Author Topic: Physical security for wireless networking equipment  (Read 1144 times)

0 Members and 1 Guest are viewing this topic.

Offline Scratch.HTF

  • Regular Contributor
  • *
  • Posts: 81
  • Country: au
Physical security for wireless networking equipment
« on: May 16, 2020, 01:35:02 am »
I have demonstrated (and contributed on Wikipedia) that anyone with physical access to a wireless router can gain access and/or obtain a wireless passphrase without special tools (Windows: Show characters) by pressing the Wi-Fi Protected Setup button and/or using preset security information on the unit which can include the Wi-Fi Protected Setup PIN number - once someone gets hold of this PIN number, there is no going back if it cannot be changed and/or disabled.

Even though a law in Germany requires wireless routers to have wireless security enabled out of the box if it does not manually require enabling of wireless networking functionality, the law does not (as far as I know) address physical security with respect to provision of information on physical security with respect to Wi-Fi Protected Setup and preset security information printed on the unit.

Physical security with respect to Wi-Fi Protected Setup and/or preset security information printed on the unit has made it to a number of tech publications, but I will enjoy true success when governments publically acknowledge this security issue.
If it runs on Linux, there is some hackability in it.
 

Offline I wanted a rude username

  • Frequent Contributor
  • **
  • Posts: 407
  • Country: au
  • ... but this username is also acceptable.
Re: Physical security for wireless networking equipment
« Reply #1 on: May 16, 2020, 04:40:24 am »
Physical access == game over for security.

This has always been true in IT, and modern devices uphold this proud tradition, honouring it in new and creative ways. A recent example is the discovery that some network-connected security cameras, as soon as you plug a USB key into them, immediately start saving their video onto the key so you can retrieve it on your second visit.  ;D
 
The following users thanked this post: Ian.M, RoGeorge, analogueAdder

Offline analogueAdder

  • Contributor
  • Posts: 10
  • Country: co
Re: Physical security for wireless networking equipment
« Reply #2 on: May 19, 2020, 02:52:39 am »
It's worth adding that WPS pins can be bruteforced easily and that some router manufacturers generate the default pin and WPA passphrase from the MAC address. Additionally, the firmware of those boxes is often full of careless vulnerabilities...

In other words, if you want security you have to disable WPS and change the WiFi password. And install a third party firmware like OpenWRT if possible. (And disabling the web interface as well.)

However, non of this will protect you against an attacker with physical access. In that case it's indeed game over... :horse:
 
The following users thanked this post: I wanted a rude username

Online Syntax Error

  • Frequent Contributor
  • **
  • Posts: 323
  • Country: gb
Re: Physical security for wireless networking equipment
« Reply #3 on: May 22, 2020, 11:54:30 pm »
Do not forget the other end of an enterprise wireless access point, the wireless/link aggregation switch. This is often co-located with the other switches/routers, so lock it away in a steel box in the security room and disable all but physical wired console access. A wifi client sat in a store cafe should NOT be able to log into the link aggregation server at their gateway I.P. address, but it can happen.
« Last Edit: May 23, 2020, 12:06:00 am by Syntax Error »
Now under Lockdown Tier 3/Red Alert/Very High/Confused.com
 

Offline james_s

  • Super Contributor
  • ***
  • Posts: 12605
  • Country: us
Re: Physical security for wireless networking equipment
« Reply #4 on: May 23, 2020, 04:17:59 am »
Nothing really new here. If you have physical access to the device then all bets are off, there is always a way to extract data from it or break into it. Fortunately it's relatively easy to secure the device in most cases, certainly for home routers put it inside your house and the only people who can access it without breaking into your house are the people who are authorized to be there. If you are really paranoid you can lock it in a cabinet.
 

Online RoGeorge

  • Super Contributor
  • ***
  • Posts: 2520
  • Country: ro
Re: Physical security for wireless networking equipment
« Reply #5 on: September 23, 2020, 10:43:41 am »
The whole computer security concept is about when the attacker does NOT have physical access to the hardware.

