Presentation is loading. Please wait.

Presentation is loading. Please wait.

HACKING & INFORMATION SECURITY

Similar presentations


Presentation on theme: "HACKING & INFORMATION SECURITY"— Presentation transcript:

1 HACKING & INFORMATION SECURITY
Presents: WiFi SECURITY -With TechNext

2 We Are…The Speakers… Sudarshan Pawar Certified Security Expert(C.S.E.)
Certified Information Security Specialist (C.I.S.S.) Security Xplained (TechNext Speaker) Computer Engg. & a Security Professional Prakashchandra Suthar Security Enthusiast Cisco Certified Network Associate Red Hat Linux Certified Security Xplained (TechNext Speaker) Computer Engg Security Researcher.

3

4 Topics to be covered Basics of Wifi Types of wireless networks
Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools We are not including stats, history, who did what/when/why-> Bcoz it’s Booooring….!!! U can google them later….!

5 Current Generation

6 Basics of Wifi Types of wireless networks Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools

7 Wifi Basics WiFi(Wireless Fidelity)->Wireless networks(commonly referred as WLAN Developed on IEEE standards Wireless networks include: Bluetooth, Infrared communication, Radio Signal etc. Components used: Wireless Client Receiver Access Point Antennas

8 Basics of Wifi Types of wireless networks Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools

9 Extension to a wired network
(EXTENSION POINT) (BROADBAND ROUTER) (ACCESS POINT)

10 Multiple Access points
(BROADBAND ROUTER) (ACCESS POINT-1)

11 LAN -2-LAN LAN-1 LAN-2

12 3g Hotspot Internet GPRS 3G 4G

13 Basics of Wifi Types of wireless networks Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools

14 How many of you have tried this???

15 WiFi Standards Points 802.11b 802.11a 802.11g 802.11n Extension to
Bandwidth (Mhz) 20 (11Mbps) 20 (54Mbps) 40 (150Mbps) Frequency(Ghz) 2.4 5 2.4, 5 Pros Lowest cost; signal range is good and not easily obstructed fast maximum speed; regulated frequencies prevent signal interference from other devices fast maximum speed; signal range is good and not easily obstructed fastest maximum speed and best signal range; more resistant to signal interference from outside sources Cons slowest maximum speed highest cost; shorter range signal that is more easily obstructed costs more than b; appliances may interfere on the unregulated signal frequency standard is not yet finalized;

16 Are u seriously concerned about wifi security????? Be honest!

17 Basics of Wifi Types of wireless networks Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools

18 WEP(Wired Equivalence Privacy)
The first encryption scheme made available for Wi-Fi. Uses 24 bit initialization vector for cipher stream RC4 for confidentiality CRC-32 bit checksum for integrity. Typically used by home users. Uses 64,128, 256 bit keys Flawed from the get go.

19 WEP Working WEP Key IV KEY STORE KEYSTREAM DATA ICV XOR ALGO. PAD KID
RC4 CIPHER WEP Key IV KEY STORE KEYSTREAM DATA ICV XOR ALGO. CRC 32 CHECKSUM PAD KID CIPHERTEXT IV WEP ENCRYPTED PACKET(MAC FRAME)

20 WEP Weakness Key management and key size 24 bit IV size is less.
The ICV algorithm is not appropriate Use of RC4 algorithm is weak Authentication messages can be easily forged

21 Wep Broken beyond repair

22 WPA (Wi-Fi Protected Access)
Data Encryption for WLAN based on std. Improved Encryption & Authentication Method. Uses TKIP Based on WEP Michael algorithm Hardware changes not required Firmware update Types Personal Enterprise PSK x + RADIUS

23 WPA Working Temporary Encryption key Transmit Address T.S.C. KEYSTREAM
RC4 CIPHER Temporary Encryption key Transmit Address T.S.C. KEYSTREAM KEY MIXING WEP SEED MAC HEADER IV KID EIV CIPHER TEXT ( PACKET TO BE TRANSMITTED ) MSDU MIC KEY MICHAELS ALGORITHM MSDU + MIC KEY MPDU ICV

24 WPA2 Long Term Solution (802.11)
Stronger Data protection & Network access control Used CCMP Based on AES Hardware changes required Types Personal Pre Shared Key Enterprise 802.1x + RADIUS

25 WPA2 Working Source: EC Council

26 Source: someecards

27 Breaking WPA/WPA2 Dictionary Attacks(Not so successful, but yeah some time…) Brute Force(tools like: Kismac, Aireplay etc) WPA PSK

28 Basics of Wifi Types of wireless networks Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools

29 Security breaching sequence
Find the network Study its traffic Study Security mechanisms ATTACK!!!!!!!! (i.e. Decrypt the packets)

30 Basics of Wifi Types of wireless networks Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools

31 DOS BEFORE ATTACK

32 Access point is busy handling attackers request
AFTER ATTACK

33 Man In The Middle Attack(MITM)
Before

34 After…

35 ARP Poisoning/Spoofing
Source:

36 WiFi JAMMING….

37 WiFi JAMMING….

38 Fake Access Points SSID: XYZ Bank

39

40 Fake Access Points SSID: XYZ Bank

41 Basics of Wifi Types of wireless networks Wireless Standards( series) Encryption Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(Defense) Security Tools

42 Defense against WPA / WPA2 attacks
Extremely Complicated keys can help Passphrase should not one from dictionary, so use uncommon-senseless words. Key should be more than 20 chars with combination of special chars, numbers, alphabets. Change them at regular intervals.

43 #eY,t#!$c@/\/_B-gUd0n3?@$sW0rD

44 Security Checkboxes WPA instead of WEP WPA2 Enterprise implementation Place AP at secured location. Centralized authentication & Update Drivers regularly. Changing default SSID after Configuring WLAN Firewall policies & Router access Password

45 Security Checkboxes(contd…)
MAC add. Filtering Encryption at Access Point Packet Filtering between AP Network Strength configuration. Use Ipsec’s for encryption on WLANS Check out for Rogue Access Points

46 Wi-Fi Security Auditing Tools
AirMagnet Wifi Analyzer AirDefense Adaptive wireless IPS ARUBA RF Protect WIPS And many others…

47 ?

48 Questions? What you want to ask, many already have that same question on their mind. Be bold and lead OK, if you don’t want to speak and keep shut and keep thinking about it in your mind and take those questions home, make sure you those to us and sleep well at night!

49 What should be our topic for the next meet?
I hate to ask but, how can we make this better?


Download ppt "HACKING & INFORMATION SECURITY"

Similar presentations


Ads by Google