Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireshark Primer with an emphasis on WLAN’s

Similar presentations


Presentation on theme: "Wireshark Primer with an emphasis on WLAN’s"— Presentation transcript:

1 Wireshark Primer with an emphasis on WLAN’s
Gary Hampton Kentuckiana ISSA Workshop 3/12/2011

2 Outline Objective Types of Sniffers Wireshark background
Physical Layer MAC Layer Security Capturing basics Wireless traces How to’s: tcp stream, statistics, filters, profiles

3 Objective Improve your knowledge of Wireshark and how sniff traffic
Be able to create filters and navigate Wireshark Improve your knowledge of the protocol and wireless networking

4 Types of sniffers Specialty sniffers Device specific Commercial grade
Cain and Able Dsniff Tcpdump/windump Device specific Intrusion detection systems Modern access points Microsoft’s Netmon Commercial grade Wild Packet’s Omnipeek NetScout Wireshark CACE Pilot (Wireshark interface); Riverbed Technology

5 Why Wireshark? Why use Wireshark? When to use a commercial sniffer?
Excellent price $0 Full blown sniffer Supports multiple file formats: MS Netmon, Wild Packets, Sun Snoop, Kismet Sharing traces with other work groups When to use a commercial sniffer? When sniffing large amounts of data (e.g. 1GB) When presenting graphs and documents to upper level management

6 Wireshark Created by Gerald Combs
1998 Ethereal 2006 Cace Technologies “Wireshark” Purchased by Riverbed Technology 2010 Maintained by a group of developers today Released under GNU General Public License (GNU GPL) Free downloads available for Windows, Mac OS X, Linux, FreeBSD and U3 devices Graphical and command versions Mailing list for new releases

7 Wireshark Requirements
Any modern 32-bit/64-bit x86 or AMD processor Minimum 128MB available RAM (more is better ) 75MB available disk space Network cards Any Ethernet card supported by Windows Wireless Windows – AirPcap adaptors only Linux – not all, but most Linux drivers will support monitor mode

8 Uses for Wireshark Troubleshoot performance issues
Identify device configuration issues Identify malicious traffic Perform intrusion detection Evaluate response times Baseline bandwidth usage Identify application protocols and ports Assess wireless networks

9 What does it take to be good at analyzing traces?
Be familiar with the sniffer’s features Be familiar with networking protocols Your effectiveness is directly proportional Research RFC’s, Google, etc. Know your network and the applications that utilize it Baseline

10 Physical Layer

11 802.11b/g/n 2.4GHz band 3 non-overlapping channels in the 2.4GHz band
CSMA/CA Unlicensed spectrum Microwave ovens Bluetooth Wireless cameras Cordless phones Other devices Ham radio operators

12 802.11a/n 5 GHz band Unlicensed National Information Infrastructure (U-NII) band 12 non-overlapping channels in the 5 GHz band In 2004, the FCC allocated the 5.32 – GHz band, providing 12 additional channels Devices must support IEEE h Dynamic Frequency Selection 2 and Transmit Power Control Radar usage Terminal Doppler Weather Radar (TDWR) operate between5.6 – 5.65 GHz FCC recommends not using those channels when within 35km of a TDWR Frequency Channel U-NII lower band 40 5.200 GHz 36 5.180 GHz 44 5.220 GHz 48 5.240 GHz U-NII middle band 52 5.260 GHz 56 5.280 GHz 60 5.300 GHz 64 5.320 GHz U-NII upper band 149 5.745 GHz 153 5.765 GHz 157 5.785 GHz 161 5.805 GHz

13 Spectrum Analyzers Kismet (not a SA, but can identify AP’s)
WIDS/WIPS/modern AP’s Metageek Wi-Spy - Chanalzer Berkley Varitronics Systems Bumblebee Air Magnet Spectrum XT Cisco Spectrum Expert Anritsu/Tektronix/HP/Bird Technologies

