GBnews24 The largest social network In Worlds - GBnews24
Technology
Add Post

Hot Tunes

The quick brown fox jumps over the lazy dog.

Wifi

Hacker shows how easy it is to take over a city’s public Wi-Fi network

Hacker shows how easy it is to take over a city’s public Wi-Fi network...

In a perfect example of how public wireless networks can be dangerous for privacy and security, an Israeli hacker showed that he could have taken over the free Wi-Fi network of an entire city. On his way home from work one day, Amihai Neiderman, the head of research at Israeli cybersecurity firm Equus Technologies, spotted a wireless hotspot that he hadn't seen before. What made it unusual was that it was in an area with no buildings. It turned out that the hotspot he saw, advertised as "FREE_TLV," was part of the citywide free Wi-Fi network set up by the local administration of Tel Aviv, Israel. This made Neiderman wonder: How secure is it? For the next few weeks, finding a way to compromise this network became a side project to do in his free time. First he connected to the network through one of the access points spread around the city and checked what his new IP (Internet Protocol) address was. This is usually the public address assigned to the router through which all Wi-Fi clients access the internet. He then disconnected and scanned that IP address from the internet for open ports. He found that the device was serving a web-based login interface over port 443 (HTTPS). This interface displayed the manufacturer's name -- Peplink -- but not other information about the device type or model. An analysis of the web interface didn't reveal any basic vulnerabilities either, such as SQL injection, default or weak log-in credentials or authentication bypass flaws. He realized that a more thorough analysis of the device's actual firmware was required. Identifying the device and finding the exact firmware to download from the manufacturer's website was not easy, because Peplink creates and sells many types of networking devices for various industries. However, he eventually pinned it down to firmware version 5 for Peplink's Balance 380 high-end load balancing router. The firmware used basic XOR-based encryption to make it harder for third-parties to reverse-engineer the firmware's file system, but this was relatively easy to bypass. Once everything was unpacked and loaded into an emulator, Neiderman was able to access the CGI (Common Gateway Interface) scripts that made up the router's web interface. It didn't take long until the researcher found a buffer overflow vulnerability in the CGI script that handled the log-out process. The flaw could be exploited by sending a very long session cookie to the script and successful exploitation resulted in arbitrary code execution and full control over the device. Neiderman presented his findings and reverse-engineering efforts Thursday at the DefCamp security conference in Bucharest, Romania. He declined to say whether he actually tested his exploit on the live Peplink Balance routers used to operate Tel Aviv's free Wi-Fi network, because that could land him in legal trouble. However, when he reported the flaw to Peplink the company confirmed and patched it in a subsequent firmware update, so the firmware on FREE_TLV's routers was certainly vulnerable when Neiderman found the flaw. While finding vulnerabilities in routers is not uncommon, this case stands out because it shows that skilled hackers could potentially attack thousands or tens of thousands of users by compromising large public Wi-Fi networks like those run by municipalities. By controlling a router, attackers can snoop on all unencrypted user traffic that passes through it and capture sensitive information. They can also launch active attacks, like redirecting users to rogue web servers when they're trying to access legitimate websites or injecting malicious code into non-HTTPS web pages. Large networks are typically standardized and use the same type of equipment throughout to allow for easier management. A vulnerability that allows a compromise of one of the network's access points is likely to allow the compromise of all of them. Attacks like these are why users are strongly encouraged to use a VPN (Virtual Private Network) service when they're accessing the internet over public or untrusted Wi-Fi networks. Neiderman said that he was impressed with how Peplink responded to his report and how the company handled the vulnerability. He stressed that this attack was also possible because of the insecure way in which the network's routers had been deployed. Their administration interfaces shouldn't have been exposed to the Internet. ...

That private network on the Wi-Fi band? Won't happen

That private network on the Wi-Fi band? Won't happen...

Satellite service provider Globalstar has dropped its controversial plan to launch a wireless network in the U.S. in part of an unlicensed band that Wi-Fi and Bluetooth use. The plan had alarmed supporters of those technologies who feared the network would interfere with them and effectively privatize unlicensed spectrum. Globalstar’s TLPS (Terrestrial Low-Power Service) proposal was one of several ideas introduced in recent years to mix licensed and unlicensed uses of spectrum. While some have been ruled out, others, such as LTE-Unlicensed, are moving forward. Globalstar has licensed spectrum in a band next to the 2.4GHz block of frequencies shared by Wi-Fi, Bluetooth, microwave ovens and many other technologies. It’s so close that in the U.S., part of the unlicensed band is set aside as a guard band to prevent interference. In most other countries, networks like Wi-Fi get all the spectrum because they don’t have to make room for Globalstar. The plan was to combine the licensed spectrum and the guard band and offer a land-based broadband service that would be like Wi-Fi but controlled by Globalstar. The network might have been provided by Globalstar or other service providers, and it was supposed to be offered to schools and hospitals. With modification, Wi-Fi radios could have used it. But Globalstar faced a tough crowd on the U.S. Federal Communications Commission despite the fact that its chairman, Tom Wheeler, supported the idea. The company was still lobbying undecided commissioners until the presidential election on Tuesday, which will now put the FCC under Republican control starting next year. Now, Globalstar is only asking for the right to operate a land-based wireless service in its own licensed spectrum, which is currently allocated for satellite service. It still thinks the previous proposal would have been good for consumers, according to a company statement on Thursday. “Nevertheless, Globalstar also understands that when the Commission considers a proposal that shares spectrum with existing services in the critical 2.4GHz band, prudence dictates that the Commission take a measured and careful approach,” the company said. Only a massive, well-financed player like Verizon or AT&T could build a viable service on Globalstar’s 11.5MHz of licensed spectrum, said industry analyst Roger Entner of Recon Analytics. The hardest parts would be building the infrastructure and lining up a supply of devices. It's likely Globalstar will sell the spectrum or create a partnership, he said. For worried consumers, there’s already a bright side. "It certainly eases the concerns that we would have had interference in the already very crowded 2.4GHz band," Entner said. ...

© Copyright 2017 By GBnews24.com LTD Company Number: 09415178 | Design & Developed By (GBnews24 Group ) ☛ Email: gbnews24@gmail.com

United States   USA United States