Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Threats 2 – Hacking Techniques

Published byVivien Holmes Modified over 7 years ago

Similar presentations

Presentation on theme: "Wireless Threats 2 – Hacking Techniques"— Presentation transcript:

1 Wireless Threats 2 – Hacking Techniques
Hacking Techniques in Chapter 6 of Wireless Maximum Security by Peikari, C. and Fogie, S.

2 Hacking Techniques Diverse Hacker Attack Methods Sniffing
Spoofing and Session Hijacking Understanding Buffer Overflows Unexpected Input Denial-of-Service Attacks

3 Diverse Hacker Attack Methods
Social Engineering Rely on physical and interpersonal skills cracking techniques that rely on weaknesses in {wetware} rather than software; the aim is to trick people into revealing passwords or other information that compromises a target system's security. Classic scams include phoning up a mark who has the required information and posing as a field service tech or a fellow employee with an urgent access problem.

4 Diverse Hacker Attack Methods
The Virtual Probe Trickery E.g. Pretending to be market research from a survey company, a hacker can call and ask all kinds of questions about the network operating systems, intrusion detection systems (IDSs), and firewalls. If the hacker was really malicious, she could even offer a cash reward for the time it took for the network administrator to answer the questions.

5 Diverse Hacker Attack Methods
Lost Password Password is the only way a hacker can bypass security measures. A hacker will need to borrow a real account until he can obtain a root access and set up a new account for himself. To trick someone into giving it to them E.g. Imagine if you were the lowly IT staff person on call and the CEO rang you up at 10:30 p.m. irate about a lost password.

6 Diverse Hacker Attack Methods
Chatty Technicians A fake request might appear. A naïve user to a disguised administrator Social Spying Using observation to acquire information For example, people do not hide their PINs when they take money out at the ATM? A “flower delivery” at 8:00a.m. in the morning would give a hacker the necessary excuse to casually stroll through an office building.

7 Diverse Hacker Attack Methods
Garbage Collecting Have you ever thrown away a credit card statement without shredding it? Fishing through garbage to find passwords, also known as dumpster driving, can provide a hacker with the crucial information needed to take over your network In addition to passwords, hackers can find memos, sensitive reports, diskettes, old hard drives, and more in the trash

8 Sniffing A sniffer is a program and/or device that monitors all information passing through computer network. It sniffs the data passing through the network off the wire and determines where the data is going where it’s coming from, and what it is. Features such as filter a certain type of data, capture passwords, and more. E.g. Carnivore The sniffer gives the hacker a complete picture of the data sent and received by the computer or network it is monitoring.

9 Sniffing – How does a sniffer work?
Promiscuous mode – It can receive all the traffic sent across the network. It still interacts with the network. But it accept information that has been sent to its media access control (MAC) address. Monitor mode - In WLAN, any data traveling through the airwaves is open to any device that is configured to listen. Initial intention is to troubleshoot faulty equipment and monitor network traffic.

10 Sniffing – How hackers use sniffers?
Hackers use sniffers to get passwords and valuable information. E.g. Ethereal to capture an Take advantage of the fact that chat programs, , web pages and multitude of other programs send their information in plaintext. Ethnical issue: If the information is sent in plaintext to the public domain, how can it be wrong to simply listen?

11 Sniffing – How to detect a sniffer
To detect a NIC running in promiscuous mode. Physically check all the local computers for any sniffer devices or programs. Software detection programs: e.g. AntiSniff use different aspects of the Domain Name Service and TCP/IP components of a network system to detect any malicious programs or devices that are capturing packets (running in promiscuous mode). For average home user, no way to detect whether a computer on the Internet is sniffing your information. This is why encryption is strongly recommended.

12 Sniffing – How to block sniffers?
Use encryption Using Secure Sockets Layer (SSL) protected Web sites and other protection tools Encrypt your passwords, messages and chat sessions In WLAN, encryption is a must in any situation.

13 Spoofing and Session Hijacking
Spoofing is that hackers use to describe the act of faking information sent to a computers. For the purpose: to disguise the location from which the attack originates. Session hijacking involves the faking of one’s identity in order to take over a connection that is already established. IP spoof as TCP/IP requires a return address on data packets to keep a connection open and to maintain a level of reliability when transmitting information.

