Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Slides:

Advertisements

Similar presentations

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

Advertisements

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

1 MD5 Cracking One way hash. Used in online passwords and file verification.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.

Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.

Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

Wireless networking Roger Treweek Oxford University Computing Services.

Wireless Router Setup. Internet Cable Internet Cable (Blue) Machine Cable (Yellow) Power Plug (Black) Reset Button (Red)

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

Chapter 9 Connecting to and Setting up a Network

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.

1 Configuring Linksys Wireless Router Prof. Valencia Community College.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

1. A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work a router does it called.

Demonstration of Wireless Insecurities Presented by: Jason Wylie, CISM, CISSP.

Wireless Network Security. Wireless Security Overview concerns for wireless security are similar to those found in a wired environment concerns for wireless.

 An electrical device that sends or receives radio or television signals through electromagnetic waves.

Technical Training: DAP-1360 Wireless N Access Point DAP-1360.

WLAN What is WLAN? Physical vs. Wireless LAN

Dainis Krakops’ Wireless Network MOTOROLA SURFboard SB5101 CABLE MODEM Enables cable operators to provide broadband Internet connection for my LAN devices.

Securing a Wireless Network

NETWORKING COMPONENTS Zach Avis. Hub A hub is a low cost way to connect two computers. A hub can also act as a repeater. When a signal comes from one.

Wireless Networking 102.

Agenda 10:00 11:00 Securing wireless networks 11:00 11:15 Break 11:15 12:00Patch Management in the Enterprise 12:00 1:00 Lunch 1:00 2:30 Network Isolation.

Course 201 – Administration, Content Inspection and SSL VPN

Wireless Security Techniques: An Overview Bhagyavati Wayne C. Summers Anthony DeJoie Columbus State University Columbus State University Telcordia Technologies,

Shared success Outline What is network security? Why do we need security? Who is vulnerable? Common security attacks and countermeasures. How to secure.

Computer Networks. Network Connections Ethernet Networks Single wire (or bus) runs to all machines Any computer can send info to another computer Header.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Wireless Router LAN Switching and Wireless – Chapter 7.

Wireless Network Security Dr. John P. Abraham Professor UTPA.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.

Presented by: Dr. Munam Ali Shah

1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.

Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.

Wireless Networking & Security Greg Stabler Spencer Smith.

CS591-Fall 10 Clonts 1 Wireless Network Security Michael Clonts.

David Abarca, Instructor Del Mar College Computer Corner Wireless Network Access Control.

Data Communications and Networks Chapter 10 – Network Hardware and Software ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.

20 November 2015 RE Meyers, Ms.Ed., CCAI CCNA Discovery Curriculum Review Networking for Home and Small Businesses Chapter 7: Wireless Technologies.

The University of Bolton School of Business & Creative Technologies Wireless Networks - Security 1.

CNIT 124: Advanced Ethical Hacking Ch 7: Capturing Traffic.

Lecture 24 Wireless Network Security

DHP Agenda: How to Access Web Interface of the DHP-1320 on Access Point Mode How to Access Web Interface of the DHP-1320 on Router Mode How to Change.

Lesson 10: Configuring Network Settings MOAC : Configuring Windows 8.1.

Solving the Security Risks of WLAN Tuukka Karvonen

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.

Wireless Security Presented by Colby Carlisle. Wireless Networking Defined A type of local-area network that uses high-frequency radio waves rather than.

Securing A Wireless Home Network. Simple home wired LAN.

1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.

Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.

Chapter 1-4 Home Networking. Introduction Setting up a home network is probably one of the first networks that the student sets up. This is an exciting.

Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.

Copyright © 2006 Heathkit Company, Inc. All Rights Reserved Introduction to Networking Technologies Wireless Security.

Tightening Wireless Networks By Andrew Cohen. Question Why more and more businesses aren’t converting their wired networks into wireless networks?

SOHO Security Recommendations. Change default user/password Of the AP/router Typical  admin – admin  root – root  root – 1234  Admin - There are web.

