Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Presents:
WiFi SECURITY
-With TechNext
We AreThe Speakers
Sudarshan Pawar
Prakashchandra Suthar
Security Enthusiast
Cisco Certified Network Associate
Red Hat Linux Certified
Security Xplained (TechNext Speaker)
Computer Engg
Security Researcher.
Topics to be covered
Basics of Wifi
Types of wireless networks
Wireless Standards(802.11 series)
Encryption Algorithms
Wireless hacking methodology
ATTACKS(commonly encountered)
Staying secure(Defense)
Security Tools
We are not including stats, history, who did what/when/why-> Bcoz its Booooring.!!! U can
google them later.!
Current Generation
Basics of Wifi
Types of wireless networks
Wireless Standards(802.11 series)
Encryption Algorithms
Wireless hacking methodology
ATTACKS(commonly encountered)
Staying secure(Defense)
Security Tools
Wifi Basics
WiFi(Wireless Fidelity)->Wireless
networks(commonly referred as WLAN
Developed on IEEE 802.11 standards
Wireless networks include: Bluetooth, Infrared
communication, Radio Signal etc.
Components used:
o Wireless Client Receiver
o Access Point
o Antennas
Basics of Wifi
Types of wireless networks
Wireless Standards(802.11 series)
Encryption Algorithms
Wireless hacking methodology
ATTACKS(commonly encountered)
Staying secure(Defense)
Security Tools
Extension to a wired network
(EXTENSION POINT)
(BROADBAND ROUTER)
(ACCESS POINT)
Multiple Access points
(ACCESS POINT-2)
(BROADBAND ROUTER)
(ACCESS POINT-1)
LAN -2-LAN
LAN-1 LAN-2
3g Hotspot
Internet
GPRS
3G
4G
Basics of Wifi
Types of wireless networks
Wireless Standards(802.11 series)
Encryption Algorithms
Wireless hacking methodology
ATTACKS(commonly encountered)
Staying secure(Defense)
Security Tools
How many of you have tried this???
WiFi Standards
Points 802.11b 802.11a 802.11g 802.11n
XOR
CRC 32 DATA ICV ALGO.
CHECKSUM
WEP ENCRYPTED
PACKET(MAC FRAME)
WEP Weakness
1. Key management and key size
2. 24 bit IV size is less.
3. The ICV algorithm is not appropriate
4. Use of RC4 algorithm is weak
5. Authentication messages can be easily forged
Wep Broken beyond repair
WPA (Wi-Fi Protected Access)
Data Encryption for WLAN based on 802.11 std.
Improved Encryption & Authentication Method.
Uses TKIP
Based on WEP
Michael algorithm
Hardware changes not required
Firmware update
Types
1. Personal 2. Enterprise
PSK 802.1x + RADIUS
WPA Working
Temporary
KEY WEP RC4
Encryption key KEYSTREAM
MIXING SEED CIPHER
Transmit
Address
T.S.C.
( PACKET TO BE TRANSMITTED )
MSDU
MICHAELS MPDU ICV
ALGORITHM MSDU + MIC KEY
MIC KEY
WPA2
Long Term Solution (802.11)
Stronger Data protection & Network access control
Used CCMP
Based on AES
Hardware changes required
Types
1. Personal Pre Shared Key
2. Enterprise 802.1x + RADIUS
WPA2 Working
Source: EC Council
Source: someecards
Breaking WPA/WPA2
Dictionary Attacks(Not so successful, but yeah
some time)
Brute Force(tools like: Kismac, Aireplay etc)
WPA PSK
Basics of Wifi
Types of wireless networks
Wireless Standards(802.11 series)
Encryption Algorithms
Wireless hacking methodology
ATTACKS(commonly encountered)
Staying secure(Defense)
Security Tools
Security breaching sequence
Find the network
Study Security
mechanisms
ATTACK!!!!!!!!
(i.e. Decrypt the
packets)
Basics of Wifi
Types of wireless networks
Wireless Standards(802.11 series)
Encryption Algorithms
Wireless hacking methodology
ATTACKS(commonly encountered)
Staying secure(Defense)
Security Tools
DOS
BEFORE ATTACK
Access point is busy handling attackers request
AFTER ATTACK
Man In The Middle Attack(MITM)
Before
After
ARP Poisoning/Spoofing
Source: http://securitymusings.com/wp-content/uploads/2008/12/arp-spoofing.png
WiFi JAMMING.
WiFi JAMMING.
Fake Access Points
What you want to ask, many already have that same question
on their mind. Be bold and lead
OK, if you dont want to speak and keep shut and keep
thinking about it in your mind and take those questions home,
make sure you email those to us and sleep well at night!
What should be our topic for the next meet?