http://wiki.cas.mcmaster.ca/index.php?feed=atom&target=Chenc8&title=Special%3AContributionsComputing and Software Wiki - User contributions [en]2026-05-23T06:11:16ZFrom Computing and Software WikiMediaWiki 1.15.1http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T03:07:13Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
[[Image:oldphone.JPG|frame|right|Has VoIP evolved enough so that the benefits outweigh the costs?]]<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system.[1] The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks.[7]<br />
<br />
==Introduction==<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components[6]:<br />
<br />
{| border="1" cellpadding="2"<br />
|-<br />
|width="5%"|'''Data Network'''<br />
|width="90%"|<br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|'''Call Server'''<br />
| <br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP). Here is a very brief overview of the two protocols.[6]<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks.[8]<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: [5,8]<br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.[7]<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.[6]<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.[6]<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP: [2,3]<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:[7]<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunately, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication: [4]<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:[8]<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
<br />
{|align="right"<br />
|[[image:DoS.JPG|right|thumb|600px|Source:http://www.hillside.net/plop/2007/papers/PLoP2007_PelaezEtAl.pdf]]<br />
|}<br />
<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The infected computers, sometimes called zombies as in the image to the right, can then be coordinated to bombard a target with traffic effectively disabling it.[7,10]<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering and/or firewalls. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br style="clear:both;"/><br />
===Summary===<br />
{| border="1" align="right"<br />
|<br />
{| border="5" cellspacing="5" cellpadding="2" align="right"<br />
|+ '''VoIP Security Vulnerabilities'''<br />
! Threat!! Countermeasures<br />
|-<br />
|<br />
'''Eavesdropping'''<br />
| <br />
Data Encryption<br />
|-<br />
|<br />
'''Theft of services'''<br />
|<br />
Authentication<br />
|-<br />
|<br />
'''Denial of Services''' <br />
|<br />
Packet Filtering<br />
|}<br />
|-<br />
| align="center"|A short summary<br />
|}<br />
Although there is more than way one to defend against a certain kind of attack, the most common countermeasures to the attacks listed in this wiki are summarized in the table to the right.<br />
<br style="clear:both;"/><br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network. [8]<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# Jaikumar Vijayan. "VOIP: Don't overlook security". Retrieved on 2008-04-08. [http://www.computerworld.com/securitytopics/security/story/0,10801,74840,00.html]<br />
# Bruce Schneier. "VOIP Encryption". Retrieved on 2008-04-12. [http://www.schneier.com/blog/archives/2006/04/voip_encryption.html]<br />
# "How to: Encrypt Your VoIP". Retrieved on 2008-04-11. [http://www.voipnow.org/2007/04/how_to_encrypt_.html]<br />
# "VoIP Authentication (UNI-OSP) Feature". Retrieved on 2008-04-12. [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html]<br />
# "Overview of the Session Initiation Protocol". Retrieved on 2008-04-12. [http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]<br />
# Tom Long. "Eavesdropping an IP Telephony Call". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/telephone/318.php]<br />
# Philip Bednarz. "How VoIP is changing the network security equation". Retrieved on 2008-04-09. [http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939]<br />
# Eric Weiss. "Security Concerns with VOIP". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/voip/323.php]<br />
# Peter Thermos. "Two attacks against VoIP". Rerieved on 2008-04-09. [http://www.securityfocus.com/infocus/1862]<br />
# Juan C. Pelaez, Eduardo B. Fernandez, Maria M. Larrondo-Petrie, Christian Wieser. "Attack Patterns in VoIP". Retrieved on 2008-04-12. [http://www.hillside.net/plop/2007/papers/PLoP2007_PelaezEtAl.pdf]<br />
==See Also==<br />
[[Two-factor Authentication]]<BR><br />
[[Public Key Encryption Algorithms]]<BR><br />
[[Peer to Peer Network Security]]<BR><br />
[[Streaming Media Technology]]<BR><br />
[[Secure Electronic Transaction (SET) Protocol]]<BR><br />
<br />
==External Links==<br />
* [http://en.wikipedia.org/wiki/Session_Initiation_Protocol Session Initiation Protocol]<br />
* [http://en.wikipedia.org/wiki/H.323 H.323]<br />
* [http://en.wikipedia.org/wiki/VoIP VoIP]<br />
<br />
--[[User:Chenc8|Chenc8]] 23:07, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T02:44:18Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
[[Image:oldphone.JPG|frame|right|Has VoIP evolved enough so that the benefits outweigh the costs?]]<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system.[1] The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. <br />
<br />
==Introduction==<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components[6]:<br />
<br />
{| border="1" cellpadding="2"<br />
|-<br />
|width="5%"|'''Data Network'''<br />
|width="90%"|<br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|'''Call Server'''<br />
| <br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP). Here is a very brief overview of the two protocols.[6]<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks.[8]<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: [8]<br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.[7]<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP: [2,3]<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunately, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication: [4]<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
<br />
{|align="right"<br />
|[[image:DoS.JPG|right|thumb|600px|Source:http://www.hillside.net/plop/2007/papers/PLoP2007_PelaezEtAl.pdf]]<br />
|}<br />
<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The infected computers, sometimes called zombies as in the image to the right, can then be coordinated to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering and/or firewalls. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br style="clear:both;"/><br />
===Summary===<br />
{| border="1" align="right"<br />
|<br />
{| border="5" cellspacing="5" cellpadding="2" align="right"<br />
|+ '''VoIP Security Vulnerabilities'''<br />
! Threat!! Countermeasures<br />
|-<br />
|<br />
'''Eavesdropping'''<br />
| <br />
Data Encryption<br />
|-<br />
|<br />
'''Theft of services'''<br />
|<br />
Authentication<br />
|-<br />
|<br />
'''Denial of Services''' <br />
|<br />
Packet Filtering<br />
|}<br />
|-<br />
| align="center"|A short summary<br />
|}<br />
Although there is more than way one to defend against a certain kind of attack, the most common countermeasures to the attacks listed in this wiki are summarized in the table to the right.<br />
<br style="clear:both;"/><br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network. [8]<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# Jaikumar Vijayan. "VOIP: Don't overlook security". Retrieved on 2008-04-08. [http://www.computerworld.com/securitytopics/security/story/0,10801,74840,00.html]<br />
# Bruce Schneier. "VOIP Encryption". Retrieved on 2008-04-12. [http://www.schneier.com/blog/archives/2006/04/voip_encryption.html]<br />
# "How to: Encrypt Your VoIP". Retrieved on 2008-04-11. [http://www.voipnow.org/2007/04/how_to_encrypt_.html]<br />
# "VoIP Authentication (UNI-OSP) Feature". Retrieved on 2008-04-12. [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html]<br />
# "Overview of the Session Initiation Protocol". Retrieved on 2008-04-12. [http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]<br />
# Tom Long. "Eavesdropping an IP Telephony Call". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/telephone/318.php]<br />
# Philip Bednarz. "How VoIP is changing the network security equation". Retrieved on 2008-04-09. [http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939]<br />
# Eric Weiss. "Security Concerns with VOIP". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/voip/323.php]<br />
# Peter Thermos. "Two attacks against VoIP". Rerieved on 2008-04-09. [http://www.securityfocus.com/infocus/1862]<br />
# Juan C. Pelaez, Eduardo B. Fernandez, Maria M. Larrondo-Petrie, Christian Wieser. "Attack Patterns in VoIP". Retrieved on 2008-04-12. [http://www.hillside.net/plop/2007/papers/PLoP2007_PelaezEtAl.pdf]<br />
==See Also==<br />
[[Two-factor Authentication]]<BR><br />
[[Public Key Encryption Algorithms]]<BR><br />
[[Peer to Peer Network Security]]<BR><br />
<br />
==External Links==<br />
