Today s challenge on Wireless Networking. David Leung, CISM Solution Consultant, Security Datacraft China/Hong Kong Ltd.

Similar documents
Wireless Network Security

What is Eavedropping?

Wireless Attacks and Countermeasures

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Wireless LAN Security (RM12/2002)

2013 Summer Camp: Wireless LAN Security Exercises JMU Cyber Defense Boot Camp

Sample Exam Ethical Hacking Foundation

WIRELESS EVIL TWIN ATTACK

Wireless Network Security

Section 4 Cracking Encryption and Authentication

Hacking Encrypted Wireless Network

WLAN Security. Dr. Siwaruk Siwamogsatham. ThaiCERT, NECTEC

LESSON 12: WI FI NETWORKS SECURITY

Gaining Access to encrypted networks

BackTrack 5 Wireless Penetration Testing

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

Security of WiFi networks MARCIN TUNIA

PRODUCT GUIDE Wireless Intrusion Prevention Systems

Overview of Security

Ethical Hacking and Prevention

D. The bank s web server is using an X.509 certificate that is not signed by a root CA, causing the user ID and password to be sent unencrypted.

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

Wireless Attacks and Defense. By: Dan Schade. April 9, 2006

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne

5 Steps Wifi Hacking Cracking WPA2 Password

Motorola AirDefense Retail Solutions Wireless Security Solutions For Retail

ETHICAL HACKING OF WIRELESS NETWORKS IN KALI LINUX ENVIRONMENT

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

SYSTEM THREAT ANALYSIS FOR HIGH ASSURANCE SOFTWARE DEFINED RADIOS

Wireless technology Principles of Security

Basic Wireless Settings on the CVR100W VPN Router

Is Your Wireless Network Being Hacked?

Exam Questions SY0-401

Missouri University of Science and Technology ACM SIG-Security 2014 Wi-Fi Workshop Exploitation Handbook

Once in BT3, click the tiny black box in the lower left corner to load up a "Konsole" window. Now we must prep your wireless card.

Attacking Networks. Joshua Wright LightReading LIVE! October 1, 2003

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

Mobile Security Fall 2013

ECCouncil Computer Hacking Forensic Investigator (V8)

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Chapter 1 Describing Regulatory Compliance

WPA SECURITY (Wi-Fi Protected Access) Presentation. Douglas Cheathem (csc Spring 2007)

SETTING UP THE LAB 1 UNDERSTANDING BASICS OF WI-FI NETWORKS 26

How Insecure is Wireless LAN?

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Wireless Security Security problems in Wireless Networks

Wireless Networking Basics. Ed Crowley

Education Network Security

Security Audit What Why

Chapter 24 Wireless Network Security

Wireless Network Security Spring 2016

Network Security. Thierry Sans

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

WIDS Technology White Paper

Payment Card Industry (PCI) Data Security Standard

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

CEH Tools. Sniffers. - Wireshark: The most popular packet sniffer with cross platform support.

Vulnerability issues on research in WLAN encryption algorithms WEP WPA/WPA2 Personal

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Managing Rogue Devices

GCIA. GIAC Certified Intrusion Analyst.

Hacking Wireless Networks by data

Cyber Criminal Methods & Prevention Techniques. By

Vendor: ECCouncil. Exam Code: EC Exam Name: Computer Hacking Forensic Investigator Exam. Version: Demo

HACKING EXPOSED WIRELESS: WIRELESS SECURITY SECRETS & SOLUTIONS SECOND EDITION JOHNNY CACHE JOSHUA WRIGHT VINCENT LIU. Mc Graw mim

Configuring Wireless Security Settings on the RV130W

Wireless Network Security Spring 2011

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

FinIntrusion Kit / Release Notes. FINFISHER: FinIntrusion Kit 4.0 Release Notes

Configuring Security Solutions

Wireless Terms. Uses a Chipping Sequence to Provide Reliable Higher Speed Data Communications Than FHSS

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

5 Tips to Fortify your Wireless Network

Wireless Network Security Spring 2015

Managing Rogue Devices

System Threat Analysis Case Study for Software Based Communications

Chapter 1 Introduction

HACKING & INFORMATION SECURITY Presents: - With TechNext

CPTE: Certified Penetration Testing Engineer

Advanced Diploma on Information Security

EAPeak - Wireless 802.1X EAP Identification and Foot Printing Tool. Matt Neely and Spencer McIntyre

Interworking Evaluation of current security mechanisms and lacks in wireless and Bluetooth networks ...


WPA Migration Mode: WEP is back to haunt you

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake.

Learn How to Configure EnGenius Wi-Fi Products for Popular Applications

Standard For IIUM Wireless Networking

Family Structural Overview

Obstacle Avoiding Wireless Surveillance Bot

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Network aspects of School infrastructure

DWS-4000 Series DWL-3600AP DWL-6600AP

Wireless Security Guide (for Windows XP, Windows Vista, Windows 7, Mac OSx)

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم

CWNA Exam PW0-100 certified wireless network administrator(cwna) Version: 5.0 [ Total Questions: 120 ]

Transcription:

Today s challenge on Wireless Networking David Leung, CISM Solution Consultant, Security Datacraft China/Hong Kong Ltd.

