Mobile Connectivity

CompTIA Security+ Certification (SY0-501) Chapter 7 - Beyond the Basic LAN
12 minutes
Share the link to this page
Copied
  Completed
You need to have access to the item to view this lesson.
One-time Fee
$99.99
List Price:  $139.99
You save:  $40
€91.73
List Price:  €128.43
You save:  €36.69
£78.50
List Price:  £109.90
You save:  £31.40
CA$135.42
List Price:  CA$189.60
You save:  CA$54.17
A$152.22
List Price:  A$213.12
You save:  A$60.89
S$133.77
List Price:  S$187.28
You save:  S$53.51
HK$781.89
List Price:  HK$1,094.68
You save:  HK$312.79
CHF 88.30
List Price:  CHF 123.63
You save:  CHF 35.32
NOK kr1,058
List Price:  NOK kr1,481.24
You save:  NOK kr423.24
DKK kr684.10
List Price:  DKK kr957.77
You save:  DKK kr273.66
NZ$164.15
List Price:  NZ$229.81
You save:  NZ$65.66
د.إ367.20
List Price:  د.إ514.09
You save:  د.إ146.89
৳10,978.23
List Price:  ৳15,369.96
You save:  ৳4,391.73
₹8,290.53
List Price:  ₹11,607.08
You save:  ₹3,316.54
RM471.80
List Price:  RM660.54
You save:  RM188.74
₦156,534.34
List Price:  ₦219,154.34
You save:  ₦62,620
₨27,950.66
List Price:  ₨39,132.05
You save:  ₨11,181.38
฿3,595.26
List Price:  ฿5,033.51
You save:  ฿1,438.25
₺3,229.78
List Price:  ₺4,521.83
You save:  ₺1,292.04
B$499.40
List Price:  B$699.18
You save:  B$199.78
R1,883.20
List Price:  R2,636.56
You save:  R753.35
Лв179.42
List Price:  Лв251.19
You save:  Лв71.77
₩133,286.20
List Price:  ₩186,606.01
You save:  ₩53,319.81
₪365.03
List Price:  ₪511.06
You save:  ₪146.02
₱5,561.09
List Price:  ₱7,785.75
You save:  ₱2,224.66
¥14,911.76
List Price:  ¥20,877.07
You save:  ¥5,965.30
MX$1,670.32
List Price:  MX$2,338.52
You save:  MX$668.19
QR364.82
List Price:  QR510.77
You save:  QR145.94
P1,359.04
List Price:  P1,902.71
You save:  P543.67
KSh13,398.66
List Price:  KSh18,758.66
You save:  KSh5,360
E£4,718.65
List Price:  E£6,606.31
You save:  E£1,887.65
ብር5,656.15
List Price:  ብር7,918.84
You save:  ብር2,262.68
Kz83,512.74
List Price:  Kz116,921.18
You save:  Kz33,408.44
CLP$93,810.03
List Price:  CLP$131,337.80
You save:  CLP$37,527.76
CN¥710.61
List Price:  CN¥994.89
You save:  CN¥284.27
RD$5,917.87
List Price:  RD$8,285.25
You save:  RD$2,367.38
DA13,435.55
List Price:  DA18,810.31
You save:  DA5,374.76
FJ$226.69
List Price:  FJ$317.37
You save:  FJ$90.68
Q780.94
List Price:  Q1,093.35
You save:  Q312.40
GY$20,949.18
List Price:  GY$29,329.69
You save:  GY$8,380.51
ISK kr13,659.63
List Price:  ISK kr19,124.03
You save:  ISK kr5,464.40
DH1,002.67
List Price:  DH1,403.78
You save:  DH401.11
L1,768.33
List Price:  L2,475.73
You save:  L707.40
ден5,652.42
List Price:  ден7,913.61
You save:  ден2,261.19
MOP$805.88
List Price:  MOP$1,128.27
You save:  MOP$322.38
N$1,866.55
List Price:  N$2,613.25
You save:  N$746.69
C$3,681.10
List Price:  C$5,153.70
You save:  C$1,472.59
रु13,266.49
List Price:  रु18,573.62
You save:  रु5,307.13
S/368.83
List Price:  S/516.39
You save:  S/147.55
K382.06
List Price:  K534.91
You save:  K152.84
SAR375
List Price:  SAR525.02
You save:  SAR150.01
ZK2,508.19
List Price:  ZK3,511.57
You save:  ZK1,003.37
L456.04
List Price:  L638.48
You save:  L182.43
Kč2,310.02
List Price:  Kč3,234.13
You save:  Kč924.10
Ft36,211.46
List Price:  Ft50,697.50
You save:  Ft14,486.03
SEK kr1,038.11
List Price:  SEK kr1,453.39
You save:  SEK kr415.28
ARS$85,066.49
List Price:  ARS$119,096.49
You save:  ARS$34,030
Bs691.23
List Price:  Bs967.75
You save:  Bs276.52
COP$389,029.38
List Price:  COP$544,656.70
You save:  COP$155,627.31
₡50,979.09
List Price:  ₡71,372.77
You save:  ₡20,393.67
L2,470.17
List Price:  L3,458.33
You save:  L988.16
₲730,160.41
List Price:  ₲1,022,253.79
You save:  ₲292,093.37
$U3,841.23
List Price:  $U5,377.88
You save:  $U1,536.64
zł395.31
List Price:  zł553.46
You save:  zł158.14
Already have an account? Log In

