wireless security wireless network attacks
play

Wireless Security Wireless Network Attacks Access control attacks - PDF document

Oct 20, 2022 •100 likes •184 views

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

  1. Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack Description Methods and Tools War Driving Discovering wireless LANs by listening to beacons or Airmon-ng, DStumbler, KisMAC, sending probe requests, thereby providing launch MacStumbler, NetStumbler, point for further attacks. Wellenreiter, WiFiFoFum Rogue Access Installing an unsecured AP inside firewall, creating Any hardware or software AP Points open backdoor into trusted network. Ad Hoc Connecting directly to an unsecured station to Any wireless card or USB adapter Associations circumvent AP security or to attack station. MAC Spoofing Reconfiguring an attacker's MAC address to pose as MacChanger, SirMACsAlot, SMAC, an authorized AP or station. Wellenreiter, wicontrol 802.1X RADIUS Recovering RADIUS secret by brute force from Packet capture tool on LAN or network Cracking 802.1X access request, for use by evil twin AP. path between AP and RADIUS server Confidentiality attacks These attacks attempt to intercept private information sent over wireless associations, whether sent in the clear or encrypted by 802.11 or higher layer protocols. Type of Attack Description Methods and Tools Capturing and decoding unprotected application bsd-airtools, Ettercap, Kismet, Wireshark, Eavesdropping traffic to obtain potentially sensitive information. commercial analyzers WEP Key Capturing data to recover a WEP key using Aircrack-ng, airoway, AirSnort, chopchop, Cracking passive or active methods. dwepcrack, WepAttack, WepDecrypt, WepLab, wesside Evil Twin AP Masquerading as an authorized AP by beaconing cqureAP, D-Link G200, HermesAP, Rogue the WLAN's service set identifier (SSID) to lure Squadron, WifiBSD users. AP Phishing Running a phony portal or Web server on an evil Airpwn, Airsnarf, Hotspotter, Karma, twin AP to "phish" for user logins, credit card RGlueAP

  2. numbers. Man in the Running traditional man-in-the-middle attack dsniff, Ettercap-NG, sshmitm Middle tools on an evil twin AP to intercept TCP sessions or SSL/SSH tunnels. Integrity attacks These attacks send forged control, management or data frames over wireless to mislead the recipient or facilitate another type of attack (e.g., DoS). Type of Attack Description Methods and Tools 802.11 Frame Crafting and sending forged 802.11 frames. Airpwn, File2air, libradiate, void11, Injection WEPWedgie, wnet dinject/reinject 802.11 Data Capturing 802.11 data frames for later (modified) Capture + Injection Tools Replay replay. 802.1X EAP Capturing 802.1X Extensible Authentication Protocols Wireless Capture + Injection Tools Replay (e.g., EAP Identity, Success, Failure) for later replay. between station and AP 802.1X Capturing RADIUS Access-Accept or Reject messages Ethernet Capture + Injection Tools RADIUS Replay for later replay. between AP and authentication server Authentication attacks Intruders use these attacks to steal legitimate user identities and credentials to access otherwise private networks and services. Type of Attack Description Methods and Tools Shared Key Attempting 802.11 Shared Key Authentication with guessed, WEP Cracking Tools Guessing vendor default or cracked WEP keys. PSK Cracking Recovering a WPA/WPA2 PSK from captured key handshake coWPAtty, genpmk, KisMAC, frames using a dictionary attack tool. wpa_crack Application Capturing user credentials (e.g., e-mail address and Ace Password Sniffer, Dsniff, Login Theft password) from cleartext application protocols. PHoss, WinSniffer Domain Login Recovering user credentials (e.g., Windows login and John the Ripper, L0phtCrack, Cracking password) by cracking NetBIOS password hashes, using a Cain brute-force or dictionary attack tool. VPN Login Recovering user credentials (e.g., PPTP password or IPsec ike_scan and ike_crack (IPsec), Cracking Preshared Secret Key) by running brute-force attacks on VPN anger and THC-pptp-bruter authentication protocols. (PPTP)

