable to the KRACK (Key Reinstallation Attack) exploit: https://www.krackattacks.com/ The exploit allows an attacker within proximity of a wireless client or access point … Continue reading Release the Kracken!

Advertisements

Playing with a WiFi De-authenticator

Recently a colleague mentioned a small device he'd bought that can perform de-authentication attacks on wireless devices and cause all sorts of mischief - and given we both had an interest in security he loaned me this and I was amazed at how something so freely available and cheap could affect a wireless network in … Continue reading Playing with a WiFi De-authenticator

Preventing Rogue DHCP Servers and Machine to Machine Connectivity on Wireless Networks

A recent post looked at DHCP Snooping on a wired network, which uses a concept of trusted and untrusted ports whereby the genuine DHCP server or uplinks which a genuine DHCP offer could be sent across are marked as trusted, with all other links marked as untrusted. This is great at keeping a wired network secure, … Continue reading Preventing Rogue DHCP Servers and Machine to Machine Connectivity on Wireless Networks

Setting Up PIA VPN In My Overly Complicated Network

After getting my hands on a WiFi Pineapple (a post on this to follow!) and enjoying exploring its features I quickly realised my mobile device is super promiscuous when it comes to joining open access points I'd previously connected too (Premier Inn, McDonalds etc). This got me started on looking into VPN solutions and after … Continue reading Setting Up PIA VPN In My Overly Complicated Network

DHCP Snooping, Dynamic ARP Inspection and IP Source Guard

With a client going for an ISO standard which dictates stringent controls over both the external and the internal network resources I decided to put in some additional controls to ensure confidentiality, integrity and availability of the internal network. As the client uses Cisco hardware on premise, this consisted of a trio of additional measures … Continue reading DHCP Snooping, Dynamic ARP Inspection and IP Source Guard

Stopping the Spread of WannaCry within the LAN

The recent WannaCry outbreak highlighted just how vulnerable machines are within the LAN, even behind the perimeter firewall. The attack took advantage of a vulnerability in SMBv1 but also in the way we traditionally look at network security whereby the things on the outside are untrusted, but everything inside is trusted. This attitude allowed the … Continue reading Stopping the Spread of WannaCry within the LAN

Controlling Logons to Cisco Devices with Active Directory

Something I see quite often is local passwords being used to authenticate network administrators onto switches and routers. While this is fine for smaller organisations with a small IT team and few network devices, it can quickly become a headache when trying to update the password across all devices or add a new user. There are … Continue reading Controlling Logons to Cisco Devices with Active Directory