Documente Academic
Documente Profesional
Documente Cultură
Djadja Sardjana
djadja@bapinger.web.id
7-Dec-09
Bapinger Solution: Wireless Security 2
AGENDA :
Introduction :
Network Security Definition
Virus, Worm, Trojan and
Intrusion Attack
Conclusion
7-Dec-09
Bapinger Solution: Wireless Security 3
INTRODUCTION :
NETWORK SECURITY DEFINITION
VIRUS, WORM, TROJAN AND INTRUSION ATTACK
Bapinger Solution,
Djadja Achmad S
7-Dec-09
NETWORK SECURITY Bapinger Solution: Wireless Security 4
DEFINITION
7-Dec-09
Bapinger Solution: Wireless Security 5
TELECOMMUNICATION
NETWORK SECURITY
7-Dec-09
VIRUS, WORM, TROJAN Bapinger Solution: Wireless Security 6
7-Dec-09
VIRUS, WORM, TROJAN Bapinger Solution: Wireless Security 7
7-Dec-09
VIRUS, WORM, TROJAN Bapinger Solution: Wireless Security 8
7-Dec-09
Bapinger Solution: Wireless Security 9
BAPINGER WIRELESS
SECURITY SOLUTIONS
PORTFOLIOS
Bapinger Solution,
Djadja Achmad S
7-Dec-09
Business Position
10
Practice
Areas
1.8
1.6 IP Services:
VoIP
1.4 IP Enabled
PoC, Push-to-View
1.2 SMS & IM
1 Music
Gaming
0.8 Presence
Location Based Srvs
0.6
Multimedia Messaging
0.4 Circuit Only Video Streaming
0.2 Converged Voice
Srvs
0
2002 2003 2004 2005 2006 2007 2008
Source: IMS Research
100.000
92.011
80.000
71.272
20.000 12.978
0 Source:
2003 2004 2005 2006 2007 2008 MOT est.
300
150
100
Foundstone Data
Staff Turnover
Not So Somewhat
Important Important
6% 19%
Management Realization
Growing awareness of need
Minimal understanding of security capability
Lack comprehensive vulnerability data
Suspected breeches, reactive approach
Security Purchases/Effort Integration
THE CHALLENGE – WIRELESS
OPERATORS
Vulnerabilities & Issues
Quantity Varies with Size of Network
From 200 to over 1000 issues identified
High + Medium Risk = 30% to 70% of issues
Multiple Sources of Issues
Policy – Few Policies, Low/No Framework or Policy
Management
Process – Security updates, monitoring of network
Operations – Lack of metrics and vulnerability data or
remediation programs
Password Management – Easily cracked passwords, shared or no
passwords
Funding – Prioritization, requisite skills or resource investment
But….
Operational Awareness of Need
Small contingent usually working to improve
Project based, slow evolution of management support, want
ability to focus
THE CHALLENGE – WIRELESS
OPERATORS
Examples
Charging Gateway Vulnerabilities
High + Medium Risk = up to 53% of issues on these elements
DNS Servers vulnerabilities
High + Medium Risk = up to 32% of issues on these elements
DNS Cache poisoning, flooding from mobile devices
Firewall Vulnerabilities
High + Medium Risk = up to 65% of issues on these elements
GTP-aware capability available but not configured
FTP Servers
Known vulnerabilities with potential for DoS attacks; establish Superuser permissions; control FTP
sites
Lack of Defense-in-Depth
Internal network with unrestricted protocol and service access
Spoofed source address from GRX into network, Remove GTP tunnels
Inject routing changes, Ability to leverage access across network
Undocumented Network Elements
Not documented = not managed. Unrestricted access, potential impact to availability
THE CHALLENGE – WIRELESS
OPERATORS
Examples
Test Systems: Higher level of vulnerabilities
But unrestricted access to production network
Additional threat vector; Ability to bypass firewall protection
Network Management Systems
Access to broad range of network elements
Comprehensive policy for access and management not evident
Secure communication not addressed
Policy – Passwords, Access controls
Managing, changing, logging, distribution & storage procedures required
Incomplete password management policy and/or not enforced
Easily cracked passwords
Access rights - Lack consistent procedure to update, review as roles/personnel change
Policy – Audits
Baseline vulnerability data unavailable, lack of remediation plan or process
Bapinger Solution: Wireless Security 22
Bapinger Solution,
Djadja Achmad S
7-Dec-09
CONCLUSION :
Bapinger Solution: Wireless Security 23
7-Dec-09
Bapinger Solution: Wireless Security 24
THANK YOU
Bapinger Solution,
Djadja Achmad S
7-Dec-09