* [http://en.wikipedia.org/wiki/Session_Initiation_Protocol Session Initiation Protocol]<br />
* [http://en.wikipedia.org/wiki/H.323 H.323]<br />
* [http://en.wikipedia.org/wiki/VoIP VoIP]<br />
<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T02:27:44Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
[[Image:oldphone.JPG|frame|right|Has VoIP evolved enough so that the benefits outweigh the costs?]]<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. <br />
<br />
==Introduction==<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
<br />
{| border="1" cellpadding="2"<br />
|-<br />
|width="5%"|'''Data Network'''<br />
|width="90%"|<br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|'''Call Server'''<br />
| <br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP).<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks. (cite)<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: <br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunalty, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication:<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
<br />
{|align="right"<br />
|[[image:DoS.JPG|right|thumb|500px|Source:http://www.hillside.net/plop/2007/papers/PLoP2007_PelaezEtAl.pdf]]<br />
|}<br />
<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The infected computers, sometimes called zombies as in the image to the right, can then be coordinated to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering and/or firewalls. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br style="clear:both;"/><br />
===Summary===<br />
{| border="1" align="right"<br />
|<br />
{| border="5" cellspacing="5" cellpadding="2" align="right"<br />
|+ '''VoIP Security Vulnerabilities'''<br />
! Threat!! Countermeasures<br />
|-<br />
|<br />
'''Eavesdropping'''<br />
| <br />
Data Encryption<br />
|-<br />
|<br />
'''Theft of services'''<br />
|<br />
Authentication<br />
|-<br />
|<br />
'''Denial of Services''' <br />
|<br />
Packet Filtering<br />
|}<br />
|-<br />
| align="center"|A short summary<br />
|}<br />
Although there is more than way one to defend against a certain kind of attack, the most common countermeasures to the attacks listed in this wiki are summarized in the table to the right.<br />
<br style="clear:both;"/><br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# Jaikumar Vijayan. "VOIP: Don't overlook security". Retrieved on 2008-04-08. [http://www.computerworld.com/securitytopics/security/story/0,10801,74840,00.html]<br />
# Bruce Schneier. "VOIP Encryption". Retrieved on 2008-04-12. [http://www.schneier.com/blog/archives/2006/04/voip_encryption.html]<br />
# "How to: Encrypt Your VoIP". Retrieved on 2008-04-11. [http://www.voipnow.org/2007/04/how_to_encrypt_.html]<br />
# "VoIP Authentication (UNI-OSP) Feature". Retrieved on 2008-04-12. [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html]<br />
# "Overview of the Session Initiation Protocol". Retrieved on 2008-04-12. [http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]<br />
# Tom Long. "Eavesdropping an IP Telephony Call". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/telephone/318.php]<br />
# Philip Bednarz. "How VoIP is changing the network security equation". Retrieved on 2008-04-09. [http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939]<br />
# Eric Weiss. "Security Concerns with VOIP". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/voip/323.php]<br />
# Peter Thermos. "Two attacks against VoIP". Rerieved on 2008-04-09. [http://www.securityfocus.com/infocus/1862]<br />
# Juan C. Pelaez, Eduardo B. Fernandez, Maria M. Larrondo-Petrie, Christian Wieser. "Attack Patterns in VoIP". Retrieved on 2008-04-12. [http://www.hillside.net/plop/2007/papers/PLoP2007_PelaezEtAl.pdf]<br />
==See Also==<br />
[[Two-factor Authentication]]<BR><br />
[[Public Key Encryption Algorithms]]<BR><br />
[[Peer to Peer Network Security]]<BR><br />
<br />
==External Links==<br />
* [http://en.wikipedia.org/wiki/Session_Initiation_Protocol Session Initiation Protocol]<br />
* [http://en.wikipedia.org/wiki/H.323 H.323]<br />
* [http://en.wikipedia.org/wiki/VoIP VoIP]<br />
<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/File:DoS.JPGFile:DoS.JPG2008-04-14T02:16:29Z<p>Chenc8: </p>
<hr />
<div></div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T02:06:45Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
[[Image:oldphone.JPG|frame|right|Has VoIP evolved enough so that the benefits outweigh the costs?]]<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. <br />
<br />
==Introduction==<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
<br />
{| border="1" cellpadding="2"<br />
|-<br />
|width="5%"|'''Data Network'''<br />
|width="90%"|<br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|'''Call Server'''<br />
| <br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP).<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks. (cite)<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: <br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunalty, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication:<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The hacker can the send a message to all bots to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br />
===Summary===<br />
{| border="1" align="right"<br />
|<br />
{| border="5" cellspacing="5" cellpadding="2" align="right"<br />
|+ '''VoIP Security Vulnerabilities'''<br />
! Threat!! Countermeasures<br />
|-<br />
|<br />
'''Eavesdropping'''<br />
| <br />
Data Encryption<br />
|-<br />
|<br />
'''Theft of services'''<br />
|<br />
Authentication<br />
|-<br />
|<br />
'''Denial of Services''' <br />
|<br />
Packet Filtering<br />
|}<br />
|-<br />
| align="center"|A short summary<br />
|}<br />
Although there is more than way one to defend against a certain kind of attack, the most common countermeasures to the attacks listed in this wiki are summarized in the table to the right.<br />
<br style="clear:both;"/><br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# Jaikumar Vijayan. "VOIP: Don't overlook security". Retrieved on 2008-04-08. [http://www.computerworld.com/securitytopics/security/story/0,10801,74840,00.html]<br />
# Bruce Schneier. "VOIP Encryption". Retrieved on 2008-04-12. [http://www.schneier.com/blog/archives/2006/04/voip_encryption.html]<br />
# "How to: Encrypt Your VoIP". Retrieved on 2008-04-11. [http://www.voipnow.org/2007/04/how_to_encrypt_.html]<br />
# "VoIP Authentication (UNI-OSP) Feature". Retrieved on 2008-04-12. [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html]<br />
# "Overview of the Session Initiation Protocol". Retrieved on 2008-04-12. [http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]<br />
# Tom Long. "Eavesdropping an IP Telephony Call". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/telephone/318.php]<br />
# Philip Bednarz. "How VoIP is changing the network security equation". Retrieved on 2008-04-09. [http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939]<br />
# Eric Weiss. "Security Concerns with VOIP". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/voip/323.php]<br />
# Peter Thermos. "Two attacks against VoIP". Rerieved on 2008-04-09. [http://www.securityfocus.com/infocus/1862]<br />
<br />
==See Also==<br />
[[Two-factor Authentication]]<BR><br />
[[Public Key Encryption Algorithms]]<BR><br />
[[Peer to Peer Network Security]]<BR><br />
<br />
==External Links==<br />
* [http://en.wikipedia.org/wiki/Session_Initiation_Protocol Session Initiation Protocol]<br />
* [http://en.wikipedia.org/wiki/H.323 H.323]<br />
* [http://en.wikipedia.org/wiki/VoIP VoIP]<br />
<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T01:17:20Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
[[Image:oldphone.JPG|frame|right|Has VoIP evolved enough so that the benefits outweigh the costs?]]<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. <br />
<br />
==Introduction==<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
<br />
{| border="1" cellpadding="2"<br />
|-<br />
|width="5%"|'''Data Network'''<br />
|width="90%"|<br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|'''Call Server'''<br />
| <br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP).<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks. (cite)<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: <br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunalty, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication:<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The hacker can the send a message to all bots to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br />
===Summary===<br />
{| border="5" cellspacing="5" cellpadding="2" align="center"<br />
|+ '''VoIP Security Vulnerabilities'''<br />
! Threat!! Countermeasures<br />
|-<br />
|<br />
'''Eavesdropping'''<br />
| <br />
Data Encryption<br />
|-<br />
|<br />
'''Theft of services'''<br />
|<br />
Authentication<br />
|-<br />
|<br />
'''Denial of Services''' <br />
|<br />
Packet Filtering<br />
|}<br />