  3. 802.1X Identity Capturing user identities from cleartext 802.1X Identity Capture Tools Theft Response packets. 802.1X Using a captured identity, repeatedly attempting 802.1X Password Dictionary Password authentication to guess the user's password. Guessing 802.1X LEAP Recovering user credentials from captured 802.1X Anwrap, Asleap, THC- Cracking Lightweight EAP (LEAP) packets using a dictionary attack tool LEAPcracker to crack the NT password hash. 802.1X EAP Forcing an 802.1X server to offer a weaker type of File2air, libradiate Downgrade authentication using forged EAP-Response/Nak packets. Links • http://searchsecurity.techtarget.com/feature/A-list-of-wireless-network-attacks • http://en.wikipedia.org/wiki/Wireless_security Preventive Measures • Wireless intrusion prevention systems (Definition: A wireless intrusion detection system (WIDS) monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools; Implementation: Sensors, servers, console, secure link; Prevented threats: Rogue AP – WIPS should understand the difference between Rogue AP and External (neighbor’s) AP, Mis-configured AP, Client Mis- association, Unauthorized association, Man in the Middle Attack, Ad-hoc Networks, Mac-Spoofing, Honeypot / Evil Twin Attack, Denial of Service (DoS) Attack) • Hide SSID (simple but relatively ineffective) • MAC ID filtering (does not work when attacker sniffs MAC address of authorized client and spoofs it) • Static IP addressing (does not work when attacker sniffs IP address of authorized client and spoofs it) • End to end encryption (The solution may be encryption and authorization in the application layer, using technologies like SSL, SSH, GnuPG, PGP and similar.) • Smart cards, USB tokens, and software tokens (the most effective method known today) • RF shielding (It’s practical in some cases to apply specialized wall paint and window film to a room or building to significantly attenuate wireless signals, which keeps the signals from propagating outside a facility.) • Wireless IPS • RADIUS (The idea is to have an inside server act as a gatekeeper through the use of verifying identities through a username and password that is already pre-determined by the user.) • Stealth wallpaper that blocks wireless signals • Faraday cages around buildings

  4. • Links: • http://en.wikipedia.org/wiki/Faraday_cage • http://en.wikipedia.org/wiki/Stealth_wallpaper • http://en.wikipedia.org/wiki/Wireless_security • http://en.wikipedia.org/wiki/TEMPEST Satellite Networks and Security Introduction: • Components (Radio Device, Footprint, Ground Station, ISDN/PSTN, Base station/gateway, uplink/downlink, satellite) • Orbit Characteristics (GEO, LEO, MEO, HEO; inclination angle, velocity, time period, geo-stationary satellites, power, footprint) • Communication Characteristics (frequency bands; time delay in communication; types of Links: ISL, MUL, GWL) • Communication Paradigms (Cellular, C band, Ku Ban, BSS, DBS, Marine, Space-bourne Land Mobile, Satellite Messaging for Commercial Jets) • Data Characteristics (low latency, poor bandwidth, noise) • Error Correction (FEC, ARR, SW, GBN, SR) • Hybrid Networks • Pros/Cons Satellite Networks • Effect of Weather Conditions • Path Diversity • Handoffs • Introduction to GPS – (triangulation technique, satellite systems, gravitational field correction, PRN, limitations, advantages, common applications) Links: • http://www.cs.gsu.edu/~cscyip/csc8221/Chapt-11.pdf • http://www.cs.wustl.edu/~jain/cis788-97/ftp/satellite_nets.pdf Security in Satellite Networks • Signal interception by military organizations, eg: CIA, NSA (Space interception of inter-city networks, SIGINT satellites, COMSAT ILC collection, Submarine cable interception) • Unintentional Threats to Commercial Satellite Systems (Ground based: natural disasters, acts of god, power outages; Space based: solar flares, radiation, temperature variations, space debris; Interference: cosmic rays, other satellites, frequency conflicts) • Intentional Threats to Commercial Satellite Systems (Ground based: physical destruction of communication equipment and base stations, sabotage; Space-based: space-to-space missiles, anti- satellite weapons, space mines, lasers, Electro magnetic pulse; Cyber attacks: spoofing, data interception, malicious software, denial of service; Signal jamming)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion

Wireless Security Wireless Security Confidentiality Integrity Wireless Architecture Access Points Which AP? The Evil Twin Attack Wireless Security Why This Works Integrity Attacks Availability Black Holes Battery Exhaustion Battery

785 views • 41 slides
Security in Wireless Sensor Networks Introduction A Wireless Sensor Network is a network made of

Security in Wireless Sensor Networks Introduction A Wireless Sensor Network is a network made of

