Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless LAN Security  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD.

Published byAlaina Walker Modified over 9 years ago

Similar presentations

Presentation on theme: "Wireless LAN Security  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD."— Presentation transcript:

1 Wireless LAN Security  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD  Securing & Managing Wireless LAN : Implementing 802.1x EAP-TLS EAP-PEAP-MSCHAPv2, FreeRADIUS + dialupadmin + MySQL with Windows XP SP1 & Linux Client ( DEMO )  Make Deep Security with WPA2 Wifi Protected Access = 802.1x + ( TKIP or CCMP ) Wifi Protected Access = 802.1x + ( TKIP or CCMP )

2 Hacking and Cracking Wireless LAN by Josua M Sinambela Email : josh@ugm.ac.id josh@ugm.ac.id Pengguna OpenSource jogja-wireless@yahoogroups.com

3 Hardware Requirement Card Wireless ( USB/PCI/PCMCIA ) Card Wireless ( USB/PCI/PCMCIA ) Recommended : PCMCIA with Prism2 Firmware or Orinoco Compatible USB with Prism Firmware or Orinoco Compatible PC/Notebook/Laptop with Linux/BSD OS PC/Notebook/Laptop with Linux/BSD OS Recommended : Notebook/Laptop with PCMCIA slot Optional Antenna for more gain Optional Antenna for more gain

4 Tools/Software Kismet : War-driving with passive mode scanning and sniffing 802.11a/b/g, site survey tools Kismet : War-driving with passive mode scanning and sniffing 802.11a/b/g, site survey tools Airsnort : Sniffing and Cracking WEP Airsnort : Sniffing and Cracking WEP Ethereal : Sniffing and Analyze dump packet Ethereal : Sniffing and Analyze dump packet Airfart : Wireless Scanning and monitoring Airfart : Wireless Scanning and monitoring Airjack : MITM Attack and DoS tools Airjack : MITM Attack and DoS tools FakeAP : Fake AP tools FakeAP : Fake AP tools WEPCrack : Cracking WEP WEPCrack : Cracking WEP

5 Kismet Needs driver which are capable of reporting packets in rfmon like : Needs driver which are capable of reporting packets in rfmon like : ACX100, ADMTek, Atheros, Cisco, Prism2, Orinoco, WSP100, Drone, pcapfile, wrt54g Not work : Intel Centrino, Broadcom, Airport Extreme, Atmel, Realtek, HermesII Source Code Download from : www.kismetwireless.com Source Code Download from : www.kismetwireless.com www.kismetwireless.com For RPM-man : For RPM-man : http://rpm.pbone.nethttp://rpm.pbone.net or Ask Uncle Google http://rpm.pbone.net or Ask Uncle Google http://rpm.pbone.net How to Install Kismet from source ? How to Install Kismet from source ? README !!! It requires many Libraries & Utilities.

6 Compiling and Installing tar –zxvf kismet-2004-04-R1.tar.gz tar –zxvf kismet-2004-04-R1.tar.gz cd kismet-2004-04-R1 cd kismet-2004-04-R1./configure./configure make (linux) or gmake (BSD) make (linux) or gmake (BSD) make install (linux) or gmake install (BSD) make install (linux) or gmake install (BSD) cd /usr/local/etc/ cd /usr/local/etc/ vi kismet.conf vi kismet.conf

7 kismet.conf suiduser=josh suiduser=josh Source Driver.. ( in linux ) #source=orinoco,eth1,orinocosource #source=orinoco,eth1,orinocosource #source=wlanng_avs,wlan0,newprism2source #source=wlanng_avs,wlan0,newprism2source #source=hostap,wlan0,hostap #source=hostap,wlan0,hostap Source Driver.. ( prism2 in BSD ) #source=radiotap_fbsd_b,wi0,prismbsd #source=radiotap_fbsd_b,wi0,prismbsd piddir=/home/josh piddir=/home/josh

8 How to Run kismet daemon Run kismet as superuser/root Run kismet as superuser/root Run from shell/terminal console Run from shell/terminal console Run only in suiduser home directory ( see kismet.conf ) or in the directory that can be written by suiduser like /tmp Run only in suiduser home directory ( see kismet.conf ) or in the directory that can be written by suiduser like /tmp cd /home/josh cd /home/josh kismet kismet

9

10 Press “h” for help

11 Kismet In Action

12

13

14

15 AirSnort Works only with Cards : Works only with Cards : Cisco, Prism2, Orinoco Source Code Downloaded from : Source Code Downloaded from : http://airsnort.shmoo.com For RPM-man : http://rpm.pbone.nethttp://rpm.pbone.net or Ask uncle Google http://rpm.pbone.net or Ask uncle Google http://rpm.pbone.net How to Install AirSnort from source ? How to Install AirSnort from source ? README !!! It requires many Libraries & Utilities.

16 Compiling and Installing tar –zxvf airsnort-0.2.5.tar.gz tar –zxvf airsnort-0.2.5.tar.gz cd airsnort-0.2.5 cd airsnort-0.2.5./configure./configure make make make install make install

17 How to Run Airsnort Airsnort works in XWindows mode Airsnort works in XWindows mode Open Terminal program Open Terminal program su to Superuser/root ( only root can change wireless adapter mode ) su to Superuser/root ( only root can change wireless adapter mode ) Run with type airsnort & Run with type airsnort &

18 Airsnort Interface

19 AirSnort In Action

20 Ethereal Get the source Get the source http://www.ethereal.com Or install from Installation CD Or install from Installation CD I use Mandrake 10.0 Official. It is available Run Ethereal in XWindows Run Ethereal in XWindows

21 Ethereal in Action

22 AirFart Used for Scanning and Wireless Monitoring Used for Scanning and Wireless Monitoring Only supports prism2 cards with wlan-ng driver. Only supports prism2 cards with wlan-ng driver. Get source from : Get source from : http://sourceforge.net/projects/airfart

23 AirFart Interfaces

24 FakeAP FakeAP generates 802.11b beacon with random ESSID, BSSID (MAC) and channel. FakeAP generates 802.11b beacon with random ESSID, BSSID (MAC) and channel. Works only with PRISM2/2.5/3 Card with hostap driver ( Master Mode ) Works only with PRISM2/2.5/3 Card with hostap driver ( Master Mode ) Needs hostap-utils for activate WEP Needs hostap-utils for activate WEP Get from http://www.blackalchemy.to/project/fakeap/ Get from http://www.blackalchemy.to/project/fakeap/ http://www.blackalchemy.to/project/fakeap/

25 Install FakeAP [root@lognight local]# tar -zxvf fakeap031.tar.gz [root@lognight local]# tar -zxvf fakeap031.tar.gzfakeap-0.3.1/fakeap-0.3.1/fakeap.plfakeap-0.3.1/CREDITSfakeap-0.3.1/COPYINGfakeap-0.3.1/READMEfakeap-0.3.1/INSTALLfakeap-0.3.1/lists/fakeap-0.3.1/lists/stefan-maclist.txtfakeap-0.3.1/lists/stefan-wordlist.txtfakeap-0.3.1/lists/koaps-fo-wo [root@lognight local]# cd fakeap-0.3.1/ [root@lognight local]# cd fakeap-0.3.1/ [root@lognight fakeap-0.3.1]# vi fakeap.pl [root@lognight fakeap-0.3.1]# vi fakeap.pl