<br style="clear:both;"/><br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# Jaikumar Vijayan. "VOIP: Don't overlook security". Retrieved on 2008-04-08. [http://www.computerworld.com/securitytopics/security/story/0,10801,74840,00.html]<br />
# Bruce Schneier. "VOIP Encryption". Retrieved on 2008-04-12. [http://www.schneier.com/blog/archives/2006/04/voip_encryption.html]<br />
# "How to: Encrypt Your VoIP". Retrieved on 2008-04-11. [http://www.voipnow.org/2007/04/how_to_encrypt_.html]<br />
# "VoIP Authentication (UNI-OSP) Feature". Retrieved on 2008-04-12. [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html]<br />
# "Overview of the Session Initiation Protocol". Retrieved on 2008-04-12. [http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]<br />
# Tom Long. "Eavesdropping an IP Telephony Call". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/telephone/318.php]<br />
# Philip Bednarz. "How VoIP is changing the network security equation". Retrieved on 2008-04-09. [http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939]<br />
# Eric Weiss. "Security Concerns with VOIP". Retrieved on 2008-04-09. [http://www.sans.org/reading_room/whitepapers/voip/323.php]<br />
# Peter Thermos. "Two attacks against VoIP". Rerieved on 2008-04-09. [http://www.securityfocus.com/infocus/1862]<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T00:58:13Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
[[Image:oldphone.JPG|frame|right|Has VoIP evolved enough so that the benefits outweigh the costs?]]<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. <br />
<br />
==Introduction==<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
<br />
{| border="1" cellpadding="2"<br />
|-<br />
|width="5%"|'''Data Network'''<br />
|width="90%"|<br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|'''Call Server'''<br />
| <br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP).<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks. (cite)<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: <br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunalty, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication:<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The hacker can the send a message to all bots to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br />
===Summary===<br />
{| border="5" cellspacing="5" cellpadding="2" align="center"<br />
|+ '''VoIP Security Vulnerabilities'''<br />
! Threat!! Countermeasures<br />
|-<br />
|<br />
'''Eavesdropping'''<br />
| <br />
Data Encryption<br />
|-<br />
|<br />
'''Theft of services'''<br />
|<br />
Authentication<br />
|-<br />
|<br />
'''Denial of Services''' <br />
|<br />
Packet Filtering<br />
|}<br />
<br style="clear:both;"/><br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T00:08:36Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
[[Image:oldphone.JPG|frame|right|Has VoIP come far enough so that the benefits outweigh the costs to justify its use?]]<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. <br />
<br />
==Introduction==<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
{| border="5" cellspacing="5" cellpadding="2" align="left"<br />
|+ '''VoIP system Components'''<br />
! Component !! Description<br />
|-<br />
|<br />
'''Data Network'''<br />
| <br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|<br />
'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|<br />
'''Call Server''' <br />
|<br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|<br />
'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
<br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP).<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks. (cite)<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: <br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunalty, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication:<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The hacker can the send a message to all bots to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/File:Oldphone.JPGFile:Oldphone.JPG2008-04-14T00:04:33Z<p>Chenc8: </p>
<hr />
<div></div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-14T00:02:42Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. Has VoIP come far enough so that the benefits outweigh the costs to justify its use?<br />
<br />
==Introduction==<br />
<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
{| border="5" cellspacing="5" cellpadding="2" align="left"<br />
|+ '''VoIP system Components'''<br />
! Component !! Description<br />
|-<br />
|<br />
'''Data Network'''<br />
| <br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|<br />
'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|<br />
'''Call Server''' <br />
|<br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|<br />
'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
<br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP).<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks. (cite)<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
[[Image:SIP.JPG|right|thumb|Source:http://www.cisco.com/univercd/cc/td/doc/product/voice/sipsols/biggulp/bgsipov.htm]]<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components: <br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
<br style="clear:both;"/><br />
==Attacks==<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunalty, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication:<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The hacker can the send a message to all bots to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/File:SIP.JPGFile:SIP.JPG2008-04-13T23:56:14Z<p>Chenc8: </p>
<hr />
<div></div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-13T23:53:18Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. Has VoIP come far enough so that the benefits outweigh the costs to justify its use?<br />
<br />
==Introduction==<br />
<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
{| border="5" cellspacing="5" cellpadding="2" align="left"<br />
|+ '''VoIP system Components'''<br />
! Component !! Description<br />
|-<br />
|<br />
'''Data Network'''<br />
| <br />
* Must be high performance to avoid choppy communication<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
|-<br />
|<br />
'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
|-<br />
|<br />
'''Call Server''' <br />
|<br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|<br />
'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
<br />
===VoIP Protocols===<br />
Voice is connection oriented, hence communication between two parties must be set up first. Two of the most common protocols used are H.323 and Session Initiation Protocol (SIP).<br />
<br />
====H.323====<br />
H.323 is a standard to promote compatibility in video conference transmissions over IP networks. (cite)<br />
<br />
H.323 has four main components:<br />
# Terminal<br />
# Gateway<br />
# Multipoint Control Unit (MCU)<br />
# Gatekeeper<br />
<br />
====Session Initiation Protocol====<br />
SIP is a peer-to-peer standard protocol for multimedia conferencing over IP. SIP exists on the application layer used to initiate, maintain, as well as terminate a call. SIP contains 3 components:<br />
# User agent client or user agent server<br />
# Proxy server<br />
# Redirect server<br />
<br />
==Attacks==<br />
<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
To eavesdrop a call there are 3 simple steps:<br />
# Understanding how IP Telephony works. <br />
# Obtain tools. <br />
# Connect the tools into the IP network.<br />
<br />
A typical eavesdropper would:<br />
# Perform a side channel attack based on the fact all IP Telephony implementations use Real Time Protocol(RTP) to transfer packets.<br />
# Download, install, and run Fireberd DNA-323 to capture and replay voice packets.<br />
# Connect to the IP network the VoIP conversation is taking place on.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
One of the great things about VoIP is the fact that you can take it anywhere in the world that has internet access and use it. Unfortunately, this also benefits the hacker so that he or she may steal access to your VoIP services and then possibly do criminal activities with them. Also known as VoIP "phreaking", the hacker can steal your VoIP services through two common ways:<br />
* '''Spoofing'''<br />
** Accomplished through changing the header data in the voice packet so it looks like it comes from a different source<br />
** Hacking into SIP changing SIP registrar information<br />
* '''Man in the middle attack''' (MITM).<br />
** Accomplished through monitoring traffic, recording it and/or changing it<br />
<br />
====Authentication====<br />
The most effective countermeasure to theft of VoIP services involves implementing authentication. Fortunalty, VoIP protocols include some form of authentication. Specifically, the H.235 component of H.323 facilitates 3 types of authentication:<br />
