To: felton-lug@googlegroups.com
From: Jeff Liebermann <jeffl@cruzio.com>
Date: Thu, 16 Jul 2015 18:44:50 -0700
Subject: Re: [Felton LUG] Fwd: captive portal advice needed
On 7/16/2015 4:53 PM, Robert Lewis wrote:
> A friend is asking me the following and I have no experience in this
> area. Anyone have something of value to help?
Presumably, the captive portal is for a wireless client. I wrote the following rant on the topic of wireless security that I think is applicable. Assigning each user a login and password on the RADIUS server should be sufficient security.
...permit me to point out the giant gaping monstrous security hole that most users can't see or just ignore: It's the WPA-PSK shared key. Every computer, tabloid, smartphone, Xbox, etc. that connects to a single secured router uses the same passphrase. Considerable effort has gone into making this passphrase difficult to sniff and recover. Yet, all it takes is one insecure client radio, and the passphrase or usable hash code can be recovered. Here's a good example:
http://www.nirsoft.net/utils/wireless_key.html
If you have an Android tablet that's been rooted, there are several utilities that will display the saved passphrases. I use this one: https://play.google.com/store/apps/details?id=com.wifipass.recovery Steal my ancient Droid X2 and you can see all my wireless passphrases. Note that it doesn't matter if you're using WEP, WPA-TKIP, or WPA2-AES encryption. The password is there in plain sight. I assume there's something similar for jailbroken Apple products.
So whatcha gonna do? Well, big business uses a WPA2-Enterprise-AES with 802.1x and EAP authentication. You could too, except that there is only one commodity-grade wireless router that includes the necessary features (ZyXEL G-2000 Plus), and it's rather limited, with only 5 logins. You'll either need to subscribe to a service, or build your own RADIUS server:
http://freeradius.org/
http://wiki.freeradius.org/guide/WPA-HOWTO
http://wiki.freeradius.org/protocol/EAP
https://play.google.com/store/apps/details?id=com.larscom.freeradiusandroid
So, how does it work? Very roughly, each user gets a login and password from the RADIUS server when connecting. If they successfully login, the RADIUS server delivers a one-time WPA2-AES key to the client's wireless device, which is good only for the current session. Disconnect, and you get a new key. I won't go into the EAP authentication part (mostly because I barely understand how it works). There are also lots of variations, such as no user/password on login, which is the easy way to do encrypted coffee shop systems.
The RADIUS server does not need to be inside or next to your wireless router. It can be anywhere on the Internet. For example, the University of California runs one that covers all their facilities. A user can login literally anywhere on the UC system, and get authenticated for the entire system. I run my RADIUS server in my office and in a server farm for several of my customers' systems. There are also services that will do it for you. Here's an example of an online service that puts the RADIUS server in the "cloud":
Before the inevitable demise of wireless as we know it, perhaps the router manufacturers will cease advertising astronomical wireless speeds, and do something about the pre-shared key security problem? Naw, it will never happen. Security doesn't sell routers, while big number do.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com/
Santa Cruz CA 95060 http://802.11junk.com/
Skype: JeffLiebermann AE6KS 831-336-2558
To: felton-lug@googlegroups.com
From: Jeff Liebermann <jeffl@cruzio.com>
Date: Thu, 16 Jul 2015 19:50:48 -0700
Subject: Re: [Felton LUG] Fwd: captive portal advice needed
On 7/16/2015 7:12 PM, Frank Turner wrote:
> Some routers and access points have the ability to provide
multiple
> SSIDs that can then have their own passwords.
> He needs to check the router docs.
Please note that the friend wants to improve his security with his "guest" users. I've had a little too much experience with this malfeature in mostly Linksys E1xxx and EAxxxx wireless routers: All of them offer a separate SSID for the guest-login feature, but have serious deficiencies, which the original question didn't mention.
Let's pretend it's an EA2700 router (the same routers I brought to the FLUG meeting for my last two talks). These are dual-band routers, so they will have two SSIDs. The guest login only works on 2.4 GHz, so there's only one additional SSID for the guests. Usually it's something like this:
SSID
2.4 GHz GHz
2.4 GHz flugnet-guest
5 GHz flugnet5
(The 2.4 and 5 GHz SSIDs could be identical, but I like to let users select which band to use.)
When someone connects to SSID = flugnet-guest, they are presented with a Web page demanding a password. Once they enter the password successfully, they get access to either just the Internet (no local network access), or get full access to everything, depending on how the router is configured.
However, there's no encryption of the over-the-air traffic, because the password is in the captive portal, not in the network stack. So, any evil person (like me) can easily sniff the wireless traffic. Of course, the password is the same for anyone who connects to the guest login, so, if the password leaks to the world, you have a serious security problem, especially if it allows access to everything on your LAN.
Coffee shop wireless routers have a slightly better way to do this: When you buy something at the counter, the receipt has a short password printed on it. When you connect to their captive portal, it asks for this password. There's still no over-the-air encryption, but at least everyone doesn't use the same password. Better, but not really good enough -- which is why I suggested WPA2-AES-Enterprise and a RADIUS server.
---
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com/
Santa Cruz CA 95060 http://802.11junk.com/
Skype: JeffLiebermann AE6KS 831-336-2558
Date: Sat, 18 Jul 2015 09:18:42 -0700
From: Jim Warner <warner@ucsc.edu>
To: felton-lug@googlegroups.com
Subject: Re: [Felton LUG] Fwd: Today's Wifi performance and security tips
On Fri, Jul 17, 2015 at 2:19 PM, Robert Lewis
These are all good reviews. What they miss is the simple explanation of why TKIP was used at all.
All encryption requires hardware support for the low-level bit-munging steps. It is not possible to use a general-purpose CPU at multi-megabit speeds, without breaking the thermal and power consumption budgets available. Early WiFi chips came with an RC4 stream generator that is at the core of the WEP protocol. When deficiencies in WEP were discovered, the proposal to replace it with AES was not backward-compatible with the hardware in the installed base. The backward-compatible fix was to change the WEP keys at a high enough rate that it would not be practical to break the code before the key changed, and there wouldn't be enough encrypted text to crack the code between key changes. Changing the WEP key every few seconds is something that can be done without encryption hardware, and so can be written into the device driver. The addition to WEP that rotated the keys is TKIP.
Summary: TKIP is not as good as AES, but it was backward compatible with the installed base.
AES has been a required feature for products that claim WiFi compatibility since 2006. There are performance reasons beyond security to replace equipment too old to run AES.
The real measure of the quality of an encryption algorithm is how much it costs to break a key. In the case of AES-PSK, the answer to that is "about $40". What you do is snoop the air listening for a session key setup exchange between a client and its AP. Your record that, and send it along with a Paypal payment to a service that will send you back the clear text of the PSK secret.
--jim