Agenda How Popular is Wireless Network? Threats Associated with Wireless Networking Wireless Security the Revolution Layered Wireless Security Approach Maintaining Good Health - Wireless Assessment

How Popular is Wireless Network? War Driving 2007 PISA War Driving Route

How Popular is Wireless Network? 7000 6000 War Driving 2007 PISA 6662 53% 5000 4000 3000 2000 1000 0 187 784 319% 1723 119% 2650 4344 2002 2003 2004 2005 2006 2007 53% No. of APs discovered 63%

How Popular is Wireless Network? War Driving 2007 PISA 80.00% 70.00% 60.00% 50.00% 40.00% 30.00% 20.00% 10.00% 0.00% 79.31% 20.69% 72.49% 27.51% 2006 2007 WEP WPA/WPA2 Encryption Mode %

How Popular is Wireless Network? War Driving 2007 PISA Wep-like encryption key Web or FTP site names Political wordings Others Organization name Non-broadcasted SSID Individual or family name ICQ-like symbols Funny names Foul language Email address Default SSID (Factory settings) Chinese name 1% 0.01% 0.01% 0.01% 0.01% 0.01% 0.01% 0.01% 4% 10% 10% 36% 39% SSID Analysis

Wireless Security the Revolution Traditional Network Environment Protection focused on Network Entry Point (Outside-In) Firewall VPN 2-factor logon Less worried on internal Bounded by Physical Protection Less likelihood on internal security incidents End point security for road runners Standardized H/W, O/S, applications As Wireless Network Deployed The Network Becomes Boundaryless Physical boundary have been removed No more walls to protect your NETWORK Radio signal leakage Insufficient planning Mis-configurations Wireless Networking is Invisible!

Wireless Security the Revolution WiFi Encryptions How secure they are? WEP (Wired Equivalent Privacy) Shared Key: 64 or 128-bit WEP Key (24-bit IV included) Packet encrypted by RC4 streams Security weakness Short Key size (2 20 RC4 keys) IV collisions or altered packets Can be cracked within hours WPA2 (WiFi Protected Access) Created in response to serious weaknesses found in WEP Personal 8 to 63 character Pre-shared Key Enterprise 802.1X authentication / Radius (individual has their own password) TKIP or AES encryption Technically more secure

Threats Associated with Wireless Networking Identity Theft Spoofing Mac Address, SSID etc. Breaking encryption 50% successful rate with 40,000 packets 95% successful rate with 85,000 packets 104-bit WEP key can be break within 3 seconds with 40,000 packets Hacking tools on wireless client WEP Cracking, not AP anymore The Café Latte Attack WepOff

Threats Associated with Wireless Networking Network Probe Configuration Request Default Authentication Shared + DHCP Request Association Request Shared + Static IP Approximate Cracking time Probe Response ~ 6 minutes Authentication Success ~ 6 minutes Association Response Probing & Association with target victim Connection Established Open + DHCP ~ 6 minutes ARP Requests Send numerous ARP Requests to victim Open + Static IP ARP Responses ~ 6 minutes Collect sufficient ARP Respnonses for WEP Cracking

Threats Associated with Wireless Networking Denial-of-Service Attacks Aim to prevent legitimate users from accessing network resources loss of production DoS on perimeter of Network (e.g. F/W, Mailserver etc.) Single point of attack, single point of protection Most F/W and Anti-Spam can block malicious connections How about multiple point of attacks = multiple point of protection Jamming Wireless Signal in a matter of seconds Your internet connections still works.but you users can t access it. Heavy workload to IT Support Again, No trace at all

Threats Associated with Wireless Networking How easy to crack WEP? 1. Setup equipment a Computer WiFi card that supports monitoring mode and packet injection Market available tools e.g. Backtrack CD 2. Find the target (SSID) Airdump-ng Net Stumbler 3. Capture Data from Air Airmon-ng Airodump-ng 4. Wait..or make the network busy Aireplay-ng Packetforge-ng 5. Crack WEP key with Captured Data Aircrack-ng

Threats Associated with Wireless Networking Scary enough!? What more is coming! Ad Hoc Connections Mis-association with external APs Hackers associated with Rogue APs Hackers associated with mis-configured APs

New Wireless Security Approach

New Wireless Security Approach 1) Securing Wireless Devices Reconfigure from default settings (SSID, Admin login, Password etc.) Establish set Channels of operations off channel traffic as suspicious activity 2) Secure Communications MAC address filtering WPA-2 encryption and keep updates VPNs Personal Firewall End-point security

New Wireless Security Approach 3) Monitor for security and compliance Nature of wireless security requires 24 hours monitoring on: Identifying rouge devices APs, Clients and Devices Detecting intrusion Enforcing wireless security policies Automatic around-the-clock blocking of suspicious traffic Location tracking on rouge & unauthorized devices

Maintain Good Health Wireless Assessment Common Mis-concepts I do not deploy wireless networking I do not allow my users to use wireless How can you be sure? 10 Steps on Wireless Assessment: 1) Review existing security policies 2) Review the system architecture and configurations. 3) Review operational support tools and procedures 4) Interview users 5) Verify configurations of wireless devices 6) Investigate physical installations of access points 7) Identify rogue access points 8) Perform penetration tests 9) Analyze security gaps 10) Recommend improvements

Maintain Good Health Wireless Assessment BackTrak Free suite of tools (300+) Snort ntop db_autopwn kismet unicornscan No Installation Required, Self-run on CD What it can do for you Foot-printing Analysis Scanning Wireless Brute-forcing Cracking Basic Application Wireshark Analysis Back included and & Track Metasploit Security in BackTrack Engine

References PISA War Driving 2007 http://www.pisa.org.hk/event/war-driving-2007.htm Network Stumbler http://www.netstumbler.com/ The Café Latte Attack http://www.airtightnetworks.net/knowledgecenter/ppt/toorcon.ppt AirDefense Network http://www.airdefense.net AirDefense Network http://www.airdefense.net

End of Presentation

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback