HACKING & INFORMATION SECURITY Presents: - With TechNext
We Are The Speakers Sudarshan Pawar Cer.fied Security Expert(C.S.E.) Cer.fied Informa.on Security Specialist (C.I.S.S.) Security Xplained (TechNext Speaker) Computer Engg. & a Security Professional Prakashchandra Suthar Security Enthusiast Cisco Cer.fied Network Associate Red Hat Linux Cer.fied Security Xplained (TechNext Speaker) Computer Engg Security Researcher.
Topics to be covered Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools We are not including stats, history, who did what/when/why- > Bcoz it s Booooring.!!! U can google them later.!
Current Genera.on
Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools
Wifi Basics WiFi(Wireless Fidelity)- >Wireless networks(commonly referred as WLAN Developed on IEEE 802.11 standards Wireless networks include: Bluetooth, Infrared communica.on, Radio Signal etc. Components used: o Wireless Client Receiver o Access Point o Antennas
Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools
Extension to a wired network (EXTENSION POINT) (BROADBAND ROUTER) (ACCESS POINT)
Mul.ple Access points (ACCESS POINT- 2) (BROADBAND ROUTER) (ACCESS POINT- 1)
LAN - 2- LAN LAN- 1 LAN- 2
3g Hotspot Internet GPRS 3G 4G
Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools
How many of you have tried this???
WiFi Standards Points 802.11b 802.11a 802.11g 802.11n Extension to 802.11 802.11 802.11a 802.11g Bandwidth (Mhz) 20 (11Mbps) 20 (54Mbps) 20 (54Mbps) 20 (54Mbps) 40 (150Mbps) Frequency(Ghz) 2.4 5 2.4 2.4, 5 Pros Lowest cost; signal range is good and not easily obstructed fast maximum speed; regulated frequencies prevent signal interference from other devices fast maximum speed; signal range is good and not easily obstructed fastest maximum speed and best signal range; more resistant to signal interference from outside sources Cons slowest maximum speed highest cost; shorter range signal that is more easily obstructed costs more than 802.11b; appliances may interfere on the unregulated signal frequency standard is not yet finalized;
Are u seriously concerned about wifi security????? Be honest!
Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools
WEP(Wired Equivalence Privacy) The first encryp.on scheme made available for Wi- Fi. Uses 24 bit ini.aliza.on vector for cipher stream RC4 for confiden.ality CRC- 32 bit checksum for integrity. Typically used by home users. Uses 64,128, 256 bit keys Flawed from the get go.
WEP Working KEY STORE WEP Key IV RC4 CIPHER KEYSTREAM CRC 32 CHECKSUM DATA ICV XOR ALGO. IV PAD KID CIPHERTEXT WEP ENCRYPTED PACKET(MAC FRAME)
WEP Weakness 1. Key management and key size 2. 24 bit IV size is less. 3. The ICV algorithm is not appropriate 4. Use of RC4 algorithm is weak 5. Authen.ca.on messages can be easily forged
Wep Broken beyond repair
WPA (Wi- Fi Protected Access) Data Encryp.on for WLAN based on 802.11 std. Improved Encryp.on & Authen.ca.on Method. Uses TKIP Based on WEP Michael algorithm Hardware changes not required Firmware update Types 1. Personal 2. Enterprise PSK 802.1x + RADIUS
WPA Working Temporary EncrypUon key Transmit Address KEY MIXING WEP SEED RC4 CIPHER KEYSTREAM T.S.C. MAC HEADER IV KID EIV CIPHER TEXT ( PACKET TO BE TRANSMITTED ) MSDU MIC KEY MICHAELS ALGORITHM MSDU + MIC KEY MPDU ICV
WPA2 Long Term Solu.on (802.11) Stronger Data protec.on & Network access control Used CCMP Based on AES Hardware changes required Types 1. Personal Pre Shared Key 2. Enterprise 802.1x + RADIUS
WPA2 Working Source: EC Council
Source: someecards
Breaking WPA/WPA2 Dic.onary Akacks(Not so successful, but yeah some.me ) Brute Force(tools like: Kismac, Aireplay etc) WPA PSK
Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools
Security breaching sequence Find the network Study its traffic Study Security mechanisms ATTACK!!!!!!!! (i.e. Decrypt the packets)
Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools
DOS BEFORE ATTACK
AFTER ATTACK Access point is busy handling akackers request
Man In The Middle Akack(MITM) Before
Aler
ARP Poisoning/Spoofing Source: h3p://securitymusings.com/wp- content/uploads/2008/12/arp- spoofing.png
WiFi JAMMING.
WiFi JAMMING.
Fake Access Points SSID: XYZ Bank
Fake Access Points SSID: XYZ Bank
Basics of Wifi Types of wireless networks Wireless Standards(802.11 series) Encryp.on Algorithms Wireless hacking methodology ATTACKS(commonly encountered) Staying secure(defense) Security Tools
Defense against WPA / WPA2 akacks Extremely Complicated keys can help Passphrase should not one from dic.onary, so use uncommon- senseless words. Key should be more than 20 chars with combina.on of special chars, numbers, alphabets. Change them at regular intervals.
#ey,t#!$c@/\/_b- gud0n3?@$sw0rd
Security Checkboxes 1. WPA instead of WEP 2. WPA2 Enterprise implementa.on 3. Place AP at secured loca.on. 4. Centralized authen.ca.on & Update Drivers regularly. 5. Changing default SSID aler Configuring WLAN 6. Firewall policies & Router access Password
Security Checkboxes(contd ) 1. MAC add. Filtering 2. Encryp.on at Access Point 3. Packet Filtering between AP 4. Network Strength configura.on. 5. Use Ipsec s for encryp.on on WLANS 6. Check out for Rogue Access Points
Wi- Fi Security Audi.ng Tools AirMagnet Wifi Analyzer AirDefense Adap.ve wireless IPS ARUBA RF Protect WIPS And many others
Ques.ons? What you want to ask, many already have that same ques.on on their mind. Be bold and lead OK, if you don t want to speak and keep shut and keep thinking about it in your mind and take those ques.ons home, make sure you email those to us and sleep well at night!
What should be our topic for the next meet? I hate to ask but, how can we make this beker?