In plain sight

Darkreading has a great article on Weaponizing the ipod touch.

In short it is an article from a DefCon presentation about turning the ipod touch into a wireless network penetration tool. Although not blessed with great processor or memory capability it does have a generous storage capability and with some specialized versions of tools such as TCPDump and NMap it can quickly become a rather stealthy headache for the corporate security guy.
While the guy (or gal!) sitting in the lobby of your building or in the carpark with a laptop out may arouse some suspicion, the same person pecking away on their iphone or ipod touch wouldn't even warrant a second glance in most cases.

As processing power becomes more and more portable, from smarter phone and personal entertainment devices to wearable computers ensuring any wireless security in your company is properly secured will become more and more crucial. Standards and configurations that may have been sufficiently secure a year or two ago will need constant review to ensure security is maintained. The wired network is far from immune from danger, as smaller and smaller devices can be plugged into rarely used network ports in conference rooms or unused offices can be used to sniff traffic and beam data back to an attacker, or simply collect information until they are retrieved.

Educating the corporate user base to ensure they understand the dangers of using wireless networking outside the office will also become increasingly important. With more and more corporate users demanding access to increasing amounts of corporate data from home or on the move, from cafes and airport lounges, the danger increases of malicious networks performing MITM (man in the middle) attacks or capturing credentials by impersonating 'free' wireless services.

While for some, simply not providing wireless access is the current option, the day where that is acceptable for business is coming to an end, so get ready. Even the wireless police can only do so much!

Now where did I put my ipod touch?

0 Response to "In plain sight"

Post a Comment

powered by Blogger | WordPress by Newwpthemes | Converted by BloggerTheme