LISTING ACCESS POINT ON TOP OF THE LIST Hacking access point users By Uttam Gurung.

Slides:

Advertisements

Similar presentations

INTRODUCTION TO Wi-Fi TECHNOLOGY.

Advertisements

Wireless LAN Security Understanding and Preventing Network Attacks.

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

TROUBLESHOOTING guide

Securing A Wireless Home Network. Wireless Facts Range about feet from access point Security anyone can eavesdrop on an unsecured wireless network.

DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

OPSEC Awareness Briefing Man-In-The-Middle Attacks (MITM)

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Security Awareness: Applying Practical Security in Your World

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.

Firewalls As Presented by Brian Dunn. Definition General Protects computer(s) from unauthorized access Types Hardware devices Software programs.

Chapter 9 Connecting to and Setting up a Network

Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

Bullet-Proofing Your Wireless Router By Steve Janss.

Securing a Wireless Network

TAX-AIDE Network Router Setup Network Printer Setups July SMT/TCS Training - Dallas1.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Addressing Networking for Home and Small Businesses – Chapter.

Wireless Networking and Security

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Connecting Computers and Keeping them safe from Hackers and Viruses Bradie Britzmann and Courtney Hughes Britzmann & Hughes.

Steps To Set Up Your Home Wireless Network You can use a wireless network to share Internet access, files, printers, and more. Or you can use it to surf.

Honeypot and Intrusion Detection System

EDT 661 Kelly Maurer. (((DS))) (((WIRELESS PRINTER))) ((( NETBOOK ))) DESKTOP ROUTER MODEM INTERNET /DLS (FROM WALL)

Environment => Office, Campus, Home  Impact How, not Whether A Checklist for Wireless Access Points.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

WIFI. What is wifi ? Wi-Fi is the name of a popular wireless networking technology that uses radio waves to provide wireless high-speed Internet and network.

David Abarca, Instructor Del Mar College Computer Corner Wireless Network Access Control.

WIRELESS NETWORKING Ramiah Qasem, Jahmia Algahmie, Andrew Speice.

Retina Network Security Scanner

Network Components Basics!. Network HUB  Used to connect multiple Ethernet devices together  Layer 1 of the OSI model  Not used much today.

Mobile Security By Jenish Jariwala. What is Mobile Security?  Mobile Security is the protection of smartphones, tablets, laptops and other portable computing.

Chapter 7 Part 2 Networks. Why would I ever consider a wired network connection over a wireless? – Wireless signals are more susceptible to interference.

Securing A Wireless Home Network. Simple home wired LAN.

Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.

Denial of Convenience Attack to Smartphones Using a Fake Wi-Fi Access Point Erich Dondyk, Cliff C. Zou University of Central Florida.

 Follow the steps in order to solve the sync issue with the best fitness trackers;best fitness trackers  1. Reboot your Fitness Tracker and the device.

Securing your Personal Wireless Networks By: Bryan Oxendale.

Securing a Wireless Home Network BY: ARGA PRIBADI.

Brianne Stewart.   A wireless network is any computer network that is not connected with a cable  Many homes use this type of internet access  Less.

Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

© ExplorNet’s Centers for Quality Teaching and Learning 1 Install, configure, and deploy a SOHO wireless/wired router using appropriate settings. Objective.

Computer Networks CSC September 23,

NETWORK SECURITY. What do you see THE IMPORTANCE OF SECURITY THE ARE WEBSITES ON THE INTERNET COULD INFORM PEOPLE THE RANGE AND AVAILABLE UNSECURED SITES.

SOHO Security Recommendations. Change default user/password Of the AP/router Typical  admin – admin  root – root  root – 1234  Admin - There are web.

Hardware and software that can provide a good level of security In this presentation I am going to provide advices on hardware and software that needs.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Wireless Security By: Bryan M Keller.

Instructor Materials Chapter 6 Building a Home Network

Wireless Technologies

Common Methods Used to Commit Computer Crimes

NETW 05A: APPLIED WIRELESS SECURITY Unauthorized Access

Ways to protect yourself against hackers

Securing A Wireless Network

Wireless Network Security

Wireless Fidelity (15881A0515).

مقدمة في الحاسب الآلي T. Arwa Alsarami.

Using the Virtual Private Network (VPN) on an iPad 2

FIXMYWIFI EXTENDER. STEP 1: OPEN THE DEVICE FROM THE PACKED BOX, THEN CONNECT THE ANTENNA TO THE DEVICE, AFTER COMPLETING THE PROCESS OF CONNECTING.

Information Technology Services Education and Awareness Team

Chapter 6 Networks Communicating and Sharing Resources

Belkin routers offers good performance and robust hardware B E L K I NR O U T E R SB E L K I NR O U T E R S.

Information Technology Services Education and Awareness Team

Security in mobile technologies

Presentation transcript:

LISTING ACCESS POINT ON TOP OF THE LIST Hacking access point users By Uttam Gurung

WIRELESS NETWORK AND DEVICES Wireless devices are common in todays world. Smartphones, tablets and ultra-books are connecting people to internet more than ever. Cheap and easier to use wireless routers has made it easy for user to connect to internet easily. Neighborhood is getting crowded by new access points added frequently. Wireless networks are secured and are password protected but there are other means to hack sensitive and private data, and access point passwords.

LISTING ACCESS POINT Operating Systems display list of available access points in different orders Windows 8 operating system lists available APs sorted by the strength of the wireless signal of access point IPad OS lists available APs sorted by the name of the APs. Windows Phone 8 OS displays the list of APs according to the strength of wireless signal. Can these listing behaviors be used by Hackers to their advantage to make users connect to the Honeypot AP and access private data? Can the same listing behavior be used to gain access to password of the legit access point?

ASSUMPTIONS OF THE RESEARCH Users can be fooled to connect to the access point, named similar to access point known to the user and listing it on top of the list. User will try to connect to the access point on top of the list even if they are unsecured, but has almost same name.

HARDWARE AND SOFTWARE Router: Linksys WRT54G Router Router Firmware: dd-wrt.v _NEWD_mini Proxy Server: Modified version of http proxy written by Fábio Domingues High gain WIFI antenna: Vertical Omni-Directional 15 dB Omni Directional Antenna Operating System used for Experiment: The proxy server was ran on Raspberry Pi (Tiny ARM Computer) with Raspbian wheezy OS installed, which is an optimized version of Debian for Raspberry Pi.

CONTROLLED EXPERIMENT Experimented was performed in a household with three family members and two friends; age range from 19 to 28 Each users were given different devices to connect to the internet, each devices were reset and were not connected to any network by default. Dot was added to the name of targeted access point to list it on top of access point list displayed by IPad. AP with name.Upower was created to target legit access point Upower. Three out of five IPad users connected to the honeypot AP, fooled by how the name looked exact same and listed on top of crowded list. The legit Access Points strength was decreased to list the honeypot access point on top of AP list displayed by Windows 8 and Windows Phone 8 OS.

CONTROLLED EXPERIMENT Three out of five user in Windows 8 Operating System connected to honeypot access point. It was hard to put access point on top of the list as windows 8 list them sorted by wireless signal strength. None of the Windows Phone 8 operating system.

CONTROLLED EXPERIMENT IPad listing of access point..Upower is honeypot Upower is legit access point.

CONTROLLED EXPERIMENT Windows 8 listing of access point. Unsecure Upower and secure UPower are honeypot Secure Upower is legit access point.

CONTROLLED EXPERIMENT Windows 8 Phone list of Access Points

UNCONTROLLED EXPERIMENT One secured and another unsecured honeypot access points were created. Each honeypot access point were named similar to the targeted access point. Honeypot access point name was changed everyday to target different access points in neighborhood. Names were added dot on front to put it on top of the list of OS that sorted list by name. The high gain antenna were used to gain advantage over targeted access point to list the honeypot access point on top of the list for the OS that sorted the list by strength.

UNCONTROLLED EXPERIMENT Legit AP in Neighborho od Unsecured honeypot AP with DOT in beginning of AP name Secured Honeypot AP with exact same name as legit AP Unsecured honeypot AP with exact same name as legit AP Test Test Test Test Test Test6 1020

CONCLUSION Normal users connect to the Access Point that has almost exact name as their own Access Point or the Access Point they are asked to connect to and appears on top of the list. Hackers can use the name of access point to plan coordinated attack to fool user on connecting to honeypot Same method can be used to fool legit user of secured access point to give password to hacker. Hackers access point can be programmed to log the login attempt and store the password as fooled user tried to login using real password.

REMEDIES Default behavior of access point broadcasting the SSID can be turned off The wireless devices can be manually configured to connect to an access point This step does not provide 100% security against the attack as hackers can detect SSID by detecting different messages in Wi-Fi protocol. Still, using techniques like SSID broadcast disable makes it more likely that would-be intruders will bypass the access point, seeking easier targets