Instructor Materials Chapter 6 Building a Home Network

Wireless Technologies

Methods of Securing LANs

Securing A Wireless Network

Presentation transcript:

Man in the Middle Paul Box Beatrice Wilds Will Lefevers

Project Goal  Demonstrate a Man in the Middle Attack on a wireless network

Agenda  What is Wireless?  How can we make it secure?  Man in the Middle  Demo  Can we ever be truly secure?  Conclusions

What is wireless  More or less it is a radio signal that carries a digital signal Sender (Router) Receiver

Securing Wireless Networks  The basic security used for a WLAN was originally Wired Equivalent Privacy (WEP), but this was shown to provide minimal security due to serious weaknesses. The alternate Wi-Fi Protected Access (WPA) security protocol was later created to address these problems. The second generation of the WPA security protocol (WPA2) is based on the final IEEE i amendment to the standard and is eligible for FIPS compliance. Software solutions such as SSL, SSH, and various types of software encryption have become the preferred methods of securing wireless information transmission. Wired Equivalent PrivacyWi-Fi Protected AccessIEEE i802.11FIPS 140-2SSLSSHencryptionWired Equivalent PrivacyWi-Fi Protected AccessIEEE i802.11FIPS 140-2SSLSSHencryption  Wikipedia, 2005

Project Description  Configure a wireless network  Perform a Man-in-the-Middle (MITM) attack over a wireless network  MITM is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised. (Wikipedia)

Test bed Description  1 D-Link DI b/g Router  2 Laptops  Victim Laptop – Windows XP  Auditing Laptop – Fedora Core 4

Connecting to the Router First plugged the router in and plugged a laptop into it. After acquiring a network address and gateway. We then went to the D-link web Site and looked up the DI-624 user manual and looked up the default username and password. This also confirmed the gateway IP address.

D-Link Manual

Log in to The Router Admin Using IE we connected to the gateway and entered the default username and password

WEP Configuration Changed SSID, changed default username and password to log in and enabled WEP with one key. Chanel 6 was used instead of 11 because the router was firmware routed to number 6 only.

Setting up wireless receiver WEP enabled with key 1

Securing Our Wireless Network We are then able to see and connect to the network we have configured

WPA Configuration WPA-PSK password with broadcast turned off

MAC Filtering Turned on MAC filtering and cloned the known computer and only allowed it

Hijacking Wireless AP  We could easily get into a default configured gateway and shut down wireless and make them connect to us instead.  Or we could block their MAC or De-Auth them and make the Authenticate to us.  But can we make it so they don’t even notice any change at all?

Man in the Middle Hacker Tools  Wellenreiter  Displays a list a available APs  Gives SSIDs, MAC Addresses and Encryption  Ettercap  Filter and MITM attacks  HostAP drivers  WLan-NG tools  Laptop with wireless receiver

MAN IN THE MIDDLE How It Works  The MitM poisons the ARP cache of the victim and the server/gateway/switch  So the victim computer then thinks the hacker's ARP address is the gateway’s.  The gateway thinks the hacker’s ARP address is the victim computer’s.  All data is redirected through the listening system.

MAN IN THE MIDDLE Basic Attacks  Read all clear text information passed between the hosts (i.e., browser requests, username/passwords)  Log/trap all data packets  Packet injection (all these attacks can be performed through traffic dumps and setting your NIC to promiscuous mode)

MAN IN THE MIDDLE Advanced Attacks  Traffic Blocking  Web page denied – 404 error even though the page works fine  Filters  Listen for any signature and change it  Break Encryption  Crypto rollbacks and de-authorization  PPTP/Chapv2->Chapv1->clear text

Why does it work on Wireless  Wireless routers are also switches. Most of the time the wired and wireless side are bridged making them act like one network.  signals are broadcast, so they're essentially working like a hub.  Client devices are supposed to filter out anything not addresses to them, but they don't *have* to.

Similar Attacks  HostAP can be used to create a rogue access point that clients will authenticate with, much like ARP poisoning, but it's more obvious to admins.  Other MitM attacks can use HostAP to deauthenticate a client and force it to re- authenticate with themselves on a different channel.

Protections  SSL connections *may* prevent you from connecting through the MitM.  Read certificates carefully (https pass through) before connecting.  File-Encrypt (pae or other encrypted files) any file you don't want intercepted.  Tunnel into a trusted endpoint  IPSEC, SSH tunnels, VPN  WEP won't work at all because the hacker can tumble your data and find the Key. With the key, all traffic can be decrypted on-the-fly, as if it's clear text.

Conclusions  Lessons Learned  Never assume you are the only one that sees your traffic  Defense Suggestions  Encrypt, Encrypt, Encrypt  Both the connection and the data being passed  WEP and WPA will help but is not infallible