Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIS 5212.001 Week 11 Site:

Published byJune Powell Modified over 9 years ago

Similar presentations

Presentation on theme: "MIS 5212.001 Week 11 Site:"— Presentation transcript:

1 MIS 5212.001 Week 11 Site: http://community.mis.temple.edu/mis5212sec001s15/ http://community.mis.temple.edu/mis5212sec001s15/

2  In the news  Presentations  More Wireless Security  Getting wireless card working in Kali  Introduction to Kismet  Next Week 2MIS 5212.001

3  Submitted  http://thehackernews.com/2015/03/github-hit-by- massive-ddos-attack-from_27.html http://thehackernews.com/2015/03/github-hit-by- massive-ddos-attack-from_27.html  http://thehackernews.com/2015/03/rc4-ssl-tls- security.html http://thehackernews.com/2015/03/rc4-ssl-tls- security.html  http://www.latesthackingnews.com/2015/03/31/h otel-wi-fi-can-allow-hackers-to-inject-malware-in- your-systems/ (Broken link at time of slide creation) http://www.latesthackingnews.com/2015/03/31/h otel-wi-fi-can-allow-hackers-to-inject-malware-in- your-systems/  http://www.networkworld.com/article/2901527/m icrosoft-subnet/crypto-ransomware-attack-hit-new- jersey-school-district-locked-up-entire- network.html?t51hb http://www.networkworld.com/article/2901527/m icrosoft-subnet/crypto-ransomware-attack-hit-new- jersey-school-district-locked-up-entire- network.html?t51hb MIS 5212.0013

4  Submitted  http://redmondmag.com/Articles/2015/04/01/Cy berattackers.aspx?Page=1 http://redmondmag.com/Articles/2015/04/01/Cy berattackers.aspx?Page=1  http://arstechnica.com/security/2015/03/massive- denial-of-service-attack-on-github-tied-to-chinese- government/ http://arstechnica.com/security/2015/03/massive- denial-of-service-attack-on-github-tied-to-chinese- government/  http://thehackernews.com/2015/03/anonymous- hacker-israel.html http://thehackernews.com/2015/03/anonymous- hacker-israel.html MIS 5212.0014

5  What I noted  http://krebsonsecurity.com/2015/03/sign-up-at-irs-gov- before-crooks-do-it-for-you/ http://krebsonsecurity.com/2015/03/sign-up-at-irs-gov- before-crooks-do-it-for-you/  http://krebsonsecurity.com/2015/03/tax-fraud-advice- straight-from-the-scammers/ http://krebsonsecurity.com/2015/03/tax-fraud-advice- straight-from-the-scammers/  http://www.scmagazine.com/passport-visa-info-on-g20- leaders-leaked-in-email/article/406424/ http://www.scmagazine.com/passport-visa-info-on-g20- leaders-leaked-in-email/article/406424/  http://www.theregister.co.uk/2015/03/31/verizon_sup ercookies_disabled/ http://www.theregister.co.uk/2015/03/31/verizon_sup ercookies_disabled/  http://www.theregister.co.uk/2015/03/31/us_still_hoar ding_0days_says_eff/ http://www.theregister.co.uk/2015/03/31/us_still_hoar ding_0days_says_eff/  http://www.theregister.co.uk/2015/03/31/ebay_snuffs_ malware_upload_bug/ http://www.theregister.co.uk/2015/03/31/ebay_snuffs_ malware_upload_bug/  http://www.bbc.com/news/uk-england-london- 32095189 http://www.bbc.com/news/uk-england-london- 32095189 MIS 5212.0015

6  If anyone wants to connect with me on LinkedIn, please feel free to shoot me a request  I’ve got connections with a fair number of vendors and consulting companies MIS 5212.0016

7 7

8  Open WiFi Networks vs Encrypted WiFi Networks  In an open network, your browsing can be monitored  Every thing is sent in the clear  WPA2-PSK fixes this “Somewhat” MIS 5212.0018

9  Uses a pre-shared key (hence the acronym PSK)  The pre-shared key is known to all authorized users  Anyone with the pre-shared key has what they need to decrypt traffic  Wireshark has a built in option to decrypt traffic if you have the key  This means WPA2-PSK is not much more secure than no encryption, unless you trust everyone on the network MIS 5212.0019

10 10  Edit->Preferences->IEEE 802.11

11  WPA2-PSK tries to address this issue by use of PTK  However, the PTK is derived from the PSK  So… It is easy to capture the PTK if you have the PSK MIS 5212.00111

12  WPA2-Enterprise corrects these issues for large networks  EAP authentication along with a Radius server ensures each client gets a unique key  Other authenticated users no longer have a master key to decrypt the traffic MIS 5212.00112

13  Even in WPA2-Enterprise there is still a potential vulnerability from other authorized users (Abuses GTK or Group Temporal Key)  Limited to:  ARP poisoning  Injecting malicious code  Denial of Service w/o using de-auth packets  More detailed description  http://www.airtightnetworks.com/home/resources /knowledge-center/wpa2-hole196- vulnerability.html http://www.airtightnetworks.com/home/resources /knowledge-center/wpa2-hole196- vulnerability.html MIS 5212.00113

14  802.11 wireless:  Network detector  Sniffer  Intrusion detection system  Works with any wireless card which supports raw monitoring mode (not all do)  Can sniff:  802.11b  802.11a  802.11g  802.11n MIS 5212.00114

15  Supports a plugin architecture allowing for additional non-802.11 protocols to be decoded  Identifies networks by passively collecting packets and detecting networks, which allows it to detect (and given time, expose the names of) hidden networks and the presence of non- beaconing networks via data traffic MIS 5212.00115

16  Pre-installed in Kali  Did not launch from drop down menu in my instance  Needed to start from command line  Be patient, it will walk through configuration  You can automate via configuration files, but for now just follow prompts MIS 5212.00116

17  We will  Get USB Wireless Adapter working with Kali  Launch and configure Kismet  Explore a little bit MIS 5212.00117

18 MIS 5212.00118

19  Use the command: iwconfig  This should give something like the following: MIS 5212.00119

20 MIS 5212.00120

21 MIS 5212.00121

22  http://kismetwireless.net/documentation.sht ml http://kismetwireless.net/documentation.sht ml MIS 5212.00122

23  Saw this briefly last semester  Pre-installed in Kali MIS 5212.00123

24 MIS 5212.00124

25  Will throw an error due to running as root in Kali, just click OK and move on  Will need to turn wireless menu on by going to View tab and clicking on “Wireless Toolbar” MIS 5212.00125

26  Select “wlan0mon”  Click on “Start”  Be patient, it will take a minute or so to update MIS 5212.00126

27 MIS 5212.00127

28  In the news  More wireless  WEP in detail  Intro to AirCrack and breaking WEP MIS 5212.00128

29 ? MIS 5212.00129

Download ppt "MIS 5212.001 Week 11 Site:"

Similar presentations

ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.

ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.
ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.

ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.
Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
MIS 5212.001 Week 12 Site:

MIS Week 12 Site:
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wireless Insecurity.

Wireless Insecurity.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
How to Secure a Home Wi-Fi S. Roy. Acknowledgement In preparing the presentation slides and the lab setup, I received help from Professor Simon Ou Professor.

How to Secure a Home Wi-Fi S. Roy. Acknowledgement In preparing the presentation slides and the lab setup, I received help from Professor Simon Ou Professor.

Similar presentations

Ads by Google