wifi secuiry: attack & defence
DESCRIPTION
We all use Wifi today. You know how much money it saves for your smart-phone data usage band-width. Connecting all your computers and gadgets with cables is not just history, even if you attempt it would be impractical! Wifi being so pervasive, also brings along tremendous security implications. Come join us to look into details of Wifi security. How to secure your wifi network? How certain wifi encryption technologies can be hacked? We would prove that with live demos! Join us to reflect on the security aspect of this technology, discuss about it and leave with more confidence about how 'secure' your WiFi access is?TRANSCRIPT
![Page 1: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/1.jpg)
WiFi SECURITY
HACKING & INFORMATION SECURITYPresents:
-With TechNext
![Page 2: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/2.jpg)
We Are…The Speakers…
Sudarshan Pawar
Certified Security Expert(C.S.E.)Certified Information Security Specialist (C.I.S.S.)Security Xplained (TechNext Speaker)Computer Engg.& a Security Professional
Prakashchandra SutharSecurity Enthusiast
Cisco Certified Network AssociateRed Hat Linux Certified
Security Xplained (TechNext Speaker)Computer Engg
Security Researcher.
![Page 3: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/3.jpg)
![Page 4: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/4.jpg)
Topics to be covered
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
We are not including stats, history, who did what/when/why-> Bcoz it’s Booooring….!!! U can google them later….!
![Page 5: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/5.jpg)
Current Generation
![Page 6: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/6.jpg)
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
![Page 7: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/7.jpg)
Wifi Basics
• WiFi(Wireless Fidelity)->Wireless networks(commonly referred as WLAN
• Developed on IEEE 802.11 standards• Wireless networks include: Bluetooth, Infrared
communication, Radio Signal etc.• Components used:
oWireless Client Receivero Access Pointo Antennas
![Page 8: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/8.jpg)
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
![Page 9: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/9.jpg)
Extension to a wired network
(BROADBAND ROUTER)
(ACCESS POINT)
(EXTENSION POINT)
![Page 10: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/10.jpg)
Multiple Access points
(BROADBAND ROUTER)
(ACCESS POINT-1)
(ACCESS POINT-2)
![Page 11: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/11.jpg)
LAN -2-LAN
LAN-1 LAN-2
![Page 12: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/12.jpg)
3g Hotspot
GPRS 3G 4G
Internet
![Page 13: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/13.jpg)
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
![Page 14: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/14.jpg)
How many of you have tried this???
![Page 15: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/15.jpg)
WiFi StandardsPoints 802.11b 802.11a 802.11g 802.11n
Extension to 802.11 802.11 802.11a 802.11g
Bandwidth (Mhz) 20 (11Mbps) 20 (54Mbps) 20 (54Mbps) 20 (54Mbps)40 (150Mbps)
Frequency(Ghz) 2.4 5 2.4 2.4, 5
Pros Lowest cost; signal range is good and not easily obstructed
fast maximum speed; regulated frequencies prevent signal interference from other devices
fast maximum speed; signal range is good and not easily obstructed
fastest maximum speed and best signal range; more resistant to signal interference from outside sources
Cons slowest maximum speed
highest cost; shorter range signal that is more easily obstructed
costs more than 802.11b; appliances may interfere on the unregulated signal frequency
standard is not yet finalized;
![Page 16: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/16.jpg)
Are u seriously concerned about wifi security????? Be honest!
![Page 17: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/17.jpg)
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
![Page 18: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/18.jpg)
WEP(Wired Equivalence Privacy)
• The first encryption scheme made available for Wi-Fi.
• Uses 24 bit initialization vector for cipher stream RC4 for confidentiality
• CRC-32 bit checksum for integrity.• Typically used by home users.• Uses 64,128, 256 bit keys• Flawed from the get go.
![Page 19: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/19.jpg)
WEP Working
KEY STORE WEP Key IV
RC4 CIPHER KEYSTREAM
DATA ICV
PAD KID CIPHERTEXTIV
WEP ENCRYPTED PACKET(MAC FRAME)
CRC 32 CHECKSUM
XORALGO.
