Upload File

protecting wireless networks aka wireless hacking

25
Protecting Wireless Networks aka Hacking Wireless Saptha Wanniarachchi MBCS,MCSE,MCITP Twitter @saptha saptha.com

Upload: saptha-wanniarachchi

Post on 14-Jun-2015

478 views

Category:

Technology


0 download

Report

Tags:

TRANSCRIPT

Page 1: Protecting wireless networks aka wireless hacking

Protecting Wireless Networks aka Hacking Wireless

Saptha Wanniarachchi MBCS,MCSE,MCITP

Twitter @sapthasaptha.com

Page 2: Protecting wireless networks aka wireless hacking

Wired Vs Wireless Hacking

r i m e i s a l l a r o u n d u s .C

In theory, wireless LANs are less secure than

wired LANs, because wireless communication

signals travel through the air and can easily be

intercepted.

Page 3: Protecting wireless networks aka wireless hacking

Types Of Wireless Networks

Page 4: Protecting wireless networks aka wireless hacking

Unfortunately, turning off the broadcast of the

SSID may lead to a false sense of security. The

method discourages only casual wireless

snooping, but does not stop a person trying to

attack the network.

Scanning for Access Points• Access points periodically transmit beacon

frames (SSID, data rate, etc.)

• Client scans frequencies and picks an access

point based on SSID, signal strength, ...

• Client switches to assigned channel and

establishes an association

Page 5: Protecting wireless networks aka wireless hacking

How dose the war diving looks

Page 6: Protecting wireless networks aka wireless hacking

WIFI Authentication

Page 7: Protecting wireless networks aka wireless hacking

WEP

Page 8: Protecting wireless networks aka wireless hacking

WPA

Page 9: Protecting wireless networks aka wireless hacking

WPA1. Pre-Shared Key

2. Enterprise

Page 10: Protecting wireless networks aka wireless hacking

Summary of authentication

Open Network

WEP

WPA

Page 11: Protecting wireless networks aka wireless hacking

How to Attack

Scan -> Test Injection Capability

Use sniffing tools and collect IV’s

Try Fake authentication and MAC spoofing

When you have enough IV’s use cracking tool

to extract password

Or try MIM Attack and inject packets

Page 12: Protecting wireless networks aka wireless hacking

Source: Consumer Reports

MisconfigurationMisconfiguration possibilitiespossibilities

•• no encryption usedno encryption used

•• weak (guessable) password weak (guessable) password

used to generate keyused to generate key

•• weak protection of encryption weak protection of encryption

key on client machinekey on client machine

•• weak protection of weak protection of

management interface for management interface for

access pointaccess point

Page 13: Protecting wireless networks aka wireless hacking

Tools

Page 14: Protecting wireless networks aka wireless hacking

Tools

Page 15: Protecting wireless networks aka wireless hacking

Tools

Page 16: Protecting wireless networks aka wireless hacking

Tools

Page 17: Protecting wireless networks aka wireless hacking

Tools

Page 18: Protecting wireless networks aka wireless hacking

Tools

Page 19: Protecting wireless networks aka wireless hacking

Tools

Page 20: Protecting wireless networks aka wireless hacking

Tools

Page 21: Protecting wireless networks aka wireless hacking
Page 22: Protecting wireless networks aka wireless hacking

Recommendations: WLAN Security

• WEP (fair)

• enable wireless frame encryption

• use longest key

• change the WEP key regularly (manually)

• 802.1X and WPA (user authentication + dynamic

keys) (better)

• use as soon as practical and stable

• set rekeying to occur every few hours

• 802.11i (best)

• upgrade / use when available and supported

Page 23: Protecting wireless networks aka wireless hacking
Page 24: Protecting wireless networks aka wireless hacking
Page 25: Protecting wireless networks aka wireless hacking

Q&A


Wireless hacking tools.jpeg

SEC617 (GAWN): SANS Wireless Ethical Hacking, … SANS Wireless Ethical Hacking, Penetration Testing and Defenses – Index Page 1 of 38 SANS SEC617 (GAWN) Wireless Ethical Hacking,

Wireless Hacking & Wireless Security - Exploit Database

K-Wireless Router hacking

Web & Wireless Hacking

New Wireless Hacking Talk

Wireless hacking 20120126

Ch 11: Hacking Wireless Networks

Hacking Wireless Networks

Advanced Information Gathering AKA Google Hacking

Hacking Wireless bajo Windows

CEHv7 Module 15 Hacking Wireless Networks

Ch 8: Wireless Hacking

System Hacking Tutorial #4 - Buffer Overflow - Return Oriented Programming aka. ROP

CEH Module 20: Hacking Wireless Networks

Wireless Hacking. Edycja polska

Wireless Hacking Razbijanje Wep Sifre

Wireless Hacking Presentasi (2)

Wireless Hacking

Hacking Tips & Tricks - OWASP 2 Agenda Security Incidents Vulnerability Assessment Wireless Hacking Bluetooth Hacking Advance password hacking

Wireless Hacking - Part 1

Hacking Wireless Networks8-PDF... · Module 15 - Hacking Wireless Networks Hacking Wireless Networks IVi-Fi is developed on IEEE 802.11 standa i ds and is widely used in wireless

Wireless Hacking Talk

HOWTO-Hacking Wireless Networks-Arabia

Hacking Wireless Windows

Wireless Hacking Fast Track

Hacking Wireless World, RFID hacking

Wireless hacking septafiansyah

wireless linux hacking

Wireless hacking 1

Ethical Hacking Module XV Hacking Wireless Networks

Hacking Wireless - courses.csail.mit.educourses.csail.mit.edu/.../files/02-nguyen-martelly-taratoris-goehring-hacking-wireless.pdf · Hacking Wireless David Goehring ... HTTPS is

Municipal Wi-Fi aka Municipal Wireless

CEHv6.1 Module 20 Hacking Wireless Networks

Hacking Techniques in Wireless Networks