 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.

Slides:

Advertisements

Similar presentations

Overview How to crack WEP and WPA

Advertisements

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

Wireless Cracking By: Christopher Zacky.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.

WLAN Security: Cracking WEP/WPA

Автономный сетевой шпион. WiFi Pineapple usage in the wild 21/08/2012 DCG #7812 г. @d_olex.

“All your layer are belong to us” Rogue APs, DHCP/DNS Servers, and Fake Service Traps.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Wifi Penetration Wireless Communication and Computer/Network Forensics.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

1 MD5 Cracking One way hash. Used in online passwords and file verification.

Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.

Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Design Wireless Network 2

Marwan Al-Namari Week 10. RTS: Ready-to-Send. CTS: Clear-to- Send. ACK: Acknowledgment.NAV: network allocation vector (channel access, expected time to.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Wireless LAN Security Yen-Cheng Chen Department of Information Management National Chi Nan University

WLAN What is WLAN? Physical vs. Wireless LAN

195Eg Ethernet Wired LAN 195Eg. Wireless Ethernet Setting IP Address Using Utility Programs Begin Programming Definition Selection Programming Modes of.

Wireless Attacks. Set up the APs Computer IP: Subnet Mask: Router IP address: –

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.

Wireless Networking.

Version Slide 1 Format of lecture Introduction to Wireless Wireless standards Applications Hardware devices Performance issues Security issues.

Wireless Networks Tamus, Zoltán Ádám

Wireless Network Security Dr. John P. Abraham Professor UTPA.

Wireless Networking Concepts By: Forrest Finkler Computer Science 484 Networking Concepts.

Wi-Fi Standards Lucy Nguyen Corey Trouard Zack Wepasnick.

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

1. Insert the Resource CD into your CD-ROM drive, click Start and choose Run. In the field that appears, enter F:\XXX\Setup.exe (if “F” is the letter of.

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

1 WPA, what else? UNAM, Mexico City November 27-28, 2008 Thomas d’Otreppe de Bouvette Aircrack-ng.

Wireless Encryption: WEP and cracking it. Eric Shea.

Wireless II. Frames Frames – Notes 3 Frame type ▫Management  Beacons  Probes  Request  Response  Associations  Request  Response  Disassociate.

WEP Protocol Weaknesses and Vulnerabilities

Wireless Networking & Security Greg Stabler Spencer Smith.

11 SECURING NETWORK COMMUNICATION Chapter 9. Chapter 9: SECURING NETWORK COMMUNICATION2 OVERVIEW  List the major threats to network communications. 

CS591-Fall 10 Clonts 1 Wireless Network Security Michael Clonts.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

.  TJX used WEP security  They lost 45 million customer records  They settled the lawsuits for $40.9 million.

CNIT 124: Advanced Ethical Hacking Ch 7: Capturing Traffic.

Lesson 10: Configuring Network Settings MOAC : Configuring Windows 8.1.

Solving the Security Risks of WLAN Tuukka Karvonen

Wireless Security A lab that actually works! Anne Hewitt Oscar Salazar A lab that actually works! Anne Hewitt Oscar Salazar.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

KSU 2015-Summer Cyber Security | Group 1 | Seul Alice Bang Get a Wifi Password.

Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.

Evil Twin Wireless Access Point Attack (or, Thanks for Your Passwords!) Dan Ginsberg 5/4/2015.

1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.

WPA Cracking with Rainbow Tables For Educational Purposes Only Kurt Wondra November 18 th, 2010  1) Scanning for Vulnerable Networks  2) Capturing Usable.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Wireless LANs.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0— © 2003, Cisco Systems, Inc. All rights reserved.

WIRELESS GATEWAY SHAHIDRUL BIN MAT RASHID 3 TSK 2 MAAM SITI HAJAR BINTI ZAINAL RASHID WIRELESS NETWORK SECURITY.

