3

I came across evil twins which to my understanding are malicious WiFi networks broadcasting the same Ids as other legitimate ones. People then unknowingly automatically connect and are at risk.

I understand you can avoid this by simply not allowing your device to automatically connect, but in theory could you use the same idea that public and private keys allow you to send messages securely that are ensured to be from who they say they are to connect only to the WiFi networks that you want?

In addition if that is a possibility, is it already implemented or is it a case of doing too much when other controls like not allowing automatic connection are already available?

Chaminda Bandara
  • 283
  • 1
  • 2
  • 13
K.Nelson
  • 31
  • 1
  • 1
    Note that the evil twin attacks do not apply to all types of Wi-Fi networks. Specifically, WPA2 personal and some EAP methods of WPA2 enterprise are not affected. – multithr3at3d Apr 08 '18 at 02:15

2 Answers2

1

If you configure wireless access points for mutual authentication, regular users will not automatically connect to unknown networks.

The easiest way these days is probably EAP-TLS (basically everyone supports it). Note that the user's machine must trust the certificate from the access point, so a one-time setup will be necessary which places your CA certs into their OS trusted store. Obviously, this only works in enterprise scenarios where you've deployed certificates to network devices.

For open public wifi, there is no solution. As MTG mentioned, you simply use TLS to secure your communication. The network will be able to see where the packets are going, but your data will remain confidential.

DoubleD
  • 3,862
  • 1
  • 6
  • 14
0

Those Rogue Access Points are deployed to lead users into sniffing, spoofing, man-in-the-middle and session hijack attacks. Protocols of plain text nature are prone to such attacks.

Secure transports such as SSL, TLS can protect sessions from tampering and eavesdropping most of the time, if up to date certificates are installed on clients side and servers use registered certs as well. But if the servers use self-signed certs, MITM and other attacks are still possible.

We hope IPSec will address all those concerns in the future, by making and end-to-end secure channel between clients and servers at network layer.

Yes, Pub-Priv key pairs can do, yet access points are not so resourceful to do so per user. That may come with side effects like degraded connectivity. Some (and not all) of AP's offer vpn connections. Solutions mentioned above overcome such insecurities by taking the game from layer 2 to layer 3 and above.

MTG
  • 212
  • 1
  • 3