Wireless Hacking. Wireless LANs and footprinting Wireless LANs l see basic conceptsbasic concepts Linux versus Windows footprinting l you need a card.

Slides:



Advertisements
Similar presentations
Ethical Hacking Module XV Hacking Wireless Networks.
Advertisements

ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.
Wireless LAN Security Understanding and Preventing Network Attacks.
Wireless technology hit the American market more than 60 years ago during World War I and World War II Today its the IEEE standard, also known.
Hacking Exposed 7 Network Security Secrets & Solutions
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Wireless LAN Security  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD.
1 MD5 Cracking One way hash. Used in online passwords and file verification.
Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wardriving 7/29/2004 The “Bad Karma Gang”. Agenda Introduction to Wardriving The Tools of Wardriving Wardriving Green Lake.
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Wireless Security Presentation by Paul Petty and Sooner Brooks-Heath.
Wireless Insecurity.
Handoff Delay for b Wireless LANs Masters Project defense Anshul Jain Committee: Dr. Henning Schulzrinne, Columbia University Dr. Zongming Fei, University.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
How to Secure a Home Wi-Fi S. Roy. Acknowledgement In preparing the presentation slides and the lab setup, I received help from Professor Simon Ou Professor.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—3-1 Wireless LANs Understanding WLAN Security.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Wireless Security With a focus on Security Dr. Tulin Mangir Partially sponsored by NSF Grant No:
Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.
Wireless Security.
Technology - wireless Describe equipment and technologies operating in the radio frequency (RF) spectrum between 3 Hz and 300 GHz. Examples of wireless.
WLAN What is WLAN? Physical vs. Wireless LAN
Agenda 10:00 11:00 Securing wireless networks 11:00 11:15 Break 11:15 12:00Patch Management in the Enterprise 12:00 1:00 Lunch 1:00 2:30 Network Isolation.
Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,
MASNET GroupXiuzhen ChengFeb 8, 2006 CSCI388 Project 1 Crack the WEP key Liran Ma Department of Computer Science The George Washington University
ECE 578: COMPUTER NETWORK AND SECURITY
Wireless Networking.
By Vamseedhar Vuppu The Secrets of Wireless Hacking.
Hands-On Ethical Hacking and Network Defense
Ethical Hacking Defeating Wireless Security. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Chapter 8 Wireless Hacking Last modified
Wireless Networking Concepts By: Forrest Finkler Computer Science 484 Networking Concepts.
Chapter 8 Wireless Hacking Last modified
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Guided by: Jenela Prajapati Presented by: (08bec039) Nikhlesh khatra.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.
Hands-On Ethical Hacking and Network Defense Lecture 14 Cracking WEP Last modified
Wireless Network Security Presented by: Prabhakaran Theertharaman.
Wi-Fi Technology. Agenda Introduction Introduction History History Wi-Fi Technologies Wi-Fi Technologies Wi-Fi Network Elements Wi-Fi Network Elements.
Wireless Network Hacking.  Authentication Techniques  1. Open System: no security techniques  2. Shared-Key: uses hashed string challenge with WEP.
Stephan Bayer September 9, 2004 INLS 187. What is it? War Driving Software – WarDriving v. The benign act of locating and logging wireless access points.
20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.
Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.
Chapter 8 Wireless Hacking Last modified
The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.
Solving the Security Risks of WLAN Tuukka Karvonen
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
KSU 2015-Summer Cyber Security | Group 1 | Seul Alice Bang Get a Wifi Password.
sniffing Team #1. Easy to sniff To sniff wired communication, must connect the wire between sender and receiver. Because everybody shares the medium.
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
Authentication has three means of authentication Verifies user has permission to access network 1.Open authentication : Each WLAN client can be.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Wireless Hacking Lesson 13. Reminder As a reminder, remember that the tools and techniques that you learn this semester are only to be used on systems.
Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?
Understand Wireless Security LESSON Security Fundamentals.
Module 48 (Wireless Hacking)
Securing A Wireless Network
Technology - wireless Describe equipment and technologies operating in the radio frequency (RF) spectrum between 3 Hz and 300 GHz. Examples of wireless.
Wireless Hacking.
Hacking Wireless Networks
Chapter 12 Communications Security & Countermeasures
WLAN Security Antti Miettinen.
Antti Miettinen (modified by JJ)
Presentation transcript:

Wireless Hacking

Wireless LANs and footprinting Wireless LANs l see basic conceptsbasic concepts Linux versus Windows footprinting l you need a card that works with the tools l the tools need to make the card work in promiscuous mode (sniffing) l many cards and few chipsets

Building a war-drive kit Footprinting : locating APs l passive: listening to AP broadcasts l active: transmitting client beacons in search of AP responses Equipment l cards ( b, 11.g) -- choose the software first l Antennas (e.g. HyperLink Tech)HyperLink Tech l GPS Software (Windows) l NetStumbler (set SSID to ANY) active mode. Counter- measure: set AP not to reply to probes. NetStumbler

More in footprinting software Windows l StumbVerter: download. Uses MapPoint to plot data from NetStumbler StumbVerterdownloadMapPoint Linux l Kismet : both war-drive and sniffer. Uses passive mode (counter-measures difficult). Kismet l GPSMap : comes with Kismet and plots AP locations in maps, using ImageMagick, but is command-line intensive.ImageMagick l Dstumbler (requires kernel patch), better in BSD. Dstumbler

Wireless Scanning and Enumeration Packet-Capture and Analysis l Review of sniffing: FAQ, tools, concept.FAQtoolsconcept l Linux support not covered (too technical) l Ethereal is a good tool in Linux, we used in Hacking Linux. Ethereal l Windows: OmniPeekOmniPeek l requires custom driver, commercial but can download demo l channel scanning, decryption of WEP (needs key) l provides a Peer Map view of hosts found What you are looking for l SSID -- APs respond to a client ANY SSID with their SSID, and you are in if no username and password required. l MAC access control - OmniPeek maps MAC addressesmaps MAC addresses l WEP - war-drive tools indicate if used (e.g. NetStumbler).NetStumbler

Gaining access in SSID l easy to setup from the ward-drive information l just create a profile MAC Access Control l use the sniff information to identify valid MAC addresses. l spoof the MAC address of your wireless card (Read this article for counter-measures).article WEP (Wired Equivalent Privacy) l protects data from eavesdropping, not authentication l uses key between AP and card transmissions l brute-force, key and packet cracking off-line (e.g. Aircrack-ng)Aircrack-ng EAP (Extensible Authentication Protocol) Methods EAPMethods l A client finds an AP and is prompted for a username and password l Keys are create dynamically after login

Counter measures Some basic ideas: l recommendations to secure a WLAN.secure a WLAN l suggestions to minimize WLAN threats.minimize WLAN threats l overview of weakness and solutions for WLANs (old, but good).weakness and solutions l some commercial solutions: AirDefense, AirTight, SmartPass.AirDefenseAirTightSmartPass State-of-the-art solutions l WPA and WPA2: review and WindowsreviewWindows l Using a Radius server for authenticationRadius server l The IAS Radius service in Windows.IAS Radius l FreeRadius home page and tutorialhome pagetutorial 4 Some WLAN security guides. George Ou guide NIST draft