Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Slides:



Advertisements
Similar presentations
Overview How to crack WEP and WPA
Advertisements

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Security in Wireless Networks Juan Camilo Quintero D
IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
1 MD5 Cracking One way hash. Used in online passwords and file verification.
Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.
Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.
Security Awareness: Applying Practical Security in Your World
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security.
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.
Wireless Security Issues Implementing a wireless LAN without compromising your network Marshall Breeding Director for Innovative Technologies and Research.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.
WLAN What is WLAN? Physical vs. Wireless LAN
Securing a Wireless Network
Wireless Attacks. Set up the APs Computer IP: Subnet Mask: Router IP address: –
Agenda 10:00 11:00 Securing wireless networks 11:00 11:15 Break 11:15 12:00Patch Management in the Enterprise 12:00 1:00 Lunch 1:00 2:30 Network Isolation.
Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Wireless Networking.
Certified Wireless Network Administrator (CWNA) PW0-105 Chapter Network Security Architecture.
Chapter Network Security Architecture Security Basics Legacy security Robust Security Segmentation Infrastructure Security VPN.
Ethical Hacking Defeating Wireless Security. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Wireless Networking Concepts By: Forrest Finkler Computer Science 484 Networking Concepts.
Environment => Office, Campus, Home  Impact How, not Whether A Checklist for Wireless Access Points.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
Copyright Security-Assessment.com 2005 Wireless Security by Nick von Dadelszen.
Wireless Encryption: WEP and cracking it. Eric Shea.
CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.
Hands-On Ethical Hacking and Network Defense Lecture 14 Cracking WEP Last modified
Wireless Networking & Security Greg Stabler Spencer Smith.
David Abarca, Instructor Del Mar College Computer Corner Wireless Network Access Control.
20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.
.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.
Solving the Security Risks of WLAN Tuukka Karvonen
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
KSU 2015-Summer Cyber Security | Group 1 | Seul Alice Bang Get a Wifi Password.
 Houses  In businesses  Local institutions  WEP – Wired Equivalent Privacy -Use of Initialization Vectors (IVs) -RC4 Traffic Key (creates keystreams)
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.
By Billy Ripple.  Security requirements  Authentication  Integrity  Privacy  Security concerns  Security techniques  WEP  WPA/WPA2  Conclusion.
EECS  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?
Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.
Module 48 (Wireless Hacking)
Instructor Materials Chapter 6 Building a Home Network
We will talking about : What is WAP ? What is WAP2 ? Is there secure ?
WEP & WPA Mandy Kershishnik.
Securing A Wireless Network
Chapter 12 Communications Security & Countermeasures
Breaking into Wi-Fi Networks
Security Issues with Wireless Protocols
Presentation transcript:

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin

Outline Wireless Networks and Security Attacking and defending WEP Attacking and defending WPA/WPA2 Common defense techniques Summary

Wireless Networks and Security 1) What are Wireless Networks? A wireless network is the way that a computer is connected to a router without a physical link. 2) Why do we need? Facilitates mobility – You can use lengthy wires instead, but someone might trip over them. 3) Why security? Attacker may hack a victim’s personal computer and steal private data or may perform some illegal activities or crimes using the victim’s machine and ID. Also there's a possibility to read wirelessly transferred data (by using sniffers)

Wireless Networks and Security Three security approaches: 1.WEP (Wired Equivalent Privacy) 2.WPA (Wi-Fi Protected Access) 3.WPA2 (Wi-Fi Protected Access, Version 2) WPA also has two generations named Enterprise and Personal.

WEP (Wired Equivalent Privacy) Encryption: – 40 / 64 bits – 104 / 128 bits 24 bits are used for IV (Initialization vector) Passphrase: – Key 1-4 – Each WEP key can consist of the letters "A" through "F" and the numbers "0" through "9". It should be 10 hex or 5 ASCII characters in length for 40/64-bit encryption and 26 hex or 13 ASCII characters in length for 104/128-bit encryption.

WPA/WPA2 Personal Encryption: – TKIP – AES Pre-Shared Key: – A key of 8-63 characters Key Renewal: – You can choose a Key Renewal period, which instructs the device how often it should change encryption keys. The default is 3600 seconds

Attacking WEP iwconfig – a tool for configuring wireless adapters. You can use this to ensure that your wireless adapter is in “monitor” mode which is essential to sending fake ARP (Address Resolution Protocol) requests to the target router macchanger – a tool that allows you to view and/or spoof (fake) your MAC address airmon – a tool that can help you set your wireless adapter into monitor mode (rfmon) airodump – a tool for capturing packets from a wireless router (otherwise known as an AP) aireplay – a tool for forging ARP requests aircrack – a tool for decrypting WEP keys

How to defend when using WEP Use longer WEP encryption keys, which makes the data analysis task more difficult. If your WLAN equipment supports 128-bit WEP keys. Change your WEP keys frequently. There are devices that support "dynamic WEP" which is off the standard but allows different WEP keys to be assigned to each user. Use a VPN for any protocol, including WEP, that may include sensitive information. Implement a different technique for encrypting traffic, such as IPSec over wireless. To do this, you will probably need to install IPsec software on each wireless client, install an IPSec server in your wired network, and use a VLAN to the access points to the IPSec server.

Attacking WPA macchanger – a tool that allows you to view and/or spoof (fake) your MAC address airmon – a tool that can help you set your wireless adapter into monitor mode (rfmon) airodump – a tool for capturing packets from a wireless router (otherwise known as an AP) aireplay – a tool for forging ARP requests ―Capture WPA/WPA2 handshakes by forcing clients to reauthenticate ―Generate new Initialization Vectors aircrack – a tool for decrypting WEP keys (should be used with dictionary)

How to defend when using WPA Passphrases – the only way to crack WPA is to sniff the password PMK associated with the handshake authentication process, and if this password is extremely complicated it will be almost impossible to crack Passphrase Complexity – select a random passphrase that is not made up of dictionary words. Select a complex passphrase of a minimum of 20 characters in length and change it at regular intervals

Common defense techniques Change router default user name and password Change the internal IP subnet if possible Change default name and hide broadcasting of the SSID (Service Set Identifier) None of the attack methods are faster or effective when a larger passphrase is used. Restrict access to your wireless network by filtering access based on the MAC (Media Access Code) addresses Use Encryption

Summary Change all possible default router settings Use encryption (WPA/WPA2) Use long and complex keys/passphrases

Thank you!

References ry=cracking+WEP+and+WPA+with+backtrack& oq=cracking+WEP+and+WPA+with+backtrack &aq=f&aqi=&aql=1&gs_sm=e&gs_upl=1621l1 2434l0l12642l47l46l0l30l0l0l412l4248l l16l0 ry=cracking+WEP+and+WPA+with+backtrack& oq=cracking+WEP+and+WPA+with+backtrack &aq=f&aqi=&aql=1&gs_sm=e&gs_upl=1621l1 2434l0l12642l47l46l0l30l0l0l412l4248l l16l0