Transcript

One of the big challenges of all these smart devices is the wild amount of connectivity that they can take advantage of. So in this episode, what I want to do is go through a number of specifically listed security plus objectives and talk about scenarios where these particular types of connectivity could be or in some cases are completely not an issue. So for me, probably the easiest one to start with is probably the safest one of all SATCOM. I don't know about you, but I don't find myself in a situation where I'm in the middle of the Pacific Ocean, on the top of Mount Everest and suddenly just really need to make a phone call. Anyway, that's the world of satellite communication or SATCOM. Now, traditionally, satellite communication phones have been proprietary dedicated devices.

However, in the last few years, we have seen a number of folks that create SATCOM snap ons for your regular old smartphone So here's an example of one right here. Now if you look at that, you'll see it's just a regular old smartphone, but you snap on this extra device, and now you have a SATCOM phone. The only thing I want to say about Bluetooth is that we cover Bluetooth security and other episodes. So certainly Bluetooth is common on wireless devices. And it's something we need to be thinking about. But keep in mind, we've already covered think about things like blue jacket and blue snarfing.

And some of the problems we'd have to do there. Otherwise, Bluetooth is pretty much already covered. However, one that is not covered is one of my personal favorites, and that is near field communication. So near field communication is a very, very short range wireless connectivity. It's actually electronically very, very similar to Bluetooth. The only big difference is that you need physical contact between two devices, or almost physical contact?

Now, I'm using Android devices because we all know that Android is wildly superior to Apple devices. But nobody's saying anything. And it's very easy to get NFC to work on androids. I am not aware of any Apple products that support NFC. That could even be a security plus question. So anyway, if you take a look at these two screens, on one screen at the bottom here, I just have a default desktop.

And on top here, I have a web page open to an incredibly powerful, amazing book written by my favorite author of all time, Mike Myers. So what I'm going to be doing with that FC is I'm just going to take these two guys and press them together. Now it's going to take a moment, but if you see there, Hey, hold on. Let me show you. Let me show you. Let me show you.

So you can see he's automatically transferred this one particular web page and open the browser and moved it over to the other system. near field can be vacation is an incredibly powerful tool. It's one that I am surprised that people don't use as much as they possibly can. The only downside to NFC is that if it's turned on, there's no security, there's no PIN code, there's nothing to prevent. If you leave your phone, on your desk or something like that I can walk over, tap them together and grab what is ever on your screen at any given moment. In this particular case, I was using a web page, but you could have your contacts up, you could have your bank information up whatever it is, and it just takes a tap, and I've got that information.

So next, I want to talk about one that I should be using a little bit more and that is AMT. The problem with Bluetooth and even NFC is that there's a lot of times where we have very, very simple devices that need to make a wireless connection to a smartphone or whatever it might be a entire standard called eight NT or AMT plus was developed that was primarily for things like bicycle odometers heartrate monitors, practice bikes that you could see where you're how many miles you've got in. And the AMT and AMT plus standards work really, really well for that. As of this writing, I am unaware of any security issue that has ever taken place with at&t Plus, that was at least big enough to cross my radar. It's a very, very simple form of wireless communication. It is incredibly slow and incredibly well protected.

Now, let's go back to one of the types that I really like and that's infrared. One of the reasons I like Android compared to Apple is that most Android devices have built in infrared transmitters. They're not receivers. Once in a while, you'll see a receiver but built into most Android phones, either Unfortunately, it's starting to fade out is a transmitter. And what that does for me is I can be sitting at a sushi bar. And if I don't like what's on the channel, I can press some buttons with the right app.