Module 48 (Wireless Hacking)

Wireless Ethernet Programming

Rogue Access Points attacks

OSA vs WEP WPA and WPA II Tools for hacking

Instructor Materials Chapter 6 Building a Home Network

Wireless Attacks: WEP Module Type: Basic Method Module Number: 0x00

We will talking about : What is WAP ? What is WAP2 ? Is there secure ?

Securing A Wireless Network

Only For Education Purpose

Wireless LAN Security 4.3 Wireless LAN Security.

Breaking into Wi-Fi Networks

Presentation transcript:

 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally set up

 Employees attempting to put in their own wireless at work  Mobile hotspots from cell carriers  Honeypot to see what people are up to on your network  Nefarious activities…

 It’s a huge security risk!  In a corporate environment it allows unauthorized access to the network  Often they’re misconfigured and lack security features

 Your everyday wireless router  Mobile hotspots  Wi-Fi Pineapple

 Hardware Access Point for Man-in- the-Middle attacks  Connection from › Mobile Broadband › Android Tethering › Ethernet › Auxillary Wireless Adapter  Managed via SSH or the Web Interface  Small, easily concealed and battery powered  Expandable with community modules

 MITM attack tools: Karma, DNS Spoof, SSL Strip, URL Snarf, Ngrep and more via the modules  Wireless cracking, replay, and deauth attacks with the Aircrack-NG suite  Autostart service like karma and reverse ssh for instant attack on power-up

 Setup with : › Ad-hoc › Connectify (Windows) › Alfa Wireless Lan Utility (for Alfa wireless card on Windows) › Airbase-ng (Linux)  Airbase-ng is multi-purpose tool aimed at attacking clients as opposed to the access point itself

 Implements the Caffe Latte WEP client attack  Implements the Hirte WEP client attack  WPA/WPA2 handshake capture  Act as an ad-hoc access point  Act as a full featured AP  Filter info by SSID or client MAC address  Manipulate and resend packets  Encrypt & decrypt sent &received packets

 -a bssid : set Access Point MAC address  -i iface : capture packets from this interface  -w WEP key : use this WEP key to encrypt/decrypt packets  -h MAC : source mac for MITM mode  -f disallow : disallow specified client MACs (default: allow)  -W 0|1 : [don't] set WEP flag in beacons 0|1 (default: auto)  -q : quiet (do not print statistics)  -v : verbose (print more messages) (long --verbose)  -M : M-I-T-M between [specified] clients and bssids (NOT CURRENTLY IMPLEMENTED)  -A : Ad-Hoc Mode  -Y in|out|both : external packet processing  -c channel : sets the channel the AP is running on  -X : hidden ESSID  -s : force shared key authentication  -S : set shared key challenge length (default: 128)  -L : Caffe-Latte attack (long --caffe-latte)  -N : Hirte attack (cfrag attack), creates arp request against wep client (long –cfrag)  -x nbpps : number of packets per second (default: 100)  -y : disables responses to broadcast probes  -0 : set all WPA,WEP,open tags. can't be used with -z & -Z  -z type : sets WPA1 tags. 1=WEP40 2=TKIP 3=WRAP 4=CCMP 5=WEP104  -Z type : same as -z, but for WPA2  -V type : fake EAPOL 1=MD5 2=SHA1 3=auto  -F prefix : write all sent and received frames into pcap file  -P : respond to all probes, even when specifying ESSIDs  -I interval : sets the beacon interval (ms)  -C seconds : enables beaconing of probed ESSID values (requires -P)

1.airmon-ng start wlan0 2.airbase-ng -e "Free Wifi" - c 1 -v mon0 3.ifconfig at0 up brctl addbr mitm brctl addif mitm eth0 brctl addif mitm at0 ifconfig eth up ifconfig at up dhclient3 mitm 1. Put wireless card in monitor mode 2. Create SSID on the wireless interface 3. Bring up the AP 4. Configure the bridged adapters 5. Profit