1 / 16

Security Issues in large scale wireless and VoIP deployment

Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein Andrew.Yeomans@drkw.com. Wi-Fi Summit - October 2005. Security Issues in large scale wireless and VoIP deployment. Dresdner Kleinwort Wasserstein (DrKW). DrKW is the investment bank of Dresdner Bank AG

kitty
Download Presentation

Security Issues in large scale wireless and VoIP deployment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein Andrew.Yeomans@drkw.com Wi-Fi Summit - October 2005 Security Issues in large scale wireless and VoIP deployment

  2. Dresdner Kleinwort Wasserstein (DrKW) • DrKW is the investment bank of Dresdner Bank AG • Member of the Allianz Group • Headquartered in London and Frankfurt, offices in New York, Chicago, San Francisco, Boston, Tokyo, Sao Paulo, Paris, Milan, Beijing, Shanghai, Hong Kong, Luxembourg, Kuala Lumpur, Warsaw, Moscow, St. Petersburg, Singapore, Johannesburg, Madrid, Zürich • Employs approximately 6,000 people around the world • More than € 2 billion operating income in 2004

  3. Relocation to 30 Gresham Street, London

  4. With latest technologies • Voice-over-IP (fixed and mobile) • Wireless 802.11 • Guest wireless internet access for visitors • Staff access in meeting rooms

  5. With latest technologies

  6. Desire and lust for shiny new technology! • Truly mobile computing – • Work from the coffee lounge or canteen • Wireless IP phone from anywhere in building • Technology is cool • Of course it’s secure!

  7. Fear, Loathing and Rejection (Jim Herbeck) • Protocol flaws • Implementation flaws • Usability – need another mobile? • War driving, War chalking • AirSnort, Kismet, WEPcrack • Denial of Service • … but are these real?

  8. What can you do with an old laptop and a scenic view?

  9. And a couple of old techies?

  10. Results • 150 + wireless networks seen • Just using internal PCMCIA aerial • Only half used WEP encryption (some are hotspots) • With aerial can pick up Canary Wharf – 4 km away • “The Feds can own your LAN too” – in 3 minutes • http://www.tomsnetworking.com/Sections-article111.php • Packet injection attacks

  11. And that’s not all … • Use in hotspots – real or fake? • Home networks – set up securely? • Location-sensing required – e.g. personal firewalls • Insider threats – inadvertent and malicious • Stolen devices (with keys) • Other wireless devices

  12. Floods of vulnerabilities

  13. Means anticipating failure

  14. But the new devices fix it, don’t they? • "Those who cannot remember the past are condemned to repeat it." - George Santayana, The Life of Reason • WEP -> WPA -> WPA2 (802.11i) -> ?? • But devices are upgradable.. Or are they? • And it takes years to flush out the old equipment • So hotspots support least common denominator • So have to run IPsec or SSL/TLS instead • Unless you really can design from new

  15. In conclusion • Assess risks • Confidentiality, Integrity and Availability are still key • Anything can go wrong – so be prepared for failure • Put appropriate policy controls in place • Trust – but verify – check configurations, monitor data • Work with your security people • And reap the business benefits!

  16. Andrew Yeomans VP Global Information Security Dresdner Kleinwort Wasserstein Andrew.Yeomans@drkw.com Wi-Fi Summit - October 2005 Questions?

More Related