14 Anritsu Spectrum Analyzer

15 Anritsu Spectrum Analyzer

16 MAC Layer

17 Frame Comparison 802.3 Frame 802.11 Frame Preamble Dest. Addr
Source Addr Type Field Payload CRC 8 Bytes 6 Bytes 2 Bytes Bytes 2-4 Bytes Frame

18 802.11 Frame Control Fields Version – specifies the protocol number.
Type – Specifies frame type (Mgmt, Control or Data) Subtype – e.g. association, CTS

19 802.11 Frame Control Fields continued
To DS/From DS To DS set -> to the wired network From DS set -> from the wired network Both bits set -> wireless bridge (WDS network) Both bits cleared -> ad-hoc network

20 802.11 Frame Control Fields continued
MF – More fragments Retry Pwr – Power mgmt More – More data W – WEP

21 Power Management CAM (Continuous awareness mode): Radio never shuts down. Provides best network performance, uses the most battery power PSP 1: Excellent network performance, uses less battery power PSP 2: Great network performance, uses less battery power PSP 3: Good network performance, uses less battery power PSP 4: Adequate network performance, uses less battery power PSP 5: Acceptable network performance, uses the least battery power

22 802.11 Frame To DS/From DS bits
To DS set -> to the wired network From DS set -> from the wired network Both bits set -> wireless bridge (WDS network) Both bits cleared -> ad-hoc network

23 Address order - infrastructure
Mode To DS From DS Address 1 Address 2 Address 3 Address 4 Adhoc Rx Addr/Dest Addr Tx Addr/Src Addr BSSID N/A Infrastructure 1 Tx Addr/BSSID Src Addr Dest Addr WDS Rx Addr Tx Addr

24 MAC Frames Management Used for connecting and disconnecting from the WLAN. Includes beacons, probes, authentication and association request/responses. Control Used to acknowledge receipt of data (Data-ACK, RTS-CTS-Data-ACK, CTS-Data-ACK). Data The only frames that include an encrypted payload in a WLAN. Encapsulates user data over the WLAN (e.g. IP and ARP traffic).

25 Client Association

26 Security

27 Encryption and Authentication Options
WPA-PSK and WPA2-PSK Used a hierarchy of keys (see the in depth security slides at the end of this presentation for more information) WPA-PSK and WPA2-PSK both use the 4-way handshake to generate the Pair wise Transient Key. Pair wise Master Keys are the same for all systems on the same WPA-PSK or WPA2-PSK network If you capture the 4-way handshake (EAPOL protocol) and know the PSK and SSID, Wireshark can decrypt WPA and WPA2 PSK packets WPA and WPA2 Enterprise Uses 802.1x with EAP (Extensible Authentication Protocol) to authenticate client (supplicant) and access point (authenticator) instead of PSK Uses per user, per session keys; therefore Wireshark and sniffers in general, cannot decrypt packets See security slides at the end of the presentation for more information

28 Sample WPA 4-way Handshake

29 Capture basics

30 Wireshark capture flow
Libpcap – link layer interface for capturing on Linux or Unix (tcpdump) WinPcap – Windows port of libpcap AirPcap – link layer interface and network adaptor to capture traffic on Windows

31 Capturing wireless traffic
Determine location for sniffer(s) Select the appropriate interface and data capturing options Performance issues Disable, update list of packets in real time Disable network name resolution Reduce # of columns Disclaimer Only capture traffic on networks that you have permission to do so.

32 Where do I place the sniffer?

33 Sniffing wired traffic
Hub Switched networks Port Mirroring/Port Spanning Taps

34 Sniffing Wireless traffic
Promiscuous mode adaptor only captures packets of the SSID the adaptor has joined. Monitor mode The driver does not make the adaptor a member of any SSID on the network. All packets of all SSID’s from the currently selected channel are captured. Windows – must use AirPcap from CACE Technologies Linux – most Linux drivers support monitor mode \

35 Wireshark Startup Capture area Files area Online Help

36 Wireshark Layout Filter toolbar Wireless Toolbar Packet List
Packet Details Packet Bytes Status bar

37 Capture Interfaces

38 Capture Filters Limit the packets saved while capturing traffic
Helpful when capturing traffic on a busy network or focusing on a specific problem Problems: You cannot get the discarded packets back No error checking on syntax like display filters Filter options: Type, Direction, and Protocol Tcp – filters on TCP traffic Ether src 00:A0:F8:12:34:56 – traffic from Ethernet address host – capture traffic to/from cnn.com

39 Setting up profiles Wireshark allows you to configure profiles for displaying different uses. E.g. analyzing WLAN traces. Edit->configuration profiles->new->enter profile name (e.g. WLAN) Any capture or displayed filters, column changes will be saved under this profile when it is in use

40 Statistical Analysis Summary
Provides summary of sniffer trace: Date, length Capture format Packet and byte counts Time elapsed Capture filters used

41 Protocol Hierarchy Statistics
Displays a list of the types traffic and percentage. Used to identify anomalies and suspect traffic. Example: wpa-induction.pcap Statistics->Protocol Hierarchy

42 Identifying top talkers
Conversations statistics will list pairs of devices that are communication with each other Open trace wlan-ap-problem.pcap Statistics->conversations Select WLAN tab End points is similar, but only shows a single end point or node.

43 Basic Display Filters Display.field.name operator value Operators
eq, == Equal ne, != Not Equal gt, > Greater than lt, < Less than ge >= Greater than or Equal to le, <= Less than or Equal to contains, Contains specified data AND, && OR, || Negate, NOT or !

44 Coloring Rules for traffic
Color rules are used to help make reading the traces easier and identify problems. Example Open airodrop-ng2 trace and add the coloring rules: View->coloring rules->new->name and filter expression->choose colors: Deauthentication frames Wlan.fc.type_subtype eq 12 Packet retries Wlan.fc.retry eq 1 Affects load time for traces

45 IO Graphs Allows Wireshark to graphical depict traffic flow trends.
Used to identify network performance issues TCP round trip time (data – ACK) Open the wlan-signalissue trace Statistics ->IO graph Add filter for signal strength Ppi common.dbm.antsignal

46 Decrypting Frames Wireshark can decrypt WEP, WPA-PSK and WPA2-PSK
If using driver, then only WEP can be decrypted Trace must include the 4-way handshake frames to derive PTK to decrypt Open trace wpa-induction Verify 4-way handshake was captured in the trace Apply protocol filter “EAPOL” and select Apply

47 Decrypting Frames continued
Clear the EAPOL filter Edit->preferences->protocols->IEEE Enter PSK and SSID in format wpa-pwd:PSK:SSID Wpa-pwd:Induction:Coherer Check “enable decryption” May have to toggle the “ignore vendor specfic HT elements” and “assume packets have FCS” Select “Apply” and “OK” Open the Protocol Hierarchy Statistics, and note the additional protocols that are listed.

48 DWEP client unable to connect to the AP
Open the tulcsp1 trace file Examine the beacon frame #2 What channel is the AP on? What is the data rate for the beacon? What type of security is in use? Set filter to not show beacons !wlan.fc.type_subtype eq 8 Examine the association/authentication process, why does the client not associate? Hint: Look at frames 12 and 15

49 Example: Slow Response problem w/wireless terminals

50 PS-Poll and round trip response

51 WLAN Stats DoS attack with airdrop-ng
Airdrop-ng is configured to deauth ANY clients associated to AP 00:1F:33:E6:5E:09 Open Airdrop-ng2 trace Show statistics for WLAN Statistics->WLAN View deauth stats

52 Follow TCP Stream example
Open the trace named ftp.pcap Examine packet 10, what is the password? Select a TCP or FTP packet and right click. Select the Follow TCP Stream option