# Symmetric encryption<br />
# Subscription based<br />
# IPSEC<br />
Subscription based is much more CPU intensive than symmetric encryption and requires the sharing of a secret key before communication can begin. Alternatively, H.235 may allow IPSEC to handle the authentication.<br />
SIP also provides 3 different types of authentication:<br />
# Basic authentication<br />
# Digest authentication<br />
# PGP authentication<br />
However, all three are challenge-response based.<br />
<br />
Other authentication methods include but not limited to:<br />
* Public key authentication with certification<br />
* Diffie-Hellman key exchange<br />
* [http://www.cisco.ws/en/US/docs/ios/12_1t/12_1t2/feature/guide/uni_osp.html UNI-OSP] from Cisco<br />
<br />
===Denial of Services===<br />
There are two main types of denial of services attacks in the VoIP environment including:<br />
# Exploiting software bugs to bring down servers<br />
# Distributed bandwidth attack<br />
Before a DoS attack can take place, the hacker must first use a sniffing program to look for vulnerable hosts. As discussed in class, a port scanner is useful to identify those hosts. In a distributed DoS (DDoS) attack, once the vulnerable host is found, a program sometimes called a bot is installed on the computer and awaits for instructions. The hacker can the send a message to all bots to bombard a target with traffic effectively disabling it.<br />
<br />
====Packet Filtering====<br />
Denial of service attacks are hard to defend against because of the nature of the attack; The attack is hard to distinguish from normal traffic. The method to defend against DoS attacks used today is mainly packet filtering. The packet filter must look for suspicious packets and block them before reaching the target. There is still a great amount of work that can be done in this area.<br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
# http://www.eetimes.com/showArticle.jhtml;jsessionid=ERU1FKTFCHUJUQSNDLPCKH0CJUNN2JVN?articleID=16505939<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-13T18:26:58Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. Has VoIP come far enough so that the benefits outweigh the costs to justify its use?<br />
<br />
==Introduction==<br />
<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
{| border="5" cellspacing="5" cellpadding="2" align="left"<br />
|+ '''VoIP system Components'''<br />
! Component !! Description<br />
|-<br />
|<br />
'''Data Network'''<br />
| <br />
* Must be high performance to avoid choppy communication<br />
* Must be resilient in the sense that traffic congestion will not greatly effect voice quality<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
*** Redefines 6-bits of the Type of Service byte in IP header<br />
*** DSCP (DiffServ Code Point) used to prioritize the IP packet<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
*** Uses 3-bits of 802.1Q frame tag to prioritize an Ethernet frame<br />
|-<br />
|<br />
'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
* Uses Cat5 cable<br />
|-<br />
|<br />
'''Call Server''' <br />
|<br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|<br />
'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
<br />
==Attacks==<br />
<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common ways of implementing data encryption for VoIP:<br />
<br />
* Using software such as [http://zfoneproject.com/ Zfone]<br />
* Using VoIP clients with built in encryption such as Skype<br />
Skype comes with its own propriety encryption method. Some other common methods include:<br />
[http://en.wikipedia.org/wiki/Data_Encryption_Standard Data Encryption Standard](DES), <br />
[http://en.wikipedia.org/wiki/Triple_DES Triple DES] (3DES), <br />
[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard Advanced Encryption Standard] (AES)<br />
* Using a Virtual Private Network (VPN)<br />
===Theft of Services===<br />
<br />
===Denial of Services===<br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-13T17:29:21Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. Has VoIP come far enough so that the benefits outweigh the costs to justify its use?<br />
<br />
==Introduction==<br />
<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
{| border="5" cellspacing="5" cellpadding="2" align="left"<br />
|+ '''VoIP system Components'''<br />
! Component !! Description<br />
|-<br />
|<br />
'''Data Network'''<br />
| <br />
* Must be high performance to avoid choppy communication<br />
* Must be resilient in the sense that traffic congestion will not greatly effect voice quality<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
*** Redefines 6-bits of the Type of Service byte in IP header<br />
*** DSCP (DiffServ Code Point) used to prioritize the IP packet<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
*** Uses 3-bits of 802.1Q frame tag to prioritize an Ethernet frame<br />
|-<br />
|<br />
'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
* Uses Cat5 cable<br />
|-<br />
|<br />
'''Call Server''' <br />
|<br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|<br />
'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
* Can be taken over by hackers to make free calls<br />
|}<br />
<br style="clear:both;"/><br />
<br />
==Attacks==<br />
<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
Eavesdropping on VoIP calls involves third parties monitoring the call signal packets in which the hacker may learn of confidential information such as name, passwords, and other personal information. This is especially significant to businesses as corporate sensitive information may be revealed.<br />
<br />
VoIP eavesdropping is easier accomplished that eavesdropping the traditional telephone line through physical wiretap since the hacker must physically place the wiretap. Since VoIP calls send data across the network, the hacker can sniff for packets anywhere along the network.<br />
<br />
====Data Encryption====<br />
The most effective countermeasure to eavesdropping is data encryption. As seen in class, there are many data encryption methods, some more effective than others. However, all methods introduce overhead which can greatly effect the quality of the conversation by causing large packet loss and packet jitter. Here are some common data encryption methods:<br />
<br />
* Data Encryption Standard(DES) [[Wikipedia:Data Encryption Standard|Data Encryption Standard]]<br />
* <br />
===Theft of Services===<br />
<br />
===Denial of Services===<br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
<br />
==See Also==<br />
<br />
==External Links==<br />
<br />
--[[User:Chenc8|Chenc8]] 13:29, 13 April 2008 (EDT)</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-13T03:37:39Z<p>Chenc8: </p>
<hr />
<div>'''VoIP''' (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. Has VoIP come far enough so that the benefits outweigh the costs to justify its use?<br />
<br />
==Introduction==<br />
<br />
To greater understand VoIP security, a general overview of VoIP systems is useful. <br />
<br />
===Components===<br />
A typical VoIP system includes four components:<br />
{| border="5" cellspacing="5" cellpadding="2" align="left"<br />
|+ '''VoIP system Components'''<br />
! Component !! Description<br />
|-<br />
|<br />
'''Data Network'''<br />
| <br />
* Must be high performance to avoid choppy communication<br />
* Must be resilient in the sense that traffic congestion will not greatly effect voice quality<br />
* QoS (Quality of Service) standard to prioritize voice traffic over data traffic<br />
** DiffServ<br />
*** Layer 3 QoS mechanism<br />
*** Redefines 6-bits of the Type of Service byte in IP header<br />
*** DSCP (DiffServ Code Point) used to prioritize the IP packet<br />
** 802.1p<br />
*** Layer 2 QoS mechanism<br />
*** Uses 3-bits of 802.1Q frame tag to prioritize an Ethernet frame<br />
|-<br />
|<br />
'''IP Handset'''<br />
|<br />
* Handset has to be IP enabled so audio stream can be digitized to be transmitted on the IP network<br />
* Uses Cat5 cable<br />
|-<br />
|<br />
'''Call Server''' <br />
|<br />
* Application running on dedicated workstation<br />
* Provides all call signaling<br />
* Provides all call control functionality<br />
* Core operating code of a PBX (Private Branch Exchange) transferred here<br />
|-<br />
|<br />
'''Gateway'''<br />
|<br />
* Voice connectivity between IP network and public carrier network<br />
|}<br />
<br style="clear:both;"/><br />
<br />
==Attacks==<br />
<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
<br />
===Theft of Services===<br />
<br />
===Denial of Services===<br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
<br />
==See Also==<br />
<br />
==External Links==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-13T02:55:32Z<p>Chenc8: </p>
<hr />
<div>VoIP (Voice over Internet Protocol) is a protocol used for the transmission of voice data across the Internet. IP telephony treats voice as another form of data that is compressed and optimized for network traffic and is vulnerable to attacks traditional data would be on the network. VoIP security is akin to network security; voice data traveling the network will look like any other normal data.<br />
