Professional Documents
Culture Documents
Introduction
Goals
After completion of this lesson, our wireless communication will never be the same as we will the potential threats associated to the wireless network. Beware of invisible wireless hacker!
Objectives
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
Managed Mode
Monitor Mode
Master Mode
Ad Hoc Mode Station (STA)
MAC Address
Attacker/ Auditor 3 Station (STA)
ESSID
00-04-5a-03-3c-0f
OUI
Nokia Linksys
http://standards.ieee.org/regauth/oui/index.shtml
Copyright 2012 CyberSecurity Malaysia
Managed Mode
Master Mode
Ad Hoc Mode
Ad Hoc Mode
WiFi Networking
1 Station Probes
Access Point
Station
Probe Request Probe Response AUTH Request AUTH Response Assoc Request Assoc Response
Access Point
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
INTRANET
Virus & Malware Desktop Inside Threat
Data Theft
10
1 Rogue AP Connected
to Network
Hacker
Laptop
Desktop
3 Non-Compliant AP
Public Wi-Fi AP
4 Neighboring AP
11
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
12
Two Michigan men repeatedly cracked Lowes nationwide network from a 1995 Pontiac Grand Prix parked outside a suburban Detroit store. Charged with penetrating and intentionally damaging a Lowes system. First hopped onto the Wi-Fi network at the store to access the companys central data center at Lowes headquarters. Deployed hacking software, in one case crashing the point of sale terminals.
Electronics Retailer
A Wholesale club
Hacked via wireless network at a store location, credit card data was stolen AND used to the tune of $20M. The lax security found by the FTC to be an unfair trade practice; now under 9 years of probation and have to institute security measures and hire 3rd party auditor
13
Attacker
t 2
Attacker
Server
Server
Server
Computer
14
15
Yagi Antenna
Copyright 2012 CyberSecurity Malaysia
Omni Antenna
16
Evolving to
Hacker / Soft AP Rogue Access Point Ad Hoc Network
Neighbor Station
Copyright 2012 CyberSecurity Malaysia
22
Access Point
Access Point
shutdown the target AP from communicating with any device shutdown the Station from communicating with any device. shutdown any network devices
Copyright 2012 CyberSecurity Malaysia
23
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
24
25
26
27
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
28
Target (User)
1. User enjoying good connection 2. Impersonate AP by spoofing the MAC 3. Send Disassoc & Deauth frames
AP
MAC: 00 02 2D 50 D1 4E
2
NEW MAC: 00 02 2D 50 D1 4E ORIGINAL MAC: 00 12 2D 50 43 1E
Attack against personal anonymity Wireless technology is inherently chatty and often uniquely tied to the user Wireless cards will periodically search for their preferred networks by name Attacker can eavesdrop on this conversation to identify unique names Can associate location to network name
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
32
33
35
36
37
38
39
WiFi Network Fundamentals Wired Network vs. WiFi Network Common Problem and WiFi Threats WiFi Protocol Attacks WiFi Client Attacks WiFi Data Disclosure End Words
40
Best Practices
Educate the wireless user on the proper usage and security issues
Client Station
Summary
WiFi hacking tools are available freely and ..anyone can run them. WiFi attacks are getting more dangerous, in what they can do! We must change the way we think about WiFi security
Corporate Office:
CyberSecurity Malaysia, Level 8, Block A, Mines Waterfront Business Park, No 3 Jalan Tasik, The Mines Resort City, 43300 Seri Kembangan, Selangor Darul Ehsan, Malaysia. T +603 8946 0999 F +603 8946 0888
www.cybersecurity.my
43