![Page 20: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/20.jpg)
WEP Weakness
1. Key management and key size2. 24 bit IV size is less.3. The ICV algorithm is not appropriate4. Use of RC4 algorithm is weak5. Authentication messages can be easily forged
![Page 21: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/21.jpg)
Wep Broken beyond repair
![Page 22: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/22.jpg)
WPA (Wi-Fi Protected Access)
• Data Encryption for WLAN based on 802.11 std.• Improved Encryption & Authentication Method.• Uses TKIP
– Based on WEP– Michael algorithm
• Hardware changes not required• Firmware update
Types1. Personal 2. Enterprise PSK 802.1x + RADIUS
![Page 23: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/23.jpg)
WPA WorkingTemporary Encryption keyTransmit AddressT.S.C.
KEY MIXING
WEP SEED
RC4 CIPHER KEYSTREAM
MAC HEADER
IV KID EIV CIPHER TEXT
MSDU
MIC KEYMPDU ICVMICHAELS
ALGORITHM MSDU + MIC KEY
( PACKET TO BE TRANSMITTED )
![Page 24: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/24.jpg)
WPA2
• Long Term Solution (802.11)• Stronger Data protection & Network access control• Used CCMP– Based on AES
• Hardware changes required
Types1. Personal Pre Shared Key2. Enterprise 802.1x + RADIUS
![Page 25: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/25.jpg)
WPA2 Working
Source: EC Council
![Page 26: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/26.jpg)
Source: someecards
![Page 27: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/27.jpg)
Breaking WPA/WPA2
• Dictionary Attacks(Not so successful, but yeah some time…)
• Brute Force(tools like: Kismac, Aireplay etc)• WPA PSK
![Page 28: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/28.jpg)
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
![Page 29: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/29.jpg)
Security breaching sequenceFind the network
Study its traffic
Study Security mechanisms
ATTACK!!!!!!!!(i.e. Decrypt the
packets)
![Page 30: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/30.jpg)
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
![Page 31: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/31.jpg)
BEFORE ATTACK
DOS
![Page 32: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/32.jpg)
Access point is busy handling attackers request
AFTER ATTACK
![Page 33: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/33.jpg)
Man In The Middle Attack(MITM)
• Before
![Page 34: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/34.jpg)
After…
![Page 35: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/35.jpg)
ARP Poisoning/Spoofing
Source: http://securitymusings.com/wp-content/uploads/2008/12/arp-spoofing.png
![Page 36: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/36.jpg)
WiFi JAMMING….
![Page 37: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/37.jpg)
WiFi JAMMING….
![Page 38: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/38.jpg)
Fake Access Points
SSID: XYZ Bank
![Page 39: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/39.jpg)
![Page 40: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/40.jpg)
Fake Access Points
SSID: XYZ Bank
![Page 41: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/41.jpg)
• Basics of Wifi• Types of wireless networks• Wireless Standards(802.11 series)• Encryption Algorithms• Wireless hacking methodology• ATTACKS(commonly encountered)• Staying secure(Defense)• Security Tools
![Page 42: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/42.jpg)
Defense against WPA / WPA2 attacks
• Extremely Complicated keys can help• Passphrase should not one from dictionary, so
use uncommon-senseless words.• Key should be more than 20 chars with
combination of special chars, numbers, alphabets. Change them at regular intervals.
![Page 43: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/43.jpg)
#eY,t#!$c@/\/_B-gUd0n3?@$sW0rD
![Page 44: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/44.jpg)
1. WPA instead of WEP2. WPA2 Enterprise implementation3. Place AP at secured location.4. Centralized authentication & Update Drivers
regularly.5. Changing default SSID after Configuring
WLAN6. Firewall policies & Router access Password
Security Checkboxes
![Page 45: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/45.jpg)
1. MAC add. Filtering2. Encryption at Access Point 3. Packet Filtering between AP4. Network Strength configuration.5. Use Ipsec’s for encryption on WLANS6. Check out for Rogue Access Points
Security Checkboxes(contd…)
![Page 46: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/46.jpg)
Wi-Fi Security Auditing Tools
• AirMagnet Wifi Analyzer• AirDefense• Adaptive wireless IPS• ARUBA RF Protect WIPS• And many others…
![Page 47: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/47.jpg)
?
![Page 48: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/48.jpg)
Questions?
• What you want to ask, many already have that same question on their mind. Be bold and lead
• OK, if you don’t want to speak and keep shut and keep thinking about it in your mind and take those questions home, make sure you email those to us and sleep well at night!
![Page 49: WiFi Secuiry: Attack & Defence](https://reader033.vdocuments.mx/reader033/viewer/2022052410/54c6a9c34a7959b14b8b4588/html5/thumbnails/49.jpg)
What should be our topic for the next meet?
I hate to ask but, how can we make this better?