<br />
Corporations generally place VoIP concerns on the voice quality, latency, and quality of service above the overall security when VoIP telephony is actually more vulnerable to certain attacks compared to the traditional phone system. The most common threats found in the VoIP environment include eavesdropping, theft of services, and denial of service attacks. Has VoIP come far enough so that the benefits outweigh the costs to justify its use?<br />
<br />
==Introduction==<br />
<br />
VoIP has the immediate benefits of reduced costs of operations to corporations with the dual use of the existing data networks already in place for voice and data packets contrast to the more expensive alternative of a separate traditional phone line network from the data network. <br />
<br />
==Attacks==<br />
<br />
There are three main types of attacks that the VoIP environment are susceptible to including eavesdropping, theft of services, and denial of service attacks.<br />
<br />
===Eavesdropping===<br />
<br />
===Theft of Services===<br />
<br />
===Denial of Services===<br />
<br />
==Recommendations==<br />
<br />
Although a network cannot be completely immune to attack, here are some recommendations to secure your VoIP network.<br />
<br />
# Do not user shared media devices (ie hubs) on networks<br />
# All VoIP traffic should be encrypted<br />
# VoIP servers with confidential information should be treated as a confidential database<br />
# Build redundancy into VoIP network.<br />
# Make sure firewall is VoIP aware<br />
<br />
==References==<br />
<br />
==See Also==<br />
<br />
==External Links==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/VoIP_(Voice_Over_IP)_SecurityVoIP (Voice Over IP) Security2008-04-11T17:22:54Z<p>Chenc8: Initial creation</p>
<hr />
<div>-Abstract-<br />
VoIP has the immediate benefits of reduced costs of operations to corporations with the dual use of the existing data networks already in place for voice and data packets contrast to the more expensive alternative of a separate traditional phone line network from the data network. Companies generally place their concern of voice quality, latency, and quality of service of VoIP above the overall security when in fact VoIP telephony is actually more vulnerable to certain attacks. This wiki will outline three of the most common threats found in the VoIP environment including eavesdropping, theft of services, and denial of service attacks as well as the counter measures employed by security officers against these threats. Has VoIP come far enough so that the benefits outweigh the costs to justify its use?</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-02T05:23:07Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services by moving their computer into range a broadcasting access point of someone’s wireless connection without the owner’s explicit permission or knowledge.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with [http://en.wikipedia.org/wiki/Wardriving wardriving] which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
<br />
== Views and Ethics ==<br />
Views on piggybacking vary widely amongst people because of the controversial nature of the practice. On one side, advocates believe the practice does not harm anyone while benefiting the piggybacker. On the other side, advocates describe the practice to "freeloading" as bandwidth costs money and the piggybacker essentially gets it for free. The table below summarizes some of these arguments with analogies.<br />
<br />
{| border="5" cellspacing="5" cellpadding="2" align="center"<br />
|+ '''Analogies to Piggybacking Wireless Internet'''<br />
! Advocates For !! Advocates Against<br />
|-<br />
|<br />
* Drinking from a public water fountain <br />
* Reading over someone's shoulder <br />
* Eating leftovers a restaurant has thrown away<br />
* Borrowing a cup of sugar<br />
* Enjoying music playing from a neighbor's backyard<br />
| <br />
* Entering a home just because the door is unlocked <br />
* Stealing cable from a neighbor with a splitter <br />
* Hanging on the outside of a bus to get a free ride <br />
|}<br />
<br />
About 30% of the students surveyed in the McMaster University survey who said they have piggybacked in the past or present believe it is the network owner's responsibility to enable security. Responses such as "It is their fault for not enabling security in the first place" and "It's fair game" are some of the more cynical reasons students said in favor for piggybacking. One writes, “Leaving a network open is just being a good neighbor”.<br />
<br />
A person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc while remaining pretty much anonymous without a trail leading back them. Especially if many people piggyback on a single network, bandwidth can become an issue. Users on the network may experience major slow down if many people are using the network simultaneously or if there are a lot of downloads.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
** Enforces the minimum size of encryption to 128 bits <br />
*WEP+<br />
** Proprietary enhancement by Agere Systems which strengthens initialization vectors<br />
*Dynamic WEP <br />
** Changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
=== Honeypot ===<br />
One can set up a fake network for would-be piggybackers to connect to and see what they do. After they connect and their MAC address is logged, one can ban their MAC address from connecting to their network.<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
While generally strong, an exploit to WPA's flaw can crack the encryption. This method relies on obtaining the Pre-Shared Key (PSK) by monitoring network traffic packets when a valid computer logs into the network. Some tools that facilitate this are kisMAC or coWPATTY.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could prove you knew it was wrong to piggyback.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
Lin Zhenghuang was convicted and sentenced to 3 months jail time and a $4000 fine when he used his neighbor's internet to post a fake bombing report on forums managed by HardwareZone. The judge clarified the jail time would not be sentenced for piggybacking alone but for piggybacking "committed in order to facilitate the commission of or to avoid detection for some more serious offense" as with Mr. Zhenguang's case.<br />
<br />
== References ==<br />
<br />
# Michel Marriott. "Hey Neighbor, Stop Piggybacking on My Wireless", The New York Times, 2006-03-05. Retrieved on 2007-11-27. <http://www.nytimes.com/2006/03/05/technology/05wireless.html?_r=1&oref=slogin><br />
# Bradley Mitchell. "Wireless / Networking", About. Retrieved on 2007-11-27. <http://compnetworking.about.com/od/wirelessfaqs/f/legal_free_wifi.htm><br />
# Wikipedia. "Piggybacking (internet access)", Wikipedia, 2007-11-14. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Piggybacking_(internet_access)><br />
# Adam Pash. "Reader Poll: Do you piggyback wireless internet?", lifehacker. Retrieved on 2007-11-27. <http://lifehacker.com/software/poll/reader-poll-do-you-piggyback-wireless-internet-158613.php><br />
# News Report. "Research Shows Wi-Fi Piggybacking Widespread", digital communities. Retrieved on 2007-11-27. <http://www.govtech.com/dc/articles/186157><br />
# bwilds. "WPA Encryption Cracking", ITtoolbox Blogs. Retrieved on 2007-11-27. <http://blogs.ittoolbox.com/wireless/networks/archives/wpa-encryption-cracking-7419><br />
# Byran Rite. "Cracking WEP and WPA Wireless Networks", Alkaloid Docupedia. Retrieved on 2007-11-27. <http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks><br />
# Glenn Fleishman. "WPA Cracking Proof Concept Available", Wi-fi Net News. Retrieved on 2007-11-27. <http://www.wifinetnews.com/archives/004428.html><br />
# Wikipedia. "Wired Equivalent Privacy", Wikipedia, 2007-11-26. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy><br />
# Michael Ossmann. "WEP: Dead Again, Part 1", 2004-12-14. Retrieved on 2007-11-27. <http://www.securityfocus.com/infocus/1814><br />
# CBC Spark Radio Podcast: <http://podcast.cbc.ca/mp3/spark_20071107_3820.mp3>. Retrieved on 2007-11-27.<br />
<br />
<br />
== See Also ==<br />
[[Social engineering]]<BR><br />
[[Honeypot]]<BR><br />
<br />
== External Links ==<br />
* [http://www.zvulony.com/ Zvuloney & Co]<br />
* [http://en.wikipedia.org/wiki/Wireless_community_network Wireless Community Networks]<br />
<br />
--[[User:Chenc8|Chenc8]] 13:53, 1 December 2007 (EST) Jinn Tarng Christopher Chen</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-02T04:37:16Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services by moving their computer into range a broadcasting access point of someone’s wireless connection without the owner’s explicit permission or knowledge.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with [http://en.wikipedia.org/wiki/Wardriving wardriving] which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
