Name
F2. Hunting Mobile Rogue Access Points with Wireless Mesh Implants
Track
Incident Response
Date
Thursday, June 6, 2019
Time
11:15 AM - 12:15 PM
Description
With the proliferation of wireless hacking devices and tools in recent years, mobile rogue access points are becoming a serious threat to the wireless consumer, as well as the enterprise. We performed a case study with the most basic attack profile: the bad BSSID is known and the blue team is searching for the physical device, which is on the move. We created a cheap, easy to deploy solution that can be used in the field to track down and locate rogue mobile operators. Leveraging affordable hardware, a wireless mesh software was written from which wireless implants could find APs on the move.
Learner Objectives
After completing this session, the learner will: - Learn about rogue AP deployments and the threats they pose - Gain insight into methodologies for capturing rogue mobile operators / access points - Learn from our initial implementation and mistakes
Speaker Bio(s)
Todd Cronin joined the USAF after earning his B.S. in Computer Engineering from the University of Utah. While in the service, he helped perform numerous security assessments of military assets. After leaving the service he worked for MITRE as a security engineer. Todd teaches evening courses at SecureSet Academy and leads commercial cybersecurity services for PLEX Solutions, an NSA-certified security firm. Todd is an amateur radio operator and embedded hardware hobbyist who makes time to disconnect and explore the Rocky Mountains with his family, mountain cat, and chicken flock. After studying computer science at CSU, Joe Minicucci went on to develop software for several years, focusing on web applications and enterprise software security at large. In addition to application security, projects pursued have included wireless security as well as generic network penetration testing. He currently works at Ping Identity as an Application Security Engineer.
CEUs
1