cmgt/441 intro. to information systems security management information technology university of...
TRANSCRIPT
- Slide 1
- CMGT/441 Intro. to Information Systems Security Management Information Technology University of Phoenix Kapolei Learning Center Week #4 1 Hacking Wireless Networks Philip Robbins December 19, 2013
- Slide 2
- 2 Hacking Wireless Networks Topics Understanding Wireless Technology & Standards Tools Hacking WEP, WPA, WPA2 Uncovering SSIDs Bypassing MAC Address Filtering De-Authentication & Mis-Association Review Q&A Quiz #4
- Slide 3
- 3
- Slide 4
- 4 Understanding Wireless Standards IEEE 802.11 IEEE came up the 802.11 standard for wireless ethernet. OSI Layers 1 & 2 79 channels, 2.4 to 2.4835 GHz (USA) Half Duplex CSMA/CA (Avoidance) v.s. CSMA/CD (Detection) Modulation Techniques
- Slide 5
- 5 Understanding Wireless Standards Center Frequency & Channels for 2.4 GHz
- Slide 6
- 6 Understanding Wireless Standards 4 Way Handshake
- Slide 7
- 7 Understanding Wireless Standards 802.11 Standards
- Slide 8
- 8
- Slide 9
- 9 Tools Alfa AWUSO36H WiFi Network Adapter
- Slide 10
- 10 Tools Alfa AWUSO36H WiFi Network Adapter
- Slide 11
- 11 Tools Alfa AWUSO36H WiFi Network Adapter 30dBm = 1W
- Slide 12
- 12 Tools Netgear Wireless Router
- Slide 13
- 13 Tools Netgear Wireless Router TARGET AP
- Slide 14
- 14 Tools Netgear Wireless Router TARGET 192.168.1.1
- Slide 15
- 15 Tools / Configuration password
- Slide 16
- 16 Tools / Configuration Forgot the password for your router? or your neighbors?
- Slide 17
- 17 Tools / Configuration password WEP CONFIGURATION
- Slide 18
- 18 Tools / Configuration
- Slide 19
- 19 Tools / Configuration Authentication?
- Slide 20
- 20 Tools / Configuration WPA CONFIGURATION
- Slide 21
- 21 Tools / Configuration
- Slide 22
- 22 Tools / Configuration password
- Slide 23
- 23 Tools Backtrack 5r3 Ubuntu Linux Distribution providing a comprehensive collection of security-related tools for digital forensics and pen testing use. http://www.backtrack-linux.org/downloads/ 1 2 3 4
- Slide 24
- 24 Tools
- Slide 25
- 25 Tools
- Slide 26
- 26 Tools
- Slide 27
- 27 Tools
- Slide 28
- 28 Tools AirSnort replacement.
- Slide 29
- 29 Understanding Wireless Technology Wi-Fi Protected Access (WPA) Touted as a step up from WEP Weak passphrases renders the protection inadequate False sense of security Network Sniffers TKIP v.s. AES
- Slide 30
- 30 Cracking WPA
- Slide 31
- 31 Cracking WPA
- Slide 32
- 32 Cracking WPA
- Slide 33
- 33 r Cracking WPA
- Slide 34
- 34 r Cracking WPA
- Slide 35
- 35 Cracking WPA
- Slide 36
- 36 r Cracking WPA
- Slide 37
- 37 r Cracking WPA
- Slide 38
- 38 Cracking WPA
- Slide 39
- 39 r Cracking WPA
- Slide 40
- 40 r Cracking WPA
- Slide 41
- 41 Cracking WPA
- Slide 42
- 42 Cracking WPA
- Slide 43
- 43 Cracking WPA Can take a few hours to go through 1+ million keys
- Slide 44
- 44 Cracking WPA
- Slide 45
- 45 Cracking WPA
- Slide 46
- 46 Understanding Wireless Technology Wired Equivalent Privacy (WEP)
- Slide 47
- 47 Understanding Wireless Technology Wired Equivalent Privacy (WEP) Confidentiality Access Control Data Integrity In reality, none of these are actually enforced!
- Slide 48
- 48 Understanding Wireless Technology Wired Equivalent Privacy (WEP) Stream Cipher using XOR Keystream 64-bit Keyspace (2^64 keys) 128-bit Keyspace (2^128 keys) 40 bits24 bits
- Slide 49
- 49 Understanding Wireless Technology Wired Equivalent Privacy (WEP)
- Slide 50
- 50 Understanding Wireless Technology Wired Equivalent Privacy (WEP)
- Slide 51
- 51 Understanding Wireless Technology Wired Equivalent Privacy
- Slide 52
- 52 Cracking WEP
- Slide 53
- 53 Cracking WEP
- Slide 54
- 54 Cracking WEP
- Slide 55
- 55 Cracking WEP
- Slide 56
- 56 Cracking WEP
- Slide 57
- 57 Cracking WEP
- Slide 58
- 58 Cracking WEP 1 2 3
- Slide 59
- 59 Bypassing MAC filtering
- Slide 60
- 60 Review Questions Question #1 Which IEEE standard defines authentication and authorization in wireless networks? a.802.11 b.802.11a c.802.11b d.802.11X
- Slide 61
- 61 Review Questions Question #1 Which IEEE standard defines authentication and authorization in wireless networks? a.802.11 b.802.11a c.802.11b d.802.11X
- Slide 62
- 62 Review Questions Question #2 Which IEEE standard defines wireless technology? a.802.3 b.802.5 c.802.11 d.All 802 standards
- Slide 63
- 63 Review Questions Question #2 Which IEEE standard defines wireless technology? a.802.3 b.802.5 c.802.11 d.All 802 standards
- Slide 64
- 64 Review Questions Question #3 Which wireless encryption standard offers the best security? a.WPA2 b.WEP c.SSL d.WPA
- Slide 65
- 65 Review Questions Question #3 Which wireless encryption standard offers the best security? a.WPA2 b.WEP c.SSL d.WPA
- Slide 66
- 66 Review Questions Question #4 What information can be gathered by wardriving? a.SSIDs of wireless networks b.Whether encryption is enabled c.Whether SSL is enabled d.Signal strength
- Slide 67
- 67 Review Questions Question #4 What information can be gathered by wardriving? a.SSIDs of wireless networks b.Whether encryption is enabled c.Whether SSL is enabled d.Signal strength
- Slide 68
- 68 Review Questions Question #5 What is a known weakness of wireless SSIDs? a.Theyre broadcast in cleartext b.Theyre difficult to configure c.They use large amounts of bandwidth d.They consume an excessive amount of computer memory
- Slide 69
- 69 Review Questions Question #5 What is a known weakness of wireless SSIDs? a.Theyre broadcast in cleartext b.Theyre difficult to configure c.They use large amounts of bandwidth d.They consume an excessive amount of computer memory
- Slide 70
- 70 Review Questions Question #6 Wi-Fi Protected Access (WPA) was introduced in which IEEE 802 standard? a.802.11a b.802.11b c.802.11i d.802.11
- Slide 71
- 71 Review Questions Question #6 Wi-Fi Protected Access (WPA) was introduced in which IEEE 802 standard? a.802.11a b.802.11b c.802.11i d.802.11
- Slide 72
- 72 Review Questions Question #7 What protocol was added to 802.11i to address WEPs encryption vulnerability? a.MIC b.TKIP c.TTL d.EAP-TLS
- Slide 73
- 73 Review Questions Question #7 What protocol was added to 802.11i to address WEPs encryption vulnerability? a.MIC b.TKIP c.TTL d.EAP-TLS
- Slide 74
- 74 Review Questions Question #8 Disabling SSID broadcasts must be configured on the computer and the AP. True or False? a.TRUE b.FALSE
- Slide 75
- 75 Review Questions Question #8 Disabling SSID broadcasts must be configured on the computer and the AP. True or False? a.TRUE b.FALSE
- Slide 76
- 76 Review Questions Question #9 The operating frequency range of 802.11a is 2.4 GHZ. True or False? a.TRUE b.FALSE
- Slide 77
- 77 Review Questions Question #9 The operating frequency range of 802.11a is 2.4 GHZ. True or False? a.TRUE b.FALSE
- Slide 78
- 78 Review Questions Question #10 What TKIP enhancement addressed the WEP vulnerability of forging packets? a.Extended Initialization Vector (IV) with sequencing rules b.Per-packet key mixing c.Rekeying mechanism d.Message Integrity Check (MIC)
- Slide 79
- 79 Review Questions Question #10 What TKIP enhancement addressed the WEP vulnerability of forging packets? a.Extended Initialization Vector (IV) with sequencing rules b.Per-packet key mixing c.Rekeying mechanism d.Message Integrity Check (MIC)
- Slide 80
- 80 Review Questions Question #11 Which EAP method requires installing digital certificates on both the server and client? a.EAP-TLS b.PEAP c.EAP-SSL d.EAP-CA
- Slide 81
- 81 Review Questions Question #11 Which EAP method requires installing digital certificates on both the server and client? a.EAP-TLS b.PEAP c.EAP-SSL d.EAP-CA
- Slide 82
- 82 Review Questions Question #12 (last one) Which spread spectrum method divides bandwidth into a series of frequencies called tones? a.Frequency-hopping spread spectrum (FHSS) b.Direct sequence spread spectrum (DSSS) c.Spread spectrum frequency tonation (SSFT) d.Orthogonal frequency division multiplexing (OFDM)
- Slide 83
- 83 Review Questions Question #12 (last one) Which spread spectrum method divides bandwidth into a series of frequencies called tones? a.Frequency-hopping spread spectrum (FHSS) b.Direct sequence spread spectrum (DSSS) c.Spread spectrum frequency tonation (SSFT) d.Orthogonal frequency division multiplexing (OFDM)
- Slide 84
- 84 Questions? [email protected] www2.hawaii.edu/~probbins https://www.dorkatron.com/docs/CMGT441/