<br />
== Views and Ethics ==<br />
Views on piggybacking vary widely amongst people because of the controversial nature of the practice. On one side, advocates believe the practice does not harm anyone while benefiting the piggybacker. On the other side, advocates describe the practice to "freeloading" as bandwidth costs money and the piggybacker essentially gets it for free. The table below summarizes some of these arguments with anologies.<br />
<br />
{| border="5" cellspacing="5" cellpadding="2" align="center"<br />
|+ '''Analogies to Piggybacking Wireless Internet'''<br />
! Advocates For !! Advocates Against<br />
|-<br />
|<br />
* Drinking from a public water fountain <br />
* Reading over someone's shoulder <br />
* Eating leftovers a restaurant has thrown away<br />
* Borrowing a cup of sugar<br />
* Enjoying music playing from a neighbor's backyard<br />
| <br />
* Entering a home just because the door is unlocked <br />
* Stealing cable from a neighbor with a splitter <br />
* Hanging on the outside of a bus to get a free ride <br />
|}<br />
<br />
About 30% of the students surveyed in the McMaster University survey who said they have piggybacked in the past or present believe it is the network owner's responsibility to enable security. Responses such as "It is their fault for not enabling security in the first place" and "It's fair game" are some of the more cynical reasons students said in favor for piggybacking. One writes, “Leaving a network open is just being a good neighbor”.<br />
<br />
A person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc while remaining pretty much anonymous without a trail leading back them. Especially if many people piggyback on a single network, bandwidth can become an issue. Users on the network may experience major slow down if many people are using the network simultaneously or if there are a lot of downloads.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
** Enforces the minimum size of encryption to 128 bits <br />
*WEP+<br />
** Proprietary enhancement by Agere Systems which strengthens initialization vectors<br />
*Dynamic WEP <br />
** Changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
=== Honeypot ===<br />
One can set up a fake network for would-be piggybackers to connect to and see what they do. After they connect and their MAC address is logged, one can ban their MAC address from connecting to their network.<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
# Michel Marriott. "Hey Neighbor, Stop Piggybacking on My Wireless", The New York Times, 2006-03-05. Retrieved on 2007-11-27. <http://www.nytimes.com/2006/03/05/technology/05wireless.html?_r=1&oref=slogin><br />
# Bradley Mitchell. "Wireless / Networking", About. Retrieved on 2007-11-27. <http://compnetworking.about.com/od/wirelessfaqs/f/legal_free_wifi.htm><br />
# Wikipedia. "Piggybacking (internet access)", Wikipedia, 2007-11-14. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Piggybacking_(internet_access)><br />
# Adam Pash. "Reader Poll: Do you piggyback wireless internet?", lifehacker. Retrieved on 2007-11-27. <http://lifehacker.com/software/poll/reader-poll-do-you-piggyback-wireless-internet-158613.php><br />
# News Report. "Research Shows Wi-Fi Piggybacking Widespread", digital communities. Retrieved on 2007-11-27. <http://www.govtech.com/dc/articles/186157><br />
# bwilds. "WPA Encryption Cracking", ITtoolbox Blogs. Retrieved on 2007-11-27. <http://blogs.ittoolbox.com/wireless/networks/archives/wpa-encryption-cracking-7419><br />
# Byran Rite. "Cracking WEP and WPA Wireless Networks", Alkaloid Docupedia. Retrieved on 2007-11-27. <http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks><br />
# Glenn Fleishman. "WPA Cracking Proof Concept Available", Wi-fi Net News. Retrieved on 2007-11-27. <http://www.wifinetnews.com/archives/004428.html><br />
# Wikipedia. "Wired Equivalent Privacy", Wikipedia, 2007-11-26. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy><br />
# Michael Ossmann. "WEP: Dead Again, Part 1", 2004-12-14. Retrieved on 2007-11-27. <http://www.securityfocus.com/infocus/1814><br />
# CBC Spark Radio Podcast: <http://podcast.cbc.ca/mp3/spark_20071107_3820.mp3>. Retrieved on 2007-11-27.<br />
<br />
<br />
== See Also ==<br />
[[Social engineering]]<BR><br />
[[Honeypot]]<BR><br />
<br />
== External Links ==<br />
* [http://www.zvulony.com/ Zvuloney & Co]<br />
* [http://en.wikipedia.org/wiki/Wireless_community_network Wireless Community Networks]<br />
<br />
--[[User:Chenc8|Chenc8]] 13:53, 1 December 2007 (EST) Jinn Tarng Christopher Chen</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-02T04:23:32Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services by moving their computer into range a broadcasting access point of someone’s wireless connection without the owner’s explicit permission or knowledge.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with [http://en.wikipedia.org/wiki/Wardriving wardriving] which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
<br />
== Views and Ethics ==<br />
Views on piggybacking vary widely amongst people because of the controversial nature of the practice. On one side, advocates believe the practice does not harm anyone while benefiting the piggybacker. On the other side, advocates describe the practice to "freeloading" as bandwidth costs money and the piggybacker essentially gets it for free. The table below summarizes some of these arguments with anologies.<br />
<br />
{| border="5" cellspacing="5" cellpadding="2" align="center"<br />
|+ '''Analogies to Piggybacking Wireless Internet'''<br />
! Advocates For !! Advocates Against<br />
|-<br />
|<br />
* Drinking from a public water fountain <br />
* Reading over someone's shoulder <br />
* Eating leftovers a restaurant has thrown away<br />
* Borrowing a cup of sugar<br />
* Enjoying music playing from a neighbor's backyard<br />
| <br />
* Entering a home just because the door is unlocked <br />
* Stealing cable from a neighbor with a splitter <br />
* Hanging on the outside of a bus to get a free ride <br />
|}<br />
<br />
About 30% of the students surveyed in the McMaster University survey who said they have piggybacked in the past or present believe it is the network owner's responsibility to enable security. Responses such as "It is their fault for not enabling security in the first place" and "It's fair game" are some of the more cynical reasons students said in favor for piggybacking. One writes, “Leaving a network open is just being a good neighbor”.<br />
<br />
A person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc while remaining pretty much anonymous without a trail leading back them. Especially if many people piggyback on a single network, bandwidth can become an issue. Users on the network may experience major slow down if many people are using the network simultaneously or if there are a lot of downloads.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
# Michel Marriott. "Hey Neighbor, Stop Piggybacking on My Wireless", The New York Times, 2006-03-05. Retrieved on 2007-11-27. <http://www.nytimes.com/2006/03/05/technology/05wireless.html?_r=1&oref=slogin><br />
# Bradley Mitchell. "Wireless / Networking", About. Retrieved on 2007-11-27. <http://compnetworking.about.com/od/wirelessfaqs/f/legal_free_wifi.htm><br />
# Wikipedia. "Piggybacking (internet access)", Wikipedia, 2007-11-14. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Piggybacking_(internet_access)><br />
# Adam Pash. "Reader Poll: Do you piggyback wireless internet?", lifehacker. Retrieved on 2007-11-27. <http://lifehacker.com/software/poll/reader-poll-do-you-piggyback-wireless-internet-158613.php><br />
# News Report. "Research Shows Wi-Fi Piggybacking Widespread", digital communities. Retrieved on 2007-11-27. <http://www.govtech.com/dc/articles/186157><br />
# bwilds. "WPA Encryption Cracking", ITtoolbox Blogs. Retrieved on 2007-11-27. <http://blogs.ittoolbox.com/wireless/networks/archives/wpa-encryption-cracking-7419><br />
# Byran Rite. "Cracking WEP and WPA Wireless Networks", Alkaloid Docupedia. Retrieved on 2007-11-27. <http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks><br />
# Glenn Fleishman. "WPA Cracking Proof Concept Available", Wi-fi Net News. Retrieved on 2007-11-27. <http://www.wifinetnews.com/archives/004428.html><br />
# Wikipedia. "Wired Equivalent Privacy", Wikipedia, 2007-11-26. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy><br />
# Michael Ossmann. "WEP: Dead Again, Part 1", 2004-12-14. Retrieved on 2007-11-27. <http://www.securityfocus.com/infocus/1814><br />
# CBC Spark Radio Podcast: <http://podcast.cbc.ca/mp3/spark_20071107_3820.mp3>. Retrieved on 2007-11-27.<br />
<br />
<br />
== See Also ==<br />
[[Social engineering]]<BR><br />
<br />
== External Links ==<br />
* [http://www.zvulony.com/ Zvuloney & Co]<br />
<br />
