McAfee Inc. released information on a proof-of-concept iPad exploit involving a man-in-the-middle attack using...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
a rogue access point. Is this technique a concern for enterprises, and is it a sign of things to come for iPads?
The McAfee presentation (which was originally presented at the vendor's FOCUS 11 conference), involving a man-in-the-middle attack using a rogue access point is a concern for enterprises and home users. Here's how such an attack is initiated: When the user browses the Web, the Jailbreakme attacks and tools are used to jailbreak the iPad and set up a VNC server to remotely connect to the system. The attacker is able to completely take over the system once a victim connects to the rogue access point, and it's accomplished by using a fraudulent certificate that exploits a vulnerability in iOS.
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
The Jailbreakme website and attacks have been around for several years and are gaining additional traction as more Mac mobile devices are sold. As Apple Inc. clamps down on its App Store, and users decide they want more control or functionality that Apple doesn't deem suitable for its ecosystem, more exploits and jailbreaks will be developed to give users the control and functionality they desire.
This specific attack relies on a user connecting to an unsecured wireless network. All the other steps will fail if the user does not connect to the unsecured network. Enterprises either need to lock their iPads and similar devices so they can only connect to secure wireless networks, or educate their users on the risks of connecting to unsecured wireless networks. IT can ensure this from a policy perspective by mandating use of a VPN when connecting to an unsecured wireless network, thus reducing the risk of an SSL man-in-the-middle attack. This assumes, however, that the VPN is not vulnerable to such unlikely attacks as well. Users on IPSec VPNs are not at risk to SSL man-in-the-middle attacks, but SSL-VPNs have been vulnerable to such methods. So, while not a cure-all, SSL VPN use can reduce the likelihood of such an attack.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Nick Lewis
SSL attacks "in stealth mode" are helping attackers avoid detection and analysis. Expert Nick Lewis explains how to discover and defend against the ...continue reading
Learn how sinkholing is helping security experts analyze infected devices and even disable malware in compromised endpoints.continue reading
Motion and gestures are being used for mobile malware detection on smartphones. Learn how this method works and whether it is a worthy addition to an...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.