Security in Wireless Sensor Networks Introduction A Wireless Sensor Network is a network made of many small devices consisting of a battery, radio communications, microcontroller, and sensors. Sensor nodes Task manager Gateway node 2

934 views • 44 slides
Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5

Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5

Introduction Wireless Network Security IT Security Ido Rosen ido@cs.uchicago.edu University of Chicago 5 March 2007 Ido Rosen Wireless Network Security Introduction Introduction 1 Overview Wireless LANs Ido Rosen Wireless Network

397 views • 8 slides
Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless

Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless

Security of Wireless Protocols Mati Vait December 15, 2010 1 / 21 Security of Wireless Protocols Contents WPA and WPA2? Common parts in WPA & WPA2 WPA Encryption and Decryption WPA2 Encryption and Decryption Attacks on WPA Attacks on

235 views • 21 slides
Writing a book on wireless security available online is like writing a book on safe Internet

Writing a book on wireless security available online is like writing a book on safe Internet

Agenda The purpose of this presentation is to: FIRST Technical Colloquium Uppsala, Sweden Give an overview of Wireless technology Highlight the security issues Securing Your associated with IEEE 802.11b Wireless LAN wireless LANs Suggest

413 views • 16 slides
Network Security Wireless Marcus Bendtsen, Andrei Gurtov Institutionen fr Datavetenskap (IDA)

Network Security Wireless Marcus Bendtsen, Andrei Gurtov Institutionen fr Datavetenskap (IDA)

Network Security Wireless Marcus Bendtsen, Andrei Gurtov Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Disclaimer Wireless networks come with so much security related issues that an entire

564 views • 31 slides
SkyFi A fast and secure wireless network paradigm using VLC Current wireless standards Pros:

SkyFi A fast and secure wireless network paradigm using VLC Current wireless standards Pros:

SkyFi A fast and secure wireless network paradigm using VLC Current wireless standards Pros: Convenience Accessibility Cons: Speed Interference Visual Light Communication Security Speed Bandwidth Range Special use cases Our project

423 views • 13 slides
Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction -

Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction -

Outline Wireless Ad Hoc & Sensor Networks Wireless Ad Hoc & Sensor Networks Introduction - Security Security challenges in Ad Hoc Networks y g Threats and Attacks Security Solutions Security Solutions

668 views • 15 slides
A NEW HOD BASED INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORK IK2206: Internet Security

A NEW HOD BASED INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORK IK2206: Internet Security

A NEW HOD BASED INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORK IK2206: Internet Security and Privacy Sumanta Saha Md. Safiqul Islam Md. Sakhawat Hossen W IRELESS A D H OC N ETWORK Wireless ad hoc networks are autonomous nodes that

372 views • 15 slides
Wireless Network Security Vedavyas Duggirala CS 6204, Spring 2005 1 Wireless Devices - Benefits

Wireless Network Security Vedavyas Duggirala CS 6204, Spring 2005 1 Wireless Devices - Benefits

Wireless Network Security Vedavyas Duggirala CS 6204, Spring 2005 1 Wireless Devices - Benefits and Risks Benefits Risks Allow Mobility Suffers from all the risks of wired networks Greater flexibility, efficiency and

623 views • 27 slides
Wireless Network Security and Mobile Commerce Dr. Gordon B. Agnew Electrical and Computer

Wireless Network Security and Mobile Commerce Dr. Gordon B. Agnew Electrical and Computer

Wireless Network Security and Mobile Commerce Dr. Gordon B. Agnew Electrical and Computer Engineering University of Waterloo gbagnew@engmail.uwaterloo.ca Overview Wireless LANS 1. WLAN Standards and Characteristics Overview of

899 views • 72 slides
Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking

Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking

Wireless LAN Security Setup & Optimizing Wireless Client in Linux Hacking and Cracking Wireless LAN Setup Host Based AP ( hostap ) in Linux & freeBSD Securing & Managing Wireless LAN : Implementing 802.1x EAP-TLS

417 views • 29 slides
Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &

Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor &

Wireless Security for Hotspots & Home PCCW Feb, 2009 Ubiquitous Wireless Indoor & Outdoor Wireless Security for Home Provides all-in-one DSL modem with Wi-Fi capability to residential customers Simplify setup to the

354 views • 21 slides
The Challenge of Legacy Assets Richard Lucas, BSc(Eng) MBA MD of ASH Wireless ASH Wireless is an

The Challenge of Legacy Assets Richard Lucas, BSc(Eng) MBA MD of ASH Wireless ASH Wireless is an

The Impact of the Internet of Things on our Lives. The Challenge of Legacy Assets Richard Lucas, BSc(Eng) MBA MD of ASH Wireless ASH Wireless is an electronics design consultancy Specialising in wireless and sensors An Ofgem funded Network

1.7k views • 26 slides
Network Coding in Wireless Systems: Impact of Wireless Links

Network Coding in Wireless Systems: Impact of Wireless Links

Network Coding in Wireless Systems: Impact of Wireless Links Gunes Karabulut Kurt gkurt@itu.edu.tr Department of Electronics and CommunicaCons Engineering ISTANBUL

1.24k views • 44 slides
Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems

Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems

Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias Schulz, Adrian Loch, Matthias Hollick Practical Known-Plaintext Attacks against Physical Layer Security in Wireless MIMO Systems Matthias

607 views • 22 slides
Botnets: The Web Killer Chris Lee Computer Network Security March 7th, 2008 Online Crime

Botnets: The Web Killer Chris Lee Computer Network Security March 7th, 2008 Online Crime

Botnets: The Web Killer Chris Lee Computer Network Security March 7th, 2008 Online Crime Motives Tactics Money Spam Thuggery DDoS Espionage Targeted attacks Money Proxies Phishing

295 views • 13 slides
Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1

Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1

Malicious Logic Trojan Horses Viruses Worms Fall 2010 CS 334: Computer Security Slide #1 Introduction Malicious Logic: a set of instructions that cause violation of security policy Idea taken from Troy: to breach an impenetrable

1.3k views • 109 slides
Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer

Hands-On Ethical Hacking and Network Defense Second Edition - Chapter 3 Network and Computer Attacks Objectives After reading this chapter and completing the exercises , you will be able to: Describe the different types of malicious

84 views • 7 slides
Do Not Track The Future of Web Privacy Nick Doty UC Berkeley, School of Information World Wide

Do Not Track The Future of Web Privacy Nick Doty UC Berkeley, School of Information World Wide

Do Not Track The Future of Web Privacy Nick Doty UC Berkeley, School of Information World Wide Web Consortium http://npdoty.name who I am "future of" a clarification not that Do Not Track is a solution to all Web privacy problems

560 views • 34 slides
Sandboxes VM Most sandboxes provide an isolation-based approach where the effect of

Sandboxes VM Most sandboxes provide an isolation-based approach where the effect of

Sandboxes VM Most sandboxes provide an isolation-based approach where the effect of programs run inside a sandbox is entirely isolated from resources outside the sandbox's authority. However, due to practical requirements, sandboxing

1.9k views • 164 slides
dirtbox, a x86/Windows Emulator Georg Wicherski Virus Analyst, Global Research and Analysis Team

dirtbox, a x86/Windows Emulator Georg Wicherski Virus Analyst, Global Research and Analysis Team

dirtbox, a x86/Windows Emulator Georg Wicherski Virus Analyst, Global Research and Analysis Team Motivation & System Overview Why not just use CWSandbox, Anubis, Normans , JoeBox , Malware are Analys lysis is Sandbox Solutions

604 views • 24 slides
Luke Valenta Gabbi Fisher @lukevalenta @gabbifish Systems Engineer, Cloudflare Systems

Luke Valenta Gabbi Fisher @lukevalenta @gabbifish Systems Engineer, Cloudflare Systems

Luke Valenta Gabbi Fisher @lukevalenta @gabbifish Systems Engineer, Cloudflare Systems Engineer, Cloudflare Outline 1. HTTPS Interceptors and How to Find Them: Common sources of MITM (Monsters in the Middle). 2. A technique for

701 views • 37 slides
Spam Prevention using Spam Prevention using Access Code (AC) Access Code (AC) Akhtar H Khalil,

Spam Prevention using Spam Prevention using Access Code (AC) Access Code (AC) Akhtar H Khalil,

Spam Prevention using Spam Prevention using Access Code (AC) Access Code (AC) Akhtar H Khalil, David J. Parish Akhtar H Khalil, David J. Parish a.h.khalil@lboro.ac.uk , , d.j.parish@lboro.ac.uk d.j.parish@lboro.ac.uk a.h.khalil@lboro.ac.uk

630 views • 18 slides

More recommend