--[[User:Chenc8|Chenc8]] 13:53, 1 December 2007 (EST) Jinn Tarng Christopher Chen</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T21:45:15Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services by moving their computer into range a broadcasting access point of someone’s wireless connection without the owner’s explicit permission or knowledge.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with [http://en.wikipedia.org/wiki/Wardriving wardriving] which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
# Michel Marriott. "Hey Neighbor, Stop Piggybacking on My Wireless", The New York Times, 2006-03-05. Retrieved on 2007-11-27. <http://www.nytimes.com/2006/03/05/technology/05wireless.html?_r=1&oref=slogin><br />
# Bradley Mitchell. "Wireless / Networking", About. Retrieved on 2007-11-27. <http://compnetworking.about.com/od/wirelessfaqs/f/legal_free_wifi.htm><br />
# Wikipedia. "Piggybacking (internet access)", Wikipedia, 2007-11-14. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Piggybacking_(internet_access)><br />
# Adam Pash. "Reader Poll: Do you piggyback wireless internet?", lifehacker. Retrieved on 2007-11-27. <http://lifehacker.com/software/poll/reader-poll-do-you-piggyback-wireless-internet-158613.php><br />
# News Report. "Research Shows Wi-Fi Piggybacking Widespread", digital communities. Retrieved on 2007-11-27. <http://www.govtech.com/dc/articles/186157><br />
# bwilds. "WPA Encryption Cracking", ITtoolbox Blogs. Retrieved on 2007-11-27. <http://blogs.ittoolbox.com/wireless/networks/archives/wpa-encryption-cracking-7419><br />
# Byran Rite. "Cracking WEP and WPA Wireless Networks", Alkaloid Docupedia. Retrieved on 2007-11-27. <http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks><br />
# Glenn Fleishman. "WPA Cracking Proof Concept Available", Wi-fi Net News. Retrieved on 2007-11-27. <http://www.wifinetnews.com/archives/004428.html><br />
# Wikipedia. "Wired Equivalent Privacy", Wikipedia, 2007-11-26. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy><br />
# Michael Ossmann. "WEP: Dead Again, Part 1", 2004-12-14. Retrieved on 2007-11-27. <http://www.securityfocus.com/infocus/1814><br />
# CBC Spark Radio Podcast: <http://podcast.cbc.ca/mp3/spark_20071107_3820.mp3>. Retrieved on 2007-11-27.<br />
<br />
<br />
== See Also ==<br />
[[Social engineering]]<BR><br />
<br />
== External Links ==<br />
* [http://www.zvulony.com/ Zvuloney & Co]<br />
<br />
--[[User:Chenc8|Chenc8]] 13:53, 1 December 2007 (EST) Jinn Tarng Christopher Chen</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T21:22:23Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services by moving their computer into range a broadcasting access point of someone’s wireless connection without the owner’s explicit permission or knowledge.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
# Michel Marriott. "Hey Neighbor, Stop Piggybacking on My Wireless", The New York Times, 2006-03-05. Retrieved on 2007-11-27. <http://www.nytimes.com/2006/03/05/technology/05wireless.html?_r=1&oref=slogin><br />
# Bradley Mitchell. "Wireless / Networking", About. Retrieved on 2007-11-27. <http://compnetworking.about.com/od/wirelessfaqs/f/legal_free_wifi.htm><br />
# Wikipedia. "Piggybacking (internet access)", Wikipedia, 2007-11-14. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Piggybacking_(internet_access)><br />
# Adam Pash. "Reader Poll: Do you piggyback wireless internet?", lifehacker. Retrieved on 2007-11-27. <http://lifehacker.com/software/poll/reader-poll-do-you-piggyback-wireless-internet-158613.php><br />
# News Report. "Research Shows Wi-Fi Piggybacking Widespread", digital communities. Retrieved on 2007-11-27. <http://www.govtech.com/dc/articles/186157><br />
# bwilds. "WPA Encryption Cracking", ITtoolbox Blogs. Retrieved on 2007-11-27. <http://blogs.ittoolbox.com/wireless/networks/archives/wpa-encryption-cracking-7419><br />
# Byran Rite. "Cracking WEP and WPA Wireless Networks", Alkaloid Docupedia. Retrieved on 2007-11-27. <http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks><br />
# Glenn Fleishman. "WPA Cracking Proof Concept Available", Wi-fi Net News. Retrieved on 2007-11-27. <http://www.wifinetnews.com/archives/004428.html><br />
# Wikipedia. "Wired Equivalent Privacy", Wikipedia, 2007-11-26. Retrieved on 2007-11-27. <http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy><br />
# Michael Ossmann. "WEP: Dead Again, Part 1", 2004-12-14. Retrieved on 2007-11-27. <http://www.securityfocus.com/infocus/1814><br />
# CBC Spark Radio Podcast: <http://podcast.cbc.ca/mp3/spark_20071107_3820.mp3>. Retrieved on 2007-11-27.<br />
<br />
<br />
== See Also ==<br />
<br />
== External Links ==<br />
--[[User:Chenc8|Chenc8]] 13:53, 1 December 2007 (EST) Christopher Chen</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T21:11:02Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services by moving their computer into range a broadcasting access point of someone’s wireless connection without the owner’s explicit permission or knowledge.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
# Michel Marriott. "Hey Neighbor, Stop Piggybacking on My Wireless", The New York Times, 2006-03-05. Retrieved on 2007-11-27.<br />
# Bradley Mitchell. "Wireless / Networking", About. Retrieved on 2007-11-27.<br />
# Wikipedia. "Piggybacking (internet access)", Wikipedia, 2007-11-14. Retrieved on 2007-11-27.<br />
# Adam Pash. "Reader Poll: Do you piggyback wireless internet?", lifehacker. Retrieved on 2007-11-27.<br />
# News Report. "Research Shows Wi-Fi Piggybacking Widespread", digital communities. Retrieved on 2007-11-27.<br />
# bwilds. "WPA Encryption Cracking", ITtoolbox Blogs. Retrieved on 2007-11-27.<br />
# Byran Rite. "Cracking WEP and WPA Wireless Networks", Alkaloid Docupedia. Retrieved on 2007-11-27.<br />
# Glenn Fleishman. "WPA Cracking Proof Concept Available", Wi-fi Net News. Retrieved on 2007-11-27.<br />
# Wikipedia. "Wired Equivalent Privacy", Wikipedia, 2007-11-26. Retrieved on 2007-11-27.<br />
# Michael Ossmann. "WEP: Dead Again, Part 1", 2004-12-14. Retrieved on 2007-11-27.<br />
# CBC Spark Radio Podcast: <[http://podcast.cbc.ca/mp3/spark_20071107_3820.mp3]>. Retrieved on 2007-11-27.<br />
<br />
<br />
== See Also ==<br />
<br />
== External Links ==<br />
--[[User:Chenc8|Chenc8]] 13:53, 1 December 2007 (EST) Christopher Chen</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T18:53:52Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services by moving their computer into range a broadcasting access point of someone’s wireless connection without the owner’s explicit permission or knowledge.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
== See Also ==<br />
<br />
== External Links ==<br />
--[[User:Chenc8|Chenc8]] 13:53, 1 December 2007 (EST) Christopher Chen</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T08:11:06Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission wrong?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
Concerns of piggybacking is a cultural state of mind. In the past, piggybacking has not been a major cause for concern and only recently has begun to work its way into our laws. Taking a look at people's opinion through surveys can help depict society's overall thoughts on piggybacking.<br />
<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
== See Also ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T08:04:29Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission illegal?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006<br />
*~60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
*~25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
*~7% said they sometimes piggyback but only in an emergency.<br />
*~8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
== See Also ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T07:59:27Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
[[Image:Networks.JPG|frame|right|Is connecting to someone's network without their permission illegal?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006, just a little above 60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
A little below 25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
About 7% said they sometimes piggyback but only in an emergency while 8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
== See Also ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T07:56:46Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
[[Image:Networks.jpg|right|Is connecting to someone's network without their permission illegal?]]<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006, just a little above 60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
A little below 25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
About 7% said they sometimes piggyback but only in an emergency while 8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
== See Also ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/File:Networks.JPGFile:Networks.JPG2007-12-01T07:54:10Z<p>Chenc8: </p>
<hr />
<div></div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T07:35:00Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