53 Recommended reading www.wireshark.org Wiki.wireshark.org
Laura Chappell’s Wireshark Network Analysis Joshua Wright Ed Skoudis’ “skillz”

54 Thanks!

55 Wi-Fi Protected Access Overview
Designed as an interim solution to run on existing hardware until a more robust security standard could be developed Temporal Key Integrity Protocol (TKIP) for confidentiality and integrity of wireless traffic Constraints Must be adopted by software upgrade limited processing capacity with existing AP’s Based on RC4 encryption, like WEP

56 TKIP Security Mechanisms
Improves security over WEP within design constraints Message Integrity Check (MIC) - defeats forgery attempts IV sequencing - defeats replay attacks Re-keying - defeats reuse attacks Key mixing - protects key

57 Message Integrity Check (MIC)
Michael Protocol Calculates crypto hash of packet contents two 32-bit words (64bits) Sender includes hash in encrypted message Receiver verifies hash If hacker attempts to modify the packet in transit, the change will crate a different calculated MIC hash then the stored hash value (attacker does not know the 64 bit MIC key and are unable to recalculate a valid hash)

58 Michael continued Michael can only provide 29 bits of security
due to design constraints (CPU limitations of access points) Attacker can try to guess MIC 2^29 packets to guess MIC On an b network it would take approximately 2 minutes to guess MIC 802.11i Counter Measures If AP receives more than 2 packets with an invalid MIC within 60 seconds: AP must deauthenticate all users AP shutdowns for 60 seconds

59 IV Sequential Enforcement
Used to defeat replay attacks TKIP requires sequential IV transmitted in clear in the field formerly known as WEP IV 16 bit sequence counter (65535 numbers) TKIP Sequence Counter (TSC) never repeats (keys are rotated and seq # resets to 0) AP and clients track IV sequence Too small IV’s are discarded Too large IV’s are subjected to other validation tests (MIC, ICV) Causes problems for QoS E.g. voice

60 Example: replay attack

61 Re-keying protection Key Hierarchy
TKIP uses 3 levels of keys and regular key rotation Master keys - highest level derived from 802.1x or pre-share key for WPA-PSK protects intermediate keys Key Encryption Keys - intermediate protects temporal keys Temporal keys - lowest level used to encrypt data rotated with a packet count frequency

62 TKIP Keys PSK - Pre-shared key PMK - Pair wise Master Key
Passphrase (8 to 63 characters) PMK - Pair wise Master Key derived from PSK or EAP method PTK - Pair wise Transient Key Temporal key Two MIC Keys (RX and TX) EAPOL Key Encryption Key EAPOL Key Confirmation Key

63 WPA-PSK PMK derivation
Pair wise Master Key Derived using passphrase, ssid and ssid length The same for all systems on the same WPA-PSK network PMK for WPA-PSK is 256 bits Is used to generate the Pair wise Transient Key (PTK) or intermediate key PMK = PBKDF2 (passphrase, ssid, ssidlen, 4096, 256) Hashed 4096 times using hmac-sh1 Pseudo-random # that cannot be reversed Used to defeat dictionary attacks Since the PSK could be a weak key, it is not used to derive the intermediate key 8192 hashing values, it is done twice

64 WPA PTK derivation Combines MAC of STA and AP with STA nonce and AP nonce nonce - 128-bit unique value that is not duplicated for the lifetime of the transaction. Not a secret, sent in plain-text PTK is never sent over the network; both the supplicant and the authenticator calculate PTK with knowledge of input data PTK keys are unique for each pair of stations on the network Generates a 512-bit output PRF hash using SHA1 PTK = PRF-512(PMK, “Pair wise Key Expansion”, AA, SPA, ANOUNCE, SNOUNCE)