14 Spoofing – an example Two uses:
Use spam Use in an untraceable denial-of-service attack Flooding a network with packets that have a fake return address not only will slow the flooded network.

15 IP Spoofing Spam: Spammers use a spoofing technique to disguise the source of the . Usually, spammers take the advantage of misconfigured servers as open relay. Session hijacking – middle man between the sender and receiver. Forge ARP packets to update and ARP table for the victims’ computers.

16 Understanding Buffer Overflows
Crash a computer with its own predefined memory length (buffer) A buffer overflow attack deliberately enters more data than a program was written to handle. The extra data “overflow” the region of memory set aside to accept it, thus overwriting another region of memory that was meant to hold some of the program’s instructions. In the ideal attack, the overflow values introduced become new instructions that give the attacker control of the target processor.

17 Understanding Buffer Overflows
Script kiddies use against known buffer overflow vulnerabilities. E.g. In Microsoft’s IIS server Keep a watchful eye out for vendor-released security patches

18 Unexpected Input E.g. The hacker enter the following
User =‘ or ‘’ Password =‘ or ‘’ A SQL query is created “Select * FROM tblUsers WHERE USER = ‘ ’ or ‘ ’ and PASS = ‘ ’ or ‘ ’ ” The database returns the results.

19 Unexpected Input – Exploiting Web Forms
Web-based forms have “hidden” fields that contain information that is sent to a Web server without the client ever seeing it. E.g. prices as hidden fields. Hacker had to download the Web page to her computer and edit the hidden Price field to any value she wanted. Vulnerabilities in FTP programs, SQL server programs, remote login programs, scripting languages.

20 Denial-of-Service (DOS) Attacks
By flooding your computer network with obnoxious signals or malicious code By flooding the target computer or hardware device with information so that it becomes overwhelmed or to send a well-crafted command or piece of erroneous data that crashes the target computer device.

21 DOS – SYN Flooding A SYN attack will tie up a target computer’s resources by making it respond to a flood of commands making use of 3 way handshake (1. Initial SYN sent 2. ACK sent with reply SYN, 3. Final ACK sent) Steps Determine the IP address of the victim Amplify the force of the attack, the hacker will set up several client computers programmed to attack the target at the same time. The victim computer waits for the Final ACK sent for connection

22 DOS – Smurf attacks Make advantages of the fact that the network would amplify the original packets into tens or hundreds of thousands of packets, all directed to one computer E.g. auto reply for and broadcast storm

23 DOS – System overloads Make advantages of the buffer overflow by exploit a specific bug Crash a computer, the overflow will fill a predetermined chunk memory and overflow the memory above, thus overwriting another variable’s data.

24 DOS – DNS spoofing Fool client to go to a faked web site and to give passwords and other personal information Normal DNS Steps: The client asks the DNS server for the domain name’s IP address The DNS server queries its database and replies with an IP address that matches the domain name provided. The client connects to the server with the IP address provided by the DNS server.

25 DOS – DNS spoofing Hacked DNS Steps:
The client asks the DNS server for the domain name’s IP address The hacked DNS server responds with a forged IP address. The client connects to the fake server. The fake server copies the request and sends it to the real server. The real server, using secure DNS, sends the response to the client. Hackers get some valuable information. 50- 70% of all DNS servers are not secure.

Download ppt "Wireless Threats 2 – Hacking Techniques"

Similar presentations

Module X Session Hijacking

Module X Session Hijacking
Tactics to Discover “Passive” Monitoring Devices

Tactics to Discover “Passive” Monitoring Devices
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
“All your layer are belong to us” Rogue 802.11 APs, DHCP/DNS Servers, and Fake Service Traps.

“All your layer are belong to us” Rogue APs, DHCP/DNS Servers, and Fake Service Traps.
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
1 Eastern Michigan University Asad Khailany, Eastern Michigan University Dmitri Bagatelia, Eastern Michigan University Wafa Khorsheed, Eastern Michigan.

1 Eastern Michigan University Asad Khailany, Eastern Michigan University Dmitri Bagatelia, Eastern Michigan University Wafa Khorsheed, Eastern Michigan.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Attacks Mark Shtern.

Network Attacks Mark Shtern.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.

Analysis of Attack By Matt Kennedy. Different Type of Attacks o Access Attacks o Modification and Repudiation Attacks o DoS Attacks o DDoS Attacks o Attacks.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

Similar presentations

Ads by Google