WIRELESS SECURITY ASSESSMENT

Brisk Infosec Wireless Penetration Testing provides the security measures for both wireless network and access point. Brisk Infosec’s wireless penetration testing and assessment services help your business to evaluate the security by wireless implementation security testing and provide recommend measures for improvement based on the scope of the engagement.

NEED

You may have deployed an internal wireless network for a variety of reasons, such as – mobility, ease-of-use, increased productivity and providing guests with quick Internet access.

If wireless technology is not deployed securely, it could pose a threat to your business authentication
by the method of encryption, placement of Access points etc.

METHODOLOGY

Brisk Infosec wireless security testing is compromised of the following major phases:

  • Access point discovery,
  • Wireless Penetration Testing,
  • Post wireless exploitation.

These phases are further classified into following testing categories:

  • Wireless Network Sniffing
  • Passive scanning detection of SSID collecting the MAC Addresses collecting the Frames for cracking WEP detection of the sniffers
  • Wireless Spoofing
  • MAC Address Spoofing IP spoofing Frame Spoofing
  • Wireless Network Probing
  • Detection of SSID Detection of AP and stations Detection of Probing
  • AP Weaknesses
  • Configuration Defeating MAC Filtering Rogue AP Trojan AP Equipment Flaws
  • Denial of Service Jamming the Air Waves Flooding with Associations Forged Dissociation Forged DE-authentication Power Saving
  • Man-in- the-Middle Attacks
  • Wireless MITM ARP Poisoning Session Hijacking
  • Wireless signal strength auditing
  • Wireless router auditing

BENEFITS


1. Wireless Testing service evaluates the security posture of your wireless networks and their compliance with per-defined standards.
2. Risks associated with vulnerable wireless networks can be denied with the help of wireless Penetration Testing which includes

  • Full access to files being transmitted or even sitting on the server
  • Stolen passwords
  • Back-door entry points into your wired network
  • Denial-of- service attacks causing downtime and productivity losses

3. Increase confidence that your IT security perimeter devices are regularly analysed for potential weaknesses
4. The service can be delivered as a one-off test following the initial equipment installation or as a quarterly Firewall Health Check service.
5. A firewall Penetration testing offers the security that makes you not vulnerable and also protects your data from being compromised.
6. Firewall Penetration testing makes your firewall secured

STANDARDS

We follow the standards as per the client’s requirement and nature of the application, such as:

  • PTES
  • SANS
  • NIST
  • ISO27001
  • PCI DSS

FAQ

Is the Wireless Security Assessment performed remotely or onsite?
For the Wireless Security Assessment, we travel to your location and perform this service onsite. To leverage the fact that we will be travelling to your location, we offer to bundle (at a discount) including other services that require us to be onsite, such as our Internal Penetration Test, Internal Vulnerability Assessment and Physical Security Review.
What is a Rogue Access Point?
A rogue access point is an unauthorised access point.  Rogue access points typically fall into three categories – malicious, convenience, and accidental.  Malicious rogue access points are designed to help an attacker carry out an objective, such as expanding a foothold on your network, stealing passwords, or using your network to attack someone else.  Malicious rogue wireless devices can be used to attack any of the following:

  • Wi-Fi networks
  • Wireless devices, such as keyboards and mouse
  • Bluetooth devices
  • Cellular networks
  • Other RF technologies, such as RFID

Rogue access points set up for convenience are typically configured by users unhappy with corporate wireless access or Bring Your Own Device (BYOD) policies. Users often bring their own WAP from home and plug the wired portion into the corporate network. This allows the user to connect all their personal wireless devices (cell phone, iPad, etc.) to their access point that is connected to the corporate network.
Rogue access points that are accidental are devices, such as printers, that an organisation did not realise that they had enabled wireless accessible. On a recent wireless assessment, we discovered printers on an enterprise environment that were accessible to anyone over the wireless network.  We were able to manage these printers over an ad hoc wireless network without the organisation ever noticing.
What is an Evil Twin?
An evil twin is a WAP that with the same “look and feel” as the real WAP.  An evil twin is used by an attacker to trick users into connecting to the attacker WAP instead of the real WAP.  The attacker then sniffs all of your traffic (passwords, credentials, personally identifiable information (PII), etc.) from your system to the Internet, as the evil twin access point acts as a Man-In-The-Middle (MITM).  An example would be an access point called “Starbucks”.  How do you know you are connected to the real “Starbucks” access point and not an evil twin?

FLYER