65 PTK Mapping PTK is 512 bits or 64 bytes in length
HMAC MIC Key - 1st 16 bytes validates the contents of the EAPOL-Key frames EAPOL-KEY KEK - 2nd 16 bytes protects the confidentiality of new key updated in future EAPOL-Key messages Temporal Encryption key - next 16 bytes protects the data TX MIC Key used by transmitting station to calculate hash of the data packet using Michael RX MIC Key used by the receiving station to verify the stored hash that is transmitted in the data packets. EAPOL-Key KEK is used 4 times before it is changed (2x for MC, and 2x for unicast)

66 WPA 4-way Handshake

67 Problems with WPA-PSK Passphrase is susceptible to off-line dictionary attacks Examples: coWPAtty aircrack-ng Recommendations for implementing WPA-PSK Use non-common ESSIDs Used random characters (63 characters in length for passphrase) Avoid dictionary words or variations of dictionary words (e.g. pa55word or PaSsWoRd)

68 WPA2 Supports both TKIP and CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) CCMP Uses same PMK and PTK key hierarchy as TKIP Uses the same 4-way handshake PTK derivation as TKIP Based on AES (Advanced Encryption Standard) cipher, not RC4 AES provides for strong encryption Can not be used with legacy hardware

69 WPA2 advantages over WPA
WPA2 supports all features of WPA Uses AES-CCMP for encryption Provides for faster roaming between access points Reduces overhead in 4-way handshake 802.1x pre-authentication Opportunistic key caching support Faster Roaming Reduction in overhead because TKIP performs handshake twice (once for unicast and once for broadcast) If a station is authenticated, then it can exchange 802.1x credentials and derive a new PMK. This allows the station to roam more quickly, by eliminating the need to exchange EAP credentials over the air when roaming (as opposed to when the station first connects to the AP)

70 WLAN Authentication methods

71 802.1x IEEE standard for authentication framework for 802 LANs
Originally designed for wired networks Advantages Mutual authentication Authentication of both the client and the authenticator/authentication server Protects client from rogue access points Protects network from unauthorized access Port based access control Restricts the access of a device to only authentication traffic (802.1x/EAP/RADIUS protocols) via a controlled port Once authenticated, the controlled port is switched to an authorized state allowing the device to communicate on the network

72 802.1x Port Access Control

73 EAP Extensible Authentication Protocol (EAP)
Authentication framework used in wireless networks and Point-to-Point connections Provides some common functions and a negotiation of the desired authentication algorithm. Factors to consider when choosing an EAP authentication algorithm. Mutual authentication Both client and server authenticate each other Certificate requirements Options include : none, server only, both client and server Dynamic Key Generation Static key versus rotating key Cost & Management support Industry Support

74 Common EAP algorithms EAP-MD5
1st authentication type created Not used in WLANs Does not support dynamic keying MD5 hash is susceptible to dictionary attacks. LEAP (Lightweight Extensible Authentication Protocol) CISCO proprietary EAP method Provides per user, per session encryption keys Only supports password authentication. Vulnerable to attacks from ASLEAP. EAP-TLS (EAP-Transport Layer Security) Developed by Microsoft Requires both client and server certificates Supports mutual authentication

75 802.1x with PEAP example

76 EAP Type Comparisons No Yes Yes Yes Yes No No Client/Server
EAP-MD5 LEAP EAP-TLS EAP-TTLS PEAP Mutual Authentication No Yes Yes Yes Yes Certificates Required No No Client/Server Server Only Server Only Dynamic Key Generation No Yes Yes Yes Yes Costs and Management Overhead Low Low High Low/Medium Low/Medium Industry Support Low High Medium High High

77 Security Standards Comparison
Authentication Method Encryption Standard Cipher Legacy a,b,g Open system or Shared Key WEP RC4 WPA Personal WPA Passphrase (PSK) TKIP WPA Enterprise 802.1x EAP, PEAP, EAP-TLS WPA2 Personal CCMP AES WPA2 Enterprise EAP, PEAP, EPA-TLS


Download ppt "Wireshark Primer with an emphasis on WLAN’s"

Similar presentations


Ads by Google