Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Network Attacks: Tools, Attack Vectors, and Solutions.

Published by태희 양 Modified over 5 years ago

Similar presentations

Presentation on theme: "Wireless Network Attacks: Tools, Attack Vectors, and Solutions."— Presentation transcript:

1 Wireless Network Attacks: Tools, Attack Vectors, and Solutions.
By: Thomas Vaccaro

2 Hardware Software Concepts
Antenna - yagi, lpda, omni and amplifiers - how amplifiers work NIC - monitor mode, primiscous mode Hack RF one Wifi pineapple Software Aircrack-ng - wifi crack Cain and abel - windows password Wireshark - packet sniff Nessus - vulnerabilties - CVE - IEEE? Concepts Frequencies - wifi very specific 2.4Hz vs range mW power Man in the middle Rouge access point Rainbow tables, brute force, VPN - encrypting traffic Netowrk spoofing Wifi broadcasting SSID - don’t just turn wifi off and have location wifi turned on High vs low level - risk management

3 Tools - Yagi The Yagi-Uda Antenna is more commonly known as a Yagi (Ya-Ghee) Directional Dipole Antenna The boom points in the direction of the transmission and receiving cone One Dipole - Driven (Transmission Line) At Least One Reflector - Parasitic One or More Elements (Directors) - Parasitic Size determines frequency and they will be the same size We need b/g/n for WiFi - ~2.4 GHz The more elements, the more narrow of a range of frequencies Boom - Connects Everything The length of the dipole and elements determines what frequency will be transmitted or received

4 Tools - LPDA Log-Periodic Dipole Antenna
Works very similar to the Yagi The same components Elements are different sizes and are all driven from the front of the boom Different sizes for a range of frequencies Not used as frequently with computers Ham Radio

5 Tools - Omnidirectional
Signal is transmitted or received 360º around the antenna The antenna is driven The part that connects to the antenna is ground Can be tuned for different frequencies Less far-reaching than directional

6 Attacks - War Driving Driving to see open or weak encrypted networks
Make a map of possible targets Cross-reference houses or business’ and try to find high-profile targets Or just get free internet* Computer Fraud and Abuse Act Use proper tools depending on location to attack the target *Class A misdemeanor in New York State

7 Attacks - Packet Sniffing
Wireshark or Aircrack-ng Aircrack-ng comes with WEP and WPA cracking tools Enable Promiscuous Mode See traffic that isn’t intended for user’s MAC address Monitor Mode Check NIC for Monitor Mode Availability Observe plaintext for any useful data Credentials PCI or PII Vulnerabilities

8 Attacks - Password Cracking
Brute Force Rainbow Tables Giving up hard disk space over computing power Common encrypted passwords Pass the Hash Sending the hash of a password and being authenticated WPA/WPA2 WEP Cracking Nearly plaintext

9 Solutions Use WPA2 or more secure and never use WEP
Passwords need to be 13+ characters with an upper and lowercase, a number, and a symbol Two factor authentication with active directory Keep access points physically secure Keep access point’s range at a minimum Keep a watch and CCTV 24/7 for wardriving If suspected - file a police report No Wireless Make the whole building a faraday cage Patch vulnerabilities using tools Local VPN Firewall Segment network Tools - IPS, IDS, Log manager, vulnerability manager

10 References Anim K, Jung Y-B. Shortened Log-Periodic Dipole Antenna Using Printed Dual-Band Dipole Elements. IEEE Transactions on Antennas & Propagation. 2018;66(12): doi: /TAP Hal Berghel and Jacob Uecker WiFi attack vectors. Commun. ACM 48, 8 (August 2005), DOI: Horáleka, Josef, et al. “Analysis of the Use of Rainbow Tables to Break Hash.” Journal of Intelligent & Fuzzy Systems, vol. 32, no. 2, Feb. 2017, pp. 1523–1534. EBSCOhost, doi: /JIFS MacMichael, Cmdr. John. “Navy Wireless Networks — FIPS or Bust!” Department of Navy Chief Information Officer - Policy: Acceptable Use of DON Information Technology, Sept. 2005, NIST. “National Institute of Standards and Technology.” NIST Special Publication B, 2019, pages.nist.gov/ /sp800-63b.html. Saurav K, Sarkar D, Srivastava K. A dual-band reconfigurable Yagi-Uda antenna with diverse radiation patterns. Applied Physics A: Materials Science & Processing ;123(7):1-8. doi: /s y. Scalisi, Michael. “Analyze Network Problems With Wireshark.” PCWorld, vol. 28, no. 4, Apr. 2010, p. 30. EBSCOhost, search.ebscohost.com/login.aspx?direct=true&db=aph&AN= &site=ehost-live Simmonds M. Beware the drive-by attack. Computer Fraud & Security. 2016;2016(10): doi: /S (16)

Download ppt "Wireless Network Attacks: Tools, Attack Vectors, and Solutions."

Similar presentations

Security+ All-In-One Edition Chapter 10 – Wireless Security

Security+ All-In-One Edition Chapter 10 – Wireless Security
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.

SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.

Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
How secure are 802.11b Wireless Networks? By Ilian Emmons University of San Diego.

How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Wireless Networks: Signaling and Security William Tucker CEN 4516: Computer Networks FGCU: Fort Myers, FL: 09/05.

Wireless Networks: Signaling and Security William Tucker CEN 4516: Computer Networks FGCU: Fort Myers, FL: 09/05.
Security in IEEE 802.11 wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.

Security in IEEE wireless networks Piotr Polak University Politehnica of Bucharest, December 2008.
Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.

Simple ways to secure Wireless Computers Jay Ferron, ADMT, CISM, CISSP, MCSE, MCSBA, MCT, NSA-IAM, TCI.
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?

Chapter 7 Securing your Wireless Network (WIFI). Synopsis What is a wireless home network? What damage can a wireless network snoop do? Who are the snoopers?
December 17, 2002 1 Wi-Fi Mark Faggiano GBA 576. December 17, 20022 Purpose of the Project  I hear Wi-Fi, WLAN, 802.11 everywhere  What does it all.

December 17, Wi-Fi Mark Faggiano GBA 576. December 17, Purpose of the Project  I hear Wi-Fi, WLAN, everywhere  What does it all.
Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.

Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
Wireless Networking. Wi-Fi or 802.11 Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.

Wireless Networking. Wi-Fi or Uses radio waves (like cell phones, tv and radio). Just like wired networking except without the wires. A hot spot.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.
Securing a Wireless Network

Securing a Wireless Network

Similar presentations

Ads by Google