Presentation is loading. Please wait.

Presentation is loading. Please wait.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Man in the Middle Paul Box Beatrice Wilds Will Lefevers."— Presentation transcript:

1 Man in the Middle Paul Box Beatrice Wilds Will Lefevers

2 Project Goal  Demonstrate a Man in the Middle Attack on a wireless network

3 Agenda  What is Wireless?  How can we make it secure?  Man in the Middle  Demo  Can we ever be truly secure?  Conclusions

4 What is wireless  More or less it is a radio signal that carries a digital signal Sender (Router) Receiver

5 Securing Wireless Networks  The basic security used for a WLAN was originally Wired Equivalent Privacy (WEP), but this was shown to provide minimal security due to serious weaknesses. The alternate Wi-Fi Protected Access (WPA) security protocol was later created to address these problems. The second generation of the WPA security protocol (WPA2) is based on the final IEEE 802.11i amendment to the 802.11 standard and is eligible for FIPS 140-2 compliance. Software solutions such as SSL, SSH, and various types of software encryption have become the preferred methods of securing wireless information transmission. Wired Equivalent PrivacyWi-Fi Protected AccessIEEE 802.11i802.11FIPS 140-2SSLSSHencryptionWired Equivalent PrivacyWi-Fi Protected AccessIEEE 802.11i802.11FIPS 140-2SSLSSHencryption  Wikipedia, 2005

6 Project Description  Configure a wireless network  Perform a Man-in-the-Middle (MITM) attack over a wireless network  MITM is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised. (Wikipedia)

7 Test bed Description  1 D-Link DI-624 802.11b/g Router  2 Laptops  Victim Laptop – Windows XP  Auditing Laptop – Fedora Core 4

8 Connecting to the Router First plugged the router in and plugged a laptop into it. After acquiring a network address and gateway. We then went to the D-link web Site and looked up the DI-624 user manual and looked up the default username and password. This also confirmed the gateway IP address.

9 D-Link Manual

10 Log in to The Router Admin Using IE we connected to the gateway and entered the default username and password

11 WEP Configuration Changed SSID, changed default username and password to log in and enabled WEP with one key. Chanel 6 was used instead of 11 because the router was firmware routed to number 6 only.

12 Setting up wireless receiver WEP enabled with key 1

13 Securing Our Wireless Network We are then able to see and connect to the network we have configured

14 WPA Configuration WPA-PSK password with broadcast turned off

15 MAC Filtering Turned on MAC filtering and cloned the known computer and only allowed it

16 Hijacking Wireless AP  We could easily get into a default configured gateway and shut down wireless and make them connect to us instead.  Or we could block their MAC or De-Auth them and make the Authenticate to us.  But can we make it so they don’t even notice any change at all?

17 Man in the Middle Hacker Tools  Wellenreiter  Displays a list a available APs  Gives SSIDs, MAC Addresses and Encryption  Ettercap  Filter and MITM attacks  HostAP drivers  WLan-NG tools  Laptop with wireless receiver

18 MAN IN THE MIDDLE How It Works  The MitM poisons the ARP cache of the victim and the server/gateway/switch  So the victim computer then thinks the hacker's ARP address is the gateway’s.  The gateway thinks the hacker’s ARP address is the victim computer’s.  All data is redirected through the listening system.

19 MAN IN THE MIDDLE Basic Attacks  Read all clear text information passed between the hosts (i.e., browser requests, username/passwords)  Log/trap all data packets  Packet injection (all these attacks can be performed through traffic dumps and setting your NIC to promiscuous mode)

20 MAN IN THE MIDDLE Advanced Attacks  Traffic Blocking  Web page denied – 404 error even though the page works fine  Filters  Listen for any signature and change it  Break Encryption  Crypto rollbacks and de-authorization  PPTP/Chapv2->Chapv1->clear text

21 Why does it work on Wireless  Wireless routers are also switches. Most of the time the wired and wireless side are bridged making them act like one network.  802.11 signals are broadcast, so they're essentially working like a hub.  Client devices are supposed to filter out anything not addresses to them, but they don't *have* to.

22

23 Similar Attacks  HostAP can be used to create a rogue access point that clients will authenticate with, much like ARP poisoning, but it's more obvious to admins.  Other MitM attacks can use HostAP to deauthenticate a client and force it to re- authenticate with themselves on a different channel.

24 Protections  SSL connections *may* prevent you from connecting through the MitM.  Read certificates carefully (https pass through) before connecting.  File-Encrypt (pae or other encrypted files) any file you don't want intercepted.  Tunnel into a trusted endpoint  IPSEC, SSH tunnels, VPN  WEP won't work at all because the hacker can tumble your data and find the Key. With the key, all traffic can be decrypted on-the-fly, as if it's clear text.

25 Conclusions  Lessons Learned  Never assume you are the only one that sees your traffic  Defense Suggestions  Encrypt, Encrypt, Encrypt  Both the connection and the data being passed  WEP and WPA will help but is not infallible

26

Download ppt "Man in the Middle Paul Box Beatrice Wilds Will Lefevers."

Similar presentations

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.

Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless networking Roger Treweek Oxford University Computing Services.

Wireless networking Roger Treweek Oxford University Computing Services.
Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Chapter 9 Connecting to and Setting up a Network

Chapter 9 Connecting to and Setting up a Network
Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
1 Configuring Linksys Wireless Router Prof. Valencia Community College.

1 Configuring Linksys Wireless Router Prof. Valencia Community College.

Similar presentations

Ads by Google