If the attacker has physical access to the machine, there's nothing one can do to protect the data.

Offline NANDBlog

  • Super Contributor
  • ***
  • Posts: 4832
  • Country: nl
  • Current job: ATEX certified product design
Re: Physical security for wireless networking equipment
« Reply #6 on: September 23, 2020, 02:31:58 pm »
A guy with a halberd. And trained dogs.
 

Online RoGeorge

  • Super Contributor
  • ***
  • Posts: 2520
  • Country: ro
Re: Physical security for wireless networking equipment
« Reply #7 on: September 23, 2020, 05:31:06 pm »
A black vault with voice recognition, lady guard, retinal scanner, double electronic key card, sound sensors, temperature increase sensors, lasers and floor pressure sensors are known to be not very effective:





 ;D

Offline iteratee

  • Contributor
  • Posts: 40
  • Country: us
  • Computer Engineer
Re: Physical security for wireless networking equipment
« Reply #8 on: September 27, 2020, 04:53:43 am »
If physical access is a non-barrier then you have no problem - just use your physical access to hack the device and remove the WPS functionality.

Oh wait, you can't, because the physical access thing is a fantasy and rendering a device unhackable for all practical purposes is all too easy. Physical access is only a non-barrier to those with unlimited resources (i.e. not you).
 

Offline I wanted a rude username

  • Frequent Contributor
  • **
  • Posts: 407
  • Country: au
  • ... but this username is also acceptable.
Re: Physical security for wireless networking equipment
« Reply #9 on: September 27, 2020, 05:07:31 am »
If you wish to contribute to the discussion, first formulate a cogent argument which actually addresses the point instead of attacking the straw man of your hallucinations.
 

Offline iteratee

  • Contributor
  • Posts: 40
  • Country: us
  • Computer Engineer
Re: Physical security for wireless networking equipment
« Reply #10 on: September 27, 2020, 05:41:58 am »
If you wish to contribute to the discussion, first formulate a cogent argument which actually addresses the point instead of attacking the straw man of your hallucinations.
I'm not arguing with OP. I'm perhaps arguing with comments that themselves miss the point... this seems more of a variation on usual issues with router default passwords than a physical security thing.
 

Offline NiHaoMike

  • Super Contributor
  • ***
  • Posts: 6616
  • Country: us
  • "Don't turn it on - Take it apart!"
    • Facebook Page
Re: Physical security for wireless networking equipment
« Reply #11 on: September 30, 2020, 04:08:56 am »
Flash a third party firmware that simply doesn't have the insecure WPS "feature". Then cut the trace to the reset button to make it more difficult to reset it to default settings without someone noticing.

As for countermeasures against physical hacking, while it is true that there's not a way to make it completely impossible, it often is possible to increase the difficulty to the point where the effort needed would exceed the value obtained by the attack. For some ideas, take a look at how credit card readers resist physical hacking, although that's almost certainly overkill for a wireless router.
Cryptocurrency has taught me to love math and at the same time be baffled by it.

Cryptocurrency lesson 0: Altcoins and Bitcoin are not the same thing.
 
The following users thanked this post: I wanted a rude username

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 4112
  • Country: au
Re: Physical security for wireless networking equipment
« Reply #12 on: October 11, 2020, 09:52:43 pm »
Firstly, if you're using a router with WPS, disable it immediately. It's awful in terms of security (even if you don't have physical access to the device). Secondly, use a strong password for your wireless network. Ideally, use properly configured 802.1X authentication, but that's going beyond the scope and knowledge level of most home users.

If you're that worried, put all wireless devices on a separate VLAN and lock it down, that way if access is gained to the network, the attack surface is reduced.
 

Offline vk6zgo

  • Super Contributor
  • ***
  • Posts: 5531
  • Country: au
Re: Physical security for wireless networking equipment
« Reply #13 on: October 12, 2020, 01:21:21 am »
Have several small, yappy dogs--------& one very big quiet one! ;D
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf