Table of Contents
Cracking the Window to WiFi
- Wireless Technology
- Basic Wireless Issues
- Forms of Encryption
- Bypassing Security
- Protection Methods
- Why Wireless?
- Portability, convenience, flexibility
- Increased productivity, lower installation costs
- Data synchronization
- Application sharing
- Advanced network services
Problems with Wireless
- Wired vulnerabilities still apply
- Unauthorized access attempts are more convenient
- Unencrypted traffic (or poor encryption) can be more readily intercepted
- DoS attacks now wireless capable
Problems with Wireless (continued)
- Corruption of sensitive data – improper synchronization
- Identity theft more transparent
- Attacker can deploy unauthorized equipment
- Data extraction - improperly configured devices
Forms of Encryption
- Wired Equivalent Privacy (WEP)
- WiFi Protected Access (WPA)
- Pre-Shared Key (WPA-PSK)
Wireless Equivalent Privacy (WEP)
- Based on a security scheme, RC4
- combination of secret user keys and system-generated values.
- Originally 40-bit encryption (weak headers)
- Now 128-bit encryption
- key length of 104 bits, not 128 bits or better (including 152-bit and 256-bit WEP systems).
- Still vulnerable
WiFi Protected Access (WPA-PSK)
- One of the most widely implemented
- Resolves WEP issues (weak headers)
- Message passes through MIC using TKIP
- Encryption keys automatically changed over a period of time (rekeying)
- Authentication can be exploited
- Passphrase 8 – 23 characters required
Let’s Crack some WiFi!!!!
- Tools Needed
- Aircrack Suite
- airodump - Grabbing IVs
- aircrack - Cracking the IVs
- airdecap - Decoding captured packets
- airreplay - packet injector to attack APs.
- kismet - Network Sniffer, can grab IVs as well.
- Collecting the data
- The Handshake
- Designed to occur over insecure channels and in plaintext
- Dictionary Brute Force
- Need a good dictionary!
- Demo cracking a WPA connection
- Demo cracking a WEP connection
- Change default admin password and username
- Enable MAC Address Filtering (minor hurdle to hackers)
- Change default SSID (or disable broadcast) (minor hurdle to hackers)
- Assign Static IP addresses (minor to hurdle)
- Do not Auto-Connect to open WiFi networks
- Position router to avoid a propagating signal
- Turn off router during extended non-use
- TURN ON A GOOD ENCRYPTION!!!!
Meetings Discussion Photo Gallery Officers Only About the Wiki State of the Kernel Projects Server Usage Policy
This is only required if you live off campus or have extended access granted.