Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless LAN Security Understanding and Preventing Network Attacks.

Published byCody McKenna Modified over 10 years ago

Similar presentations

Presentation on theme: "Wireless LAN Security Understanding and Preventing Network Attacks."— Presentation transcript:

1 Wireless LAN Security Understanding and Preventing Network Attacks

2 Objectives Demonstrate how to recognize, perform, and prevent attacks Discuss the impact of these attacks on an organization

3 Topics Wireless LAN Auditing Tools Wardriving Freeway discovery applications NetStumbler, Kismet and KisMAC Wireless Zero Configuration Wireless Client Utilities Gathering information Conclusion

4 802.11 in a nutshell 802.11 Link-layer protocol, IEEE Wi-Fi and Wi-Fi Alliance Spectrum Ad-hoc mode (peer-to-peer), Infrastructure mode (with AP) Packets (source, destination, BSSID) –Data –Management (Beacons, Deauthentication) –Control (RTS, CTS)

5 Wireless LAN Auditing Tools Auditing is the act of verifying that the configuration of the network is in compliance with policies and provides adequate protection from attackers of both the malicious and unintentional natures. Auditing procedures include penetration testing, configuration verification and other device and system-specific measures.

6 Cont… Few examples of auditing tools are: –Wireless LAN Discovery Tools –Wireless Protocol Analyzers –Antennas and WLAN Equipment –Password Capture and Decrypt –Hijacking Tools –RF Jamming Tools –Etc..

7 Wardriving Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle using a Wi-Fi-equipped computer, such as a laptop or a PDA. Software for wardriving is freely available on the Internet, notably, NetStumbler for Windows, Kismet for Linux, and KisMac for Macintosh. Source : http://en.wikipedia.org/wiki/Wardriving

8 NetStumbler NetStumbler (also known as Network Stumbler),written by Marius Milner, is a tool for Windows that facilitates detection of Wireless LANs using the 802.11b, 802.11a and 802.11g WLAN standards. It runs on Microsoft Windows operating systems from Windows 98 on up to Windows Vista. More information about Netstumbler can be found at www.Netstumbler.com.www.Netstumbler.com A trimmed-down version called MiniStumbler is available for the handheld Windows CE operating system. source: http://en.wikipedia.org/wiki/NetStumbler

9 Cont… When NetStumbler finds an access point, it display the following information: –MAC Address –SSID –Access Point name –Channel –Vendor –Security (WEP on or off) –Signal Strength –GPS Coordinates (if GPS is attached)

10 Cont… Sample output from NetStumbler

11 Kismet Kismet, written by Mike Kershaw, is an 802.11 wireless packet analyzer. It runs on the Linux operating system and works with most wireless cards that are supported under Linux. kismetwireless.net is a large source of information about the use of Kismet and war driving.

12 Cont… Some features of Kismet are: –Multiple Packet sources –Channel hopping –IP block detection –Hidden SSID Decloaking –Manufatcurer Identification –Detection of Netstumbler clients –Runtime decoding of WEP packets. –etc

13 KisMAC KisMAC is a wireless network discovery tool for Mac OS. It has a wide range of features, similar to those of Kismet and it is more powerful than Kismet. More information can be found by searching for KisMAC at google.com

14 Wireless Zero Configuration Wireless Zero Configuration (WZC), also known as Wireless Auto Configuration, or WLAN AutoConfig. It is a service that dynamically selects a wireless network to connect to based on a user's preferences and various default settings. It is included with modern versions of Microsoft Windows. More information about WZC can be found at www.microsoft.com, search with the keyword wireless auto configuration. www.microsoft.com

15 Cont… WZC Available Networks

16 Wireless Client Utility Software Wireless Client Utility Software is used to perform site surveys and, in effect, network discovery. These software tools gives the information that include list of available networks, Security (WEP on or off) and the channels that are using.

17 Wireless Client Utility Hardware The most common tools used in wireless LAN discovery are: –Laptops and table PCs. –Handheld and PDAs. –Wi-Fi Finders. –Antennas and wireless LAN Equipment.

18 Gathering Information Auditors and attackers use various processes to gather information about a network. The various methods include: Social engineering Search Engines Public Records Garbage Collection

19 Social Engineering Some well-known targets for this type of attack are: –Help Desk –On-site contractors –Employees

20 Conclusions A Wireless network administrator or Auditor should understand how to secure his or her wireless devices over time withstanding new vulnerabilities and attacks. Explained some available Freeware discovery applications.

Download ppt "Wireless LAN Security Understanding and Preventing Network Attacks."

Similar presentations

SEMINAR ON Wi-Fi.

SEMINAR ON Wi-Fi.
Anatomy of an 802.11 Wi-Fi Enterprise Wireless LAN Chris De Herrera Pacific Crest Bank Chief Information Officer Webmaster, Tablet PC Talk, CEWindows.NET.

Anatomy of an Wi-Fi Enterprise Wireless LAN Chris De Herrera Pacific Crest Bank Chief Information Officer Webmaster, Tablet PC Talk, CEWindows.NET.
Wi-Fi Technology.

Wi-Fi Technology.
Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)

Wi-Fi Technology ARTI J JANSARI M.E.(C.S.E.):-1ST (E.C.)
Ethical Hacking Module XV Hacking Wireless Networks.

Ethical Hacking Module XV Hacking Wireless Networks.
ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.

ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.
Overview How to crack WEP and WPA

Overview How to crack WEP and WPA
Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.

Network Attacks. Topics Objectives Rogue Devices Rogue Infrastructure Hardware Placement Data Theft & Malicious Insertion Security Feature Weaknesses.
Wireless Monitoring and Protection. Topics Objectives Protocol Analyzers WIPS Common WIDS/WIPS Features Conclusion.

Wireless Monitoring and Protection. Topics Objectives Protocol Analyzers WIPS Common WIDS/WIPS Features Conclusion.
SMC2804WBRP-G Barricade™ g 2.4GHz 54Mbps Wireless Cable/DSL Broadband Router with USB Print Server SMC2804WBRP-G www.smc.com.

SMC2804WBRP-G Barricade™ g 2.4GHz 54Mbps Wireless Cable/DSL Broadband Router with USB Print Server SMC2804WBRP-G
“All your layer are belong to us” Rogue 802.11 APs, DHCP/DNS Servers, and Fake Service Traps.

“All your layer are belong to us” Rogue APs, DHCP/DNS Servers, and Fake Service Traps.
Introduction to Site Surveys Matt Larsen, CEO Skybeam.

Introduction to Site Surveys Matt Larsen, CEO Skybeam.
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.

Presentation viewer : _ Mahmoud matter. Ahmed alasy Dr: Rasha Atallah.
Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy

Chapter 14 Wireless Attacks, Intrusion Monitoring and Policy
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
Analysis of 802.11 Privacy Jim McCann & Daniel Kuo EECS 598.

Analysis of Privacy Jim McCann & Daniel Kuo EECS 598.

Similar presentations

Ads by Google