McAfee Inc. released information on a proof-of-concept iPad exploit involving a man-in-the-middle attack using...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
a rogue access point. Is this technique a concern for enterprises, and is it a sign of things to come for iPads?
The McAfee presentation (which was originally presented at the vendor's FOCUS 11 conference), involving a man-in-the-middle attack using a rogue access point is a concern for enterprises and home users. Here's how such an attack is initiated: When the user browses the Web, the Jailbreakme attacks and tools are used to jailbreak the iPad and set up a VNC server to remotely connect to the system. The attacker is able to completely take over the system once a victim connects to the rogue access point, and it's accomplished by using a fraudulent certificate that exploits a vulnerability in iOS.
Ask the expert!
Have questions about enterprise information security threats for expert Nick Lewis? Send them via email today! (All questions are anonymous.)
The Jailbreakme website and attacks have been around for several years and are gaining additional traction as more Mac mobile devices are sold. As Apple Inc. clamps down on its App Store, and users decide they want more control or functionality that Apple doesn't deem suitable for its ecosystem, more exploits and jailbreaks will be developed to give users the control and functionality they desire.
This specific attack relies on a user connecting to an unsecured wireless network. All the other steps will fail if the user does not connect to the unsecured network. Enterprises either need to lock their iPads and similar devices so they can only connect to secure wireless networks, or educate their users on the risks of connecting to unsecured wireless networks. IT can ensure this from a policy perspective by mandating use of a VPN when connecting to an unsecured wireless network, thus reducing the risk of an SSL man-in-the-middle attack. This assumes, however, that the VPN is not vulnerable to such unlikely attacks as well. Users on IPSec VPNs are not at risk to SSL man-in-the-middle attacks, but SSL-VPNs have been vulnerable to such methods. So, while not a cure-all, SSL VPN use can reduce the likelihood of such an attack.
Dig Deeper on Network Intrusion Detection (IDS)
Related Q&A from Nick Lewis
Passive man-in-the-middle attacks on PIN pads can lead to attackers stealing credit card details. Expert Nick Lewis explains how companies can ...continue reading
The SFG malware dropper can bypass antimalware programs and exploit two patched vulnerabilities. Expert Nick Lewis explains how to these attacks work...continue reading
Darkleech campaigns have taken a new form and have now stopped using obfuscated script. Expert Nick Lewis explains the changes in Darkleech ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.