Attack and Defense in Wireless Networks - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Attack and Defense in Wireless Networks

Description:

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin Outline Wireless Networks and Security Attacking and defending WEP Attacking and defending WPA ... – PowerPoint PPT presentation

Number of Views:63
Avg rating:3.0/5.0
Slides: 15
Provided by: alex1186
Category:

less

Transcript and Presenter's Notes

Title: Attack and Defense in Wireless Networks


1
Attack and Defense in Wireless Networks
  • Presented by Aleksandr Doronin

2
Outline
  • Wireless Networks and Security
  • Attacking and defending WEP
  • Attacking and defending WPA/WPA2
  • Common defense techniques
  • Summary

3
Wireless Networks and Security
  • 1) What are Wireless Networks?
  • A wireless network is the way that a computer is
    connected to a router without a physical link.
  • 2) Why do we need?
  • Facilitates mobility You can use lengthy wires
    instead, but someone might trip over them.
  • 3) Why security?
  • Attacker may hack a victims personal computer
    and steal private data or may perform some
    illegal activities or crimes using the victims
    machine and ID. Also there's a possibility to
    read wirelessly transferred data (by using
    sniffers)

4
Wireless Networks and Security
  • Three security approaches
  • WEP (Wired Equivalent Privacy)
  • WPA (Wi-Fi Protected Access)
  • WPA2 (Wi-Fi Protected Access, Version 2)
  • WPA also has two generations named Enterprise and
    Personal.

5
WEP (Wired Equivalent Privacy)
  • Encryption
  • 40 / 64 bits
  • 104 / 128 bits
  • 24 bits are used for IV (Initialization vector)
  • Passphrase
  • Key 1-4
  • Each WEP key can consist of the letters "A"
    through "F" and the numbers "0" through "9". It
    should be 10 hex or 5 ASCII characters in length
    for 40/64-bit encryption and 26 hex or 13 ASCII
    characters in length for 104/128-bit encryption.

6
WPA/WPA2 Personal
  • Encryption
  • TKIP
  • AES
  • Pre-Shared Key
  • A key of 8-63 characters
  • Key Renewal
  • You can choose a Key Renewal period, which
    instructs the device how often it should change
    encryption keys. The default is 3600 seconds

7
Attacking WEP
  • iwconfig a tool for configuring wireless
    adapters. You can use this to ensure that your
    wireless adapter is in monitor mode which is
    essential to sending fake ARP (Address Resolution
    Protocol) requests to the target router
  • macchanger a tool that allows you to view
    and/or spoof (fake) your MAC address
  • airmon a tool that can help you set your
    wireless adapter into monitor mode (rfmon)
  • airodump a tool for capturing packets from a
    wireless router (otherwise known as an AP)
  • aireplay a tool for forging ARP requests
  • aircrack a tool for decrypting WEP keys

8
How to defend when using WEP
  • Use longer WEP encryption keys, which makes the
    data analysis task more difficult. If your WLAN
    equipment supports 128-bit WEP keys.
  • Change your WEP keys frequently. There are
    devices that support "dynamic WEP" which is off
    the standard but allows different WEP keys to be
    assigned to each user.
  • Use a VPN for any protocol, including WEP, that
    may include sensitive information.
  • Implement a different technique for encrypting
    traffic, such as IPSec over wireless. To do this,
    you will probably need to install IPsec software
    on each wireless client, install an IPSec server
    in your wired network, and use a VLAN to the
    access points to the IPSec server.

9
Attacking WPA
  • macchanger a tool that allows you to view
    and/or spoof (fake) your MAC address
  • airmon a tool that can help you set your
    wireless adapter into monitor mode (rfmon)
  • airodump a tool for capturing packets from a
    wireless router (otherwise known as an AP)
  • aireplay a tool for forging ARP requests
  • Capture WPA/WPA2 handshakes by forcing clients to
    reauthenticate
  • Generate new Initialization Vectors
  • aircrack a tool for decrypting WEP keys (should
    be used with dictionary)

10
How to defend when using WPA
  • Passphrases the only way to crack WPA is to
    sniff the password PMK associated with the
    handshake authentication process, and if this
    password is extremely complicated it will be
    almost impossible to crack
  • Passphrase Complexity select a random
    passphrase that is not made up of dictionary
    words. Select a complex passphrase of a minimum
    of 20 characters in length and change it at
    regular intervals

11
Common defense techniques
  • Change router default user name and password
  • Change the internal IP subnet if possible
  • Change default name and hide broadcasting of the
    SSID (Service Set Identi?er)
  • None of the attack methods are faster or
    effective when a larger passphrase is used.
  • Restrict access to your wireless network by
    filtering access based on the MAC (Media Access
    Code) addresses
  • Use Encryption

12
Summary
  • Change all possible default router settings
  • Use encryption (WPA/WPA2)
  • Use long and complex keys/passphrases

13
Thank you!
14
References
  • http//www.backtrack-linux.org/
  • http//www.aircrack-ng.org/
  • http//www.youtube.com/results?search_querycracki
    ngWEPandWPAwithbacktrackoqcrackingWEPand
    WPAwithbacktrackaqfaqiaql1gs_smegs_upl
    1621l12434l0l12642l47l46l0l30l0l0l412l4248l0.3.8.3
    .2l16l0
Write a Comment
User Comments (0)
About PowerShow.com