Presentation is loading. Please wait.

Presentation is loading. Please wait.

LISTING ACCESS POINT ON TOP OF THE LIST Hacking access point users By Uttam Gurung.

Published byShirley Stacey Modified over 10 years ago

Similar presentations

Presentation on theme: "LISTING ACCESS POINT ON TOP OF THE LIST Hacking access point users By Uttam Gurung."— Presentation transcript:

1 LISTING ACCESS POINT ON TOP OF THE LIST Hacking access point users By Uttam Gurung

2 WIRELESS NETWORK AND DEVICES Wireless devices are common in todays world. Smartphones, tablets and ultra-books are connecting people to internet more than ever. Cheap and easier to use wireless routers has made it easy for user to connect to internet easily. Neighborhood is getting crowded by new access points added frequently. Wireless networks are secured and are password protected but there are other means to hack sensitive and private data, and access point passwords.

3 LISTING ACCESS POINT Operating Systems display list of available access points in different orders Windows 8 operating system lists available APs sorted by the strength of the wireless signal of access point IPad OS lists available APs sorted by the name of the APs. Windows Phone 8 OS displays the list of APs according to the strength of wireless signal. Can these listing behaviors be used by Hackers to their advantage to make users connect to the Honeypot AP and access private data? Can the same listing behavior be used to gain access to password of the legit access point?

4 ASSUMPTIONS OF THE RESEARCH Users can be fooled to connect to the access point, named similar to access point known to the user and listing it on top of the list. User will try to connect to the access point on top of the list even if they are unsecured, but has almost same name.

5 HARDWARE AND SOFTWARE Router: Linksys WRT54G Router Router Firmware: dd-wrt.v24-12548_NEWD_mini Proxy Server: Modified version of http proxy written by Fábio Domingues High gain 802.11 WIFI antenna: Vertical Omni-Directional 15 dB Omni Directional Antenna Operating System used for Experiment: The proxy server was ran on Raspberry Pi (Tiny ARM Computer) with Raspbian wheezy OS installed, which is an optimized version of Debian for Raspberry Pi.

6 CONTROLLED EXPERIMENT Experimented was performed in a household with three family members and two friends; age range from 19 to 28 Each users were given different devices to connect to the internet, each devices were reset and were not connected to any network by default. Dot was added to the name of targeted access point to list it on top of access point list displayed by IPad. AP with name.Upower was created to target legit access point Upower. Three out of five IPad users connected to the honeypot AP, fooled by how the name looked exact same and listed on top of crowded list. The legit Access Points strength was decreased to list the honeypot access point on top of AP list displayed by Windows 8 and Windows Phone 8 OS.

7 CONTROLLED EXPERIMENT Three out of five user in Windows 8 Operating System connected to honeypot access point. It was hard to put access point on top of the list as windows 8 list them sorted by wireless signal strength. None of the Windows Phone 8 operating system.

8 CONTROLLED EXPERIMENT IPad listing of access point..Upower is honeypot Upower is legit access point.

9 CONTROLLED EXPERIMENT Windows 8 listing of access point. Unsecure Upower and secure UPower are honeypot Secure Upower is legit access point.

10 CONTROLLED EXPERIMENT Windows 8 Phone list of Access Points

11 UNCONTROLLED EXPERIMENT One secured and another unsecured honeypot access points were created. Each honeypot access point were named similar to the targeted access point. Honeypot access point name was changed everyday to target different access points in neighborhood. Names were added dot on front to put it on top of the list of OS that sorted list by name. The high gain antenna were used to gain advantage over targeted access point to list the honeypot access point on top of the list for the OS that sorted the list by strength.

12 UNCONTROLLED EXPERIMENT Legit AP in Neighborho od Unsecured honeypot AP with DOT in beginning of AP name Secured Honeypot AP with exact same name as legit AP Unsecured honeypot AP with exact same name as legit AP Test1 60127 Test2 301013 Test3 48919 Test4 63124 Test5 2557 Test6 1020

13 CONCLUSION Normal users connect to the Access Point that has almost exact name as their own Access Point or the Access Point they are asked to connect to and appears on top of the list. Hackers can use the name of access point to plan coordinated attack to fool user on connecting to honeypot Same method can be used to fool legit user of secured access point to give password to hacker. Hackers access point can be programmed to log the login attempt and store the password as fooled user tried to login using real password.

14 REMEDIES Default behavior of access point broadcasting the SSID can be turned off The wireless devices can be manually configured to connect to an access point This step does not provide 100% security against the attack as hackers can detect SSID by detecting different messages in Wi-Fi protocol. Still, using techniques like SSID broadcast disable makes it more likely that would-be intruders will bypass the access point, seeking easier targets

Download ppt "LISTING ACCESS POINT ON TOP OF THE LIST Hacking access point users By Uttam Gurung."

Similar presentations

INTRODUCTION TO Wi-Fi TECHNOLOGY.

INTRODUCTION TO Wi-Fi TECHNOLOGY.
Wireless LAN Security Understanding and Preventing Network Attacks.

Wireless LAN Security Understanding and Preventing Network Attacks.
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
TROUBLESHOOTING guide

TROUBLESHOOTING guide
Securing A Wireless Home Network. Wireless Facts Range about 50 - 200 feet from access point Security anyone can eavesdrop on an unsecured wireless network.

Securing A Wireless Home Network. Wireless Facts Range about feet from access point Security anyone can eavesdrop on an unsecured wireless network.
DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.

DAP-1520 FAQ’s Wireless AC750 Dual Band Range Extender.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
OPSEC Awareness Briefing Man-In-The-Middle Attacks (MITM)

OPSEC Awareness Briefing Man-In-The-Middle Attacks (MITM)
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.

1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.
Firewalls As Presented by Brian Dunn. Definition General Protects computer(s) from unauthorized access Types Hardware devices Software programs.

Firewalls As Presented by Brian Dunn. Definition General Protects computer(s) from unauthorized access Types Hardware devices Software programs.
Chapter 9 Connecting to and Setting up a Network

Chapter 9 Connecting to and Setting up a Network
Wireless Networking. Wi-Fi or 802.11 Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
Bullet-Proofing Your Wireless Router By Steve Janss.

Bullet-Proofing Your Wireless Router By Steve Janss.

Similar presentations

Ads by Google