26 Edit fake.pl my $MAX_CHANNEL = 14; my $MAX_CHANNEL = 14; my $IWCONFIG = "/sbin/iwconfig"; my $IWCONFIG = "/sbin/iwconfig"; my $IFCONFIG = "/sbin/ifconfig"; my $IFCONFIG = "/sbin/ifconfig"; my $CRYPTCONF = "/usr/src/hostap-utils-0.2.4/hostap_crypt_conf"; my $CRYPTCONF = "/usr/src/hostap-utils-0.2.4/hostap_crypt_conf"; RUN fake.pl [root@lognight fakeap-0.3.1]# perl fakeap.pl fakeap 0.3.1 - Wardrivring countermeasures Copyright (c) 2002 Black Alchemy Enterprises. All rights reserved Usage: fakeap.pl --interface wlanX [--channel X] [--mac XX:XX...] [--essid NAME] [--words FILENAME] [--sleep N] [--vendors FILENAME] [--essid NAME] [--words FILENAME] [--sleep N] [--vendors FILENAME] [--wep N] [--key KEY] [--power N] [--wep N] [--key KEY] [--power N] --channel X Use static channel X --channel X Use static channel X --essid NAME Use static ESSID NAME --essid NAME Use static ESSID NAME --mac XX:XX... Use static MAC address XX:... --mac XX:XX... Use static MAC address XX:... --words FILE Use FILE to create ESSIDs --words FILE Use FILE to create ESSIDs --sleep N Sleep N Ssec between changes, default 0.25 --sleep N Sleep N Ssec between changes, default 0.25 --vendor FILE Use FILE to define vendor MAC prefixes --vendor FILE Use FILE to define vendor MAC prefixes --wep N Use WEP with probability N where 0 < N <= 1 --wep N Use WEP with probability N where 0 < N <= 1 --key KEY Use KEY as the WEP key. Passed raw to iwconfig --key KEY Use KEY as the WEP key. Passed raw to iwconfig --power N Vary Tx power between 1 and N. In milliwatts --power N Vary Tx power between 1 and N. In milliwatts

27 FakeAP in Action

28 Impact of FakeAP for airfart

29 Impact of FakeAP for Kismet

30 Impact of FakeAP for Netstumbler

31 AirJack Used for jamming (DoS) and Man In The Middle Attack (MITM) Used for jamming (DoS) and Man In The Middle Attack (MITM) Works in prism2 and Lucent cards Works in prism2 and Lucent cards Only works for Linux kernel 2.4  Only works for Linux kernel 2.4 

32 Hacking and Cracking Wireless LAN by Josua M Sinambela Email : josh@ugm.ac.id josh@ugm.ac.id Network Administrator JTE UGM

Download ppt "Wireless LAN Security  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD."

Similar presentations

ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.

ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.
Overview How to crack WEP and WPA

Overview How to crack WEP and WPA
Wireless LAN Security Understanding and Preventing Network Attacks.

Wireless LAN Security Understanding and Preventing Network Attacks.
Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Wireless technology hit the American market more than 60 years ago during World War I and World War II Today its the IEEE 802.11 standard, also known.

Wireless technology hit the American market more than 60 years ago during World War I and World War II Today its the IEEE standard, also known.
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
7/31/2002Black Hat 2002, Las Vegas NV Advanced 802.11 Attack Mike Lynn & Robert Baird.

7/31/2002Black Hat 2002, Las Vegas NV Advanced Attack Mike Lynn & Robert Baird.
Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA1 Using Kismet to enhance the security level in enterprise.

Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA1 Using Kismet to enhance the security level in enterprise.
WIRELESS NETWORKS - A.HARIKA Y5CSO28. INTRODUCTION It refer to a telecommunication networks whose interconnections between nodes is implemented without.

WIRELESS NETWORKS - A.HARIKA Y5CSO28. INTRODUCTION It refer to a telecommunication networks whose interconnections between nodes is implemented without.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Introduction to Site Surveys Matt Larsen, CEO Skybeam.

Introduction to Site Surveys Matt Larsen, CEO Skybeam.
Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.

Final Presentation Presented By: Gal Leibovich Liran Manor Supervisor: Hai Vortman.
The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.

The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialBCMSN-6-4 1 Configuring Cisco WLAN Clients BCMSN Module 6 Lesson 4.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialBCMSN Configuring Cisco WLAN Clients BCMSN Module 6 Lesson 4.
Thessaloniki 28-30 November 2014. Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom.

Thessaloniki November Penetration Testing with Android Devices Hacking with our pocket device, made easy! Thomas Sermpinis a.k.a. Cr0wTom.
Wireless Insecurity.

Wireless Insecurity.
Handoff Delay for 802.11b Wireless LANs Masters Project defense Anshul Jain Committee: Dr. Henning Schulzrinne, Columbia University Dr. Zongming Fei, University.

Handoff Delay for b Wireless LANs Masters Project defense Anshul Jain Committee: Dr. Henning Schulzrinne, Columbia University Dr. Zongming Fei, University.
Wireless LAN Security  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD.

Wireless LAN Security  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD.
 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.

 Any unauthorized device that provides wireless access  Implemented using software, hardware, or a combination of both  It can be intentional or unintentionally.

Similar presentations

Ads by Google