Presentation is loading. Please wait.

Presentation is loading. Please wait.

WLAN Auditing Tools and Techniques Todd Kendall, Principal Security Consultant September 2007.

Published bySharleen Perkins Modified over 8 years ago

Similar presentations

Presentation on theme: "WLAN Auditing Tools and Techniques Todd Kendall, Principal Security Consultant September 2007."— Presentation transcript:

1 WLAN Auditing Tools and Techniques Todd Kendall, Principal Security Consultant September 2007

2 2 Agenda Wireless Technology1 Auditing Wireless2 Wireless Hacking Examples3 Closing4

3 3 Wireless Technology Wireless, Wireless Everywhere

4 4 Wireless Technology With Great Power, Comes Great Responsibility Ben Parker, Spiderman Every Convenience Has A Cost Todd Kendall, Symantec

5 5 The Wireless Threat Gartner Says Wireless LANs are the Major Wireless Security Problem Facing Businesses Through 2008 Analysts Discuss How to Secure a Wireless Network at Gartner IT Security Summit 2004 WASHINGTON, D.C., June 9, 2004 — Through 2006, 70 percent of successful wireless local area network (WLAN) attacks will be because of the misconfiguration of WLAN access points (AP) and client software...

6 6 Wireless Risk Misconceptions regarding wireless security Wireless threats in production, rogue and hotspot networks DoS attacks, eavesdropping, protocol weaknesses, information disclosure

7 7 Wireless Auditing Wireless Auditing Is Essential to the Security of NOT ONLY your wireless network, but the rest of your environment –By finding and mitigating wireless vulnerabilities you are performing the appropriate due diligence and fiduciary responsibility as an organizations representative

8 8 Wireless Auditing Auditing Goals –What role do you play in organization CEO, Administrator, Security Team –Identify AP’s and Clients –Examine Network Configuration What Security Mechanisms Are in Use –Map the Network Range and Coverage –Assess Data Traffic for Information Disclosure –Ensure Policy Compliance

9 9 Wireless Auditing

10 10 Action Plan Auditing Results –Auditing provides an organization with and understanding of their current security posture and allows them to address the risks within your environment –Helps determine whether you have properly enforced your wireless policy –Helps determine security requirements for wireless technology, especially from a budgeting perspective –Helps determine your risks –Provides solutions for mitigating risks

11 11 Action Plan Benefit –Cost or ROI –Satisfy due diligence –Satisfy fiduciary responsibility –Protects the organization from negative press –Protects other network segments –Protect employees –Satisfy Compliance Efforts

12 12 WEP

13 13 Wired Equivalent Privacy (WEP) Basic encryption mechanism for wireless networks Uses RC4 for encryption Designed to prevent casual traffic sniffing attacks There are a number of failures associated with WEP and a variety of attacks to defeat it

14 14 WEP Attacks Vendor Implementation Weakness –Neesus Datacom Key Generation Algorithm –wep_crack (effective for 40-bit only) Dictionary Attacks –WEPAttack FMS Attacks –Aircrack(ng)

15 15 Vendor Implementation Weakness Example wep_crack

16 16 Dictionary Attack Example WEPAttack

17 17 FMS Attack Example Aircrack-ng

18 18 LEAP

19 19 802.1x/EAP Overview Weaknesses and Administrative Problems of Wireless Networks –How do you distribute dynamic keys? –How do you authenticate users? Solution: A LEAP of Faith!

20 20 LEAP Dictionary Attack Asleap

21 21 WPA

22 22 Wi-Fi Protected Access (WPA) WPA is a part of the 802.11i specification, which is dedicated to improving the security of wireless networks Two Major Problems with upgrading the security of wireless networks –Had to be fixed as a software upgrade –Lack of available processing capacity in wireless equipment Temporary Solution: Temporal Key Integrity Protocol (TKIP)

23 23 WPA Pre-shared Key (PSK) Attack cowpatty

24 24 Closing Wireless Auditing Is Essential to the Security of NOT ONLY your wireless network, but the rest of your environment –By finding and mitigating wireless vulnerabilities you are performing the appropriate due diligence and fiduciary responsibility as an organizations representative Only through auditing can an organization understand their current security posture and address the risks within the environment –Knowledge is Power Organizations benefit from auditing in a variety of ways, but essentially it all comes down to cost –Incident Response costs exponentially more than an audit

25 25 References Wireshark – http://www.wireshark.orghttp://www.wireshark.org Kismet – http://www.kismetwireless.nethttp://www.kismetwireless.net wep_crack – http://www.lava.net/~newsham/wlan/http://www.lava.net/~newsham/wlan/ WEPAttack – http://wepattack.sourceforge.nethttp://wepattack.sourceforge.net Aircrack-ng – http://www.aircrack-ng.orghttp://www.aircrack-ng.org Asleap – http://asleap.sourceforge.nethttp://asleap.sourceforge.net Cowpatty – http://sourceforge.net/projects/cowpattyhttp://sourceforge.net/projects/cowpatty File2air- http://secwatch.org/wifidownload.php?cat=5http://secwatch.org/wifidownload.php?cat=5 http://wirelessdefence.org

26 26 & ANSWERS QUESTIONS Todd Kendall todd_kendall@symantec.com

27 Thank You Copyright © 2007 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Download ppt "WLAN Auditing Tools and Techniques Todd Kendall, Principal Security Consultant September 2007."

Similar presentations

Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.

Security Policy. TOPICS Objectives WLAN Security Policy General Security Policy Functional Security Policy Conclusion.
Symantec Education Skills Assessment SESA 3.0 Feature Showcase

Symantec Education Skills Assessment SESA 3.0 Feature Showcase
‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, 2012 1 Industry and the fight against cybercrime.

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.
Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Backup Modernization with NetBackup Appliances

Backup Modernization with NetBackup Appliances
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wireless Insecurity.

Wireless Insecurity.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Similar presentations

Ads by Google