And we're watching whatever I want to watch. Now, because the infrared that's built into these devices is transmit and not receive. There's very little danger in terms of security for anything taking place within the phone where you connect the phone. The problem is, is when naughty people like me go around to sushi bars or television production studios or anything, where there's infrared receivers of any type for any kind of device. I'm just a guy who's mean enough to start pressing things and maybe I'll change your cable modem to something I like. Next, let's talk about USB.

USB is another one of these types of connectivity that we've talked about in other episodes, so I don't want to develop that too much USPS pretty robust in and of itself, however, there is one part of USB, that can be a real problem for smart devices. And it's called USB on the go. Now, a lot of people aren't aware of this USB is traditionally a one way device where you plug into something, and and it just takes commands from that particular device. But you can make USB two way and that's what USB on the go is all about. For example, I can take this phone, plug it into my desktop, and now this thing just acts like a hard drive and I can look at the storage or whatever it might be. So it's going from the device out to my desktop.

However, I don't know if you ever seen something like this what I've got, let me hold it up so you guys can see what's going on. So all I've got here is a mouse with a little adapter. In this particular case, I'm using USBC. So I've got a regular old USB mouse, nothing special. It's got a USB a connector on there, but I've got this special adapter that actually came from Google that goes from USB a two USB C, it's also important to understand it's USB, a female to USB C male. With this little device, we can have a little bit of fun.

What I'm going to do is I'm going to plug this mouse into my phone. So let's see if we can get a capture this can you actually see that the mouse is working. That's what USB on the go is all about. USB on the go will allow any one USB port to either be ingoing or outgoing, which is not a standard part of the USB standard itself. However, what makes it interesting is that as a bad guy, if I've got the right kind of adapter, I can plug a thumb drive in there, I could plug in things like a hack five USB rubber ducky device, and plug this in and start sending a whole bunch of commands and grabbing data and things like that. The downside to USB on the go is that it's probably something you don't want to turn off because we use So often without actually thinking about it.

This is where really one of the big things we can do with our smart devices, is make sure we know where they are at all times. Somebody leaving a wireless device on a desk, or you know, in a restaurant is just asking for trouble. Just because guys like B, we might plug something in that because we're mean we're just curious what we can get away with. The last thing I want to talk about is Wi Fi and there's two aspects of Wi Fi. I want to talk about a one shot, I want to talk about Wi Fi direct, and I want to talk about tethering. Obviously, every type of smart device supports the 802 11 standard.

If there isn't one, I wouldn't be interested in it. The problem with regular 802 11 is that it's used almost exclusively just to create internet connections to a wireless access point. We call that infrastructure mode and it works absolutely great. But there are other modes to add To 11 that people forget about. Since 802 11 was invented, there's been a mode called ad hoc with ad hoc mode, what I can do is I can take one device, it doesn't have to be a smartphone, but I can take any one device. And I can create a wireless connection, an 802 11 connection between these two devices.

Now, ad hoc connections are rare. There are places where they're used, but they're fairly uncommon. However, one place we do see these ad hoc type Connections is in something called Wi Fi direct. We know that everybody has streaming devices now, Chromecast, and Roku and things like that. Now, some of these streaming devices use a technology called Wi Fi direct, which allows a device to connect to another device very, very easily. The downside to Wi Fi direct is that it uses Wi Fi protected services WPS, and in other episodes, we talked about the downside to WPS.

Generally, what we do in these cases is we do a little research on whatever streaming device we have on security and see if there aren't some situations. It's not that hard for me to be able to connect to some of these streaming devices as a bad guy just by doing standard wireless attacks. If you watch other episodes, we talked about, for example, the DDoS attack, and being able to completely intercept the stream of all your data. Now the other part to this is tethering. Now let's make sure we understand what tethering means tethering basically for most people tethering means to plug my phone into, for example, a laptop, and when I make this plug in connection, I can actually take advantage of the cellular whan on my phone and use that as a internet connection for my laptop. So most the time when we talk about tethering tethering is great.

When it's done wired. The downside to tethering and this is where 802 11 comes. into play is that almost all smart devices today support wireless tethering. So you've got your cellular way in. And then this little phone right here starts to act as a wireless access point, and not properly configured. By setting up this type of tethering, you can literally let anybody connect to the internet through your phone.

So the secret to this is on almost all of these phones, you take the time to configure it properly set up WPA WPA two and get that encryption up and running to at least make somebody sign in and get a password before they start doing whatever they do on your phone.

Sign Up

Share

Share with friends, get 20% off
Invite your friends to LearnDesk learning marketplace. For each purchase they make, you get 20% off (upto $10) on your next purchase.