=== Online Poll ===<br />
[[Image:Online_poll.jpg|right|thumb|This poll has over 3000 votes]]<br />
From an online poll taken from lifehacker.com since March 2006, just a little above 60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
A little below 25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
About 7% said they sometimes piggyback but only in an emergency while 8% said their morals would never allow them to do such a thing.<br />
<br style="clear:both;"/><br />
=== McMaster University Poll ===<br />
[[Image:Mcmaster_poll.jpg|left|thumb|This poll had 100 votes]]<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br style="clear:both;"/><br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
== See Also ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T07:26:22Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
=== Online Poll ===<br />
<br />
From an online poll taken from lifehacker.com since March 2006, just a little above 60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
A little below 25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
About 7% said they sometimes piggyback but only in an emergency while 8% said their morals would never allow them to do such a thing.<br />
[[Image:Online_poll.jpg|500px|right|This poll has over 3000 votes]]<br />
=== McMaster University Poll ===<br />
<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.<br />
<br />
== Views and Ethics ==<br />
Advocates for piggybacking state that the practice is harmless and compare it to drinking from a public water fountain or sharing a cup of sugar. One writes, “Leaving a network open is just being a good neighbor”.<br />
Advocates against piggybacking compare the practice to entering a home just because it is unlocked or stealing cable from your neighbor with a splitter.<br />
<br />
Besides the bandwidth loss, a person can commit some serious crimes with the Internet services he or she gains through piggybacking, such as hacking into sensitive information, downloading child pornography, etc.<br />
<br />
== Prevention ==<br />
There are several ways to prevent piggybacking however some are more effective than others.<br />
=== WEP ===<br />
It is very ineffective against people with a little computer knowledge and the will to gain access to the network since WEP is cryptographically weak and takes only a few minutes to crack. There have been attempts to enhance the security such as:<br />
*WEP2<br />
*WEP+<br />
*dynamic WEP which changes the key periodically <br />
None are substantially more effective.<br />
=== MAC Address Authentication ===<br />
A computer trying to connect to the network will be allowed to do so if and only if their MAC address conforms the list of allowed MAC addresses. This is cumbersome to setup for the administrator as he or she will have to add everyone’s MAC address to the list. This method does not prevent data from being stolen since there is no encryption. And even then, an attacker can observe network traffic and obtain valid MAC addresses and then spoof their MAC address to gain access.<br />
<br />
=== IPSec ===<br />
Ip security or IPSec is used to encrypt traffic, reducing or possibly eliminating all plain text information sent across the network. It is composed of a suite of protocols such as authentication, encrypting IP packets, or cryptographic key establishment as we have read about in Chapter 9 Key Management of the textbook.<br />
=== WPA ===<br />
Wi-FI protected access, commonly referred to as WPA, was created by Wi-Fi Alliance and one of the major improvements over WEP is the Temporal Key Integrity Protocol which basically changes the key dynamically as the system is being used. <br />
WPA also boasts a more secure message integrity code or MIC with the Michael algorithm. <br />
Later, they introduced WPA2 which strengthens the security with new algorithms such as CCMP which stands for Counter Mode with Cipher Block Chaining Message Authentication Protocol.<br />
<br />
== Legalities ==<br />
=== Canada ===<br />
While there are many differences in the laws between one country and another, in Canada the law could be interpreted in such a way that makes piggybacking illegal. A Toronto lawyer Gil Zvulony commented on CBC’s Spark Radio recently and says that if the police ever showed up because you were piggybacking, the only way you can be charged was if the crown could proof you knew that you were doing something wrong.<br />
<br />
The closest thing someone being charged with piggybacking was where a Toronto man was caught literally with his pants down downloading child pornography using someone's wireless network. Ultimately, he was charged for the pornography and not the piggybacking.<br />
<br />
=== Singapore ===<br />
<br />
In Singapore, Garyl Tan Jia Luo became the first man to be convicted of piggybacking on January 16th, 2007 and was sentenced for 18 months probation with 80 hours of community service.<br />
<br />
== References ==<br />
<br />
== See Also ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/File:Mcmaster_poll.jpgFile:Mcmaster poll.jpg2007-12-01T07:14:07Z<p>Chenc8: </p>
<hr />
<div></div>Chenc8http://wiki.cas.mcmaster.ca/index.php/File:Online_poll.jpgFile:Online poll.jpg2007-12-01T07:09:31Z<p>Chenc8: </p>
<hr />
<div></div>Chenc8http://wiki.cas.mcmaster.ca/index.php/File:Online_poll.pngFile:Online poll.png2007-12-01T07:06:56Z<p>Chenc8: </p>
<hr />
<div></div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-12-01T04:14:02Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
== Statistics ==<br />
=== Online Poll ===<br />
<br />
From an online poll taken from lifehacker.com since March 2006, just a little above 60% of voters said they would gladly hop onto someone’s wireless network if they didn’t have access to their own at the moment. <br />
A little below 25% of voters said they piggybacking is their main source of internet. <br />
Combined that’s 85% of voters admitting to the practice.<br />
About 7% said they sometimes piggyback but only in an emergency while 8% said their morals would never allow them to do such a thing.<br />
<br />
=== McMaster University Poll ===<br />
<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-11-30T21:51:09Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
<br />
== McMaster University Poll ==<br />
<br />
Just as a comparison, I conducted a small survey sampling our fellow students at McMaster. I attempted to cover a broad range of students from different faculties so I only asked a few students in this class as I did not want to contaminate the data with biased answers. About 55% of the students I surveyed admitted to have piggybacked before and 45% said they have not. Mind you, I was patiently waiting for them to finish filling out the survey so I suspect some may have not been telling the truth in fear of embarrassment.<br />
<br />
Of all the student’s surveyed, only about 20% expressed concerned about security issues when using somebody’s wireless network and said they would not send passwords or do any other information sensitive actions.</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-11-30T21:46:30Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
<br />
<br />
== Background ==<br />
<br />
The recent explosive growth of wireless technology found in the market can be attributed to the many benefits wireless telecommunications provide. From the casual Internet surfer to the technological inclined power user, wireless networks provide the convenience of mobility, keeping up with today’s trends in increasing portability and decreasing size of our devices. Unfortunately, wireless networks also suffer from more attacks and abuse because of how easy it is to locate and connect to wireless networks in comparison to traditional wired ones. In combination with the lack of strong default security counter measures, the controversial practice of piggybacking has increasingly become more common.<br />
<br />
Piggybacking should not be confused with wardriving which involves only the mapping of the insecure access points. In addition, people connecting to a hotspot service provided by businesses is generally not considered as piggybacking.<br />
<br />
<br />
== Headline text ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-11-30T21:42:39Z<p>Chenc8: </p>
<hr />
<div>'''Piggybacking''' internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.<br />
<br />
<br />
<br />
== Headline text ==<br />
<br />
<br />
<br />
== Headline text ==</div>Chenc8http://wiki.cas.mcmaster.ca/index.php/PiggybackingPiggybacking2007-11-30T21:38:27Z<p>Chenc8: New page: Piggybacking internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own comp...</p>
<hr />
<div><br />
Piggybacking internet access is the practice of gaining network services of someone’s wireless connection without the owner’s explicit permission or knowledge by moving their own computer into range of the broadcasting access point in question.</div>Chenc8