Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA1 Using Kismet to enhance the security level in enterprise.

Similar presentations


Presentation on theme: "Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA1 Using Kismet to enhance the security level in enterprise."— Presentation transcript:

1 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA1 Using Kismet to enhance the security level in enterprise 通訊所 曹爾凱

2 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA2 Outline Introduction Attack scenarios Implement Future work Reference

3 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA3 Introduction Why?  100% security is Where happened?  More than 60% attack is start from What can I do?  Defense in depth

4 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA4 Attack Scenarios: Monkey-Jack Before Monkey-Jack After Monkey-Jack MITM Attack  Taking over connections at layer 1 and 2  Insert attack machine between victim and access point

5 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA5 Management frames 1.Deauthenticate victim from real AP Send Deauthenticate frames to the victim using the access point’s MAC address as the source 2.Victim’s 802.11 card scans channels to search for new AP 3.Victim’s 802.11 card associates with fake AP on the attack machine Fake AP is on a different channel than the real one Attack machine’s fake AP is duplicating MAC address and ESSID of real AP 4.Attack machine associates with real AP Attack machine duplicates MAC address of the victim’s machine. Attack Scenarios: Monkey-Jack

6 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA6 Attack Scenarios: Monkey-Jack

7 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA7 Attack Scenarios: From Internal Misconfiguration WarDriving Enterprise 1

8 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA8 Attack Scenarios: From Internal WarDriving Bad employees Enterprise 2

9 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA9 Attack Scenarios: From Internal DoS!! WISP

10 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA10 Implement Platform  IXP 425 OS  MontaVista Linux Software  Kismet  Snort Develop environment  IXPD 425

11 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA11 Steps Install target and host toolkits. Porting the hostap driver to MontaVista Porting the Kismet to MontaVista Porting the Snort to MontaVista Config kismet and snort Edit rc.local to load hostap driver and start kismet, snort automatically. Test.. & problems.

12 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA12 Defence Scenarios kismet

13 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA13 Future works  Combine Network Management system  Form passive mode to active mode  Locate attacker  Honey pot

14 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA14 Reference WarDriving: Drive, Detect, Defend: A Guide to Wireless Security Kismet website  http://www.kismetwireless.net AirJack  http://802.11ninja.net/airjack/

15 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA15

16 Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA16 My suggest in Wireless LAN security MAC Filtering. Disable SSID Broadcasting. Configure Power output. Connection with VPN. Using WPA!!


Download ppt "Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA1 Using Kismet to enhance the security level in enterprise."

Similar presentations


Ads by Google