Wifi Security


Published on

Fast made slideshow for presenting in lecture.

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Wifi Security

    1. 1. Wireless Security <ul><li>Agris Ameriks 2008 </li></ul>
    2. 2. WI-FI <ul><li>Wi-Fi is a wireless networking technology used across the globe. </li></ul><ul><li>Wi-Fi refers to any system that uses the 802.11 standard, which was developed by the Institute of Electrical and Electronics Engineers (IEEE) and released in 1997. </li></ul><ul><li>The term Wi-Fi, which is alternatively spelled WiFi, Wi-fi, Wifi, or wifi, was pushed by the Wi-Fi Alliance , a trade group that pioneered commercialization of the technology. </li></ul>Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance
    3. 3. 802.11 <ul><li>802.11 is a set of standards for  wireless local area network (WLAN)  computer communication,  developed by the IEEE LAN/MAN  Standards Committee (IEEE 802) in  the 5 GHz and 2.4 GHz public  spectrum bands. </li></ul>
    4. 4. Wi-Fi Security <ul><li>Outsiders can sometimes  get into your wireless networks fast and easily </li></ul>
    5. 5. Private Wi-Fi securing
    6. 6. Securing a wireless network <ul><li>Possible steps towards securing a wireless network include: </li></ul><ul><ul><li>All wireless LAN devices need to be secured </li></ul></ul><ul><ul><li>All users of the wireless network need to be educated in wireless network security </li></ul></ul><ul><ul><li>All wireless networks need to be actively monitored for weaknesses and breaches </li></ul></ul>
    7. 7. You are using WEP? You are damn stupid. You are damn stupid. <ul><li>WEP is a deprecated algorithm to secure IEEE 802.11 wireless networks. </li></ul><ul><li>It is possible to crack and get code very fast depending on traffic </li></ul><ul><li>Hackers use Aircrack-ng and they are having fun! </li></ul>
    8. 8. Use WPA or WPA2 instead <ul><li>Protocol was created in response to several serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP). </li></ul><ul><li>Hackers can crack password only using Brute Force Attack. </li></ul><ul><ul><li>So don’t use WPA passwords like “password”, “administrator” and any other password you can find in dictionary. </li></ul></ul>
    9. 9. Public Wi-Fi Spot Securing
    10. 10. You think that SSL is safe? Kind of... :) <ul><li>It's completely possible to sniff out https (ssl encrypted) </li></ul><ul><li>Using MITM (man in the middle) attacks </li></ul><ul><li>Route all of your https traffic to MITM (e.g. using ARP spoofing) </li></ul><ul><li>Intercept all traffic from the web server </li></ul><ul><li>Send you a fake self signed certificate </li></ul><ul><li>And once you accept it thinking the site is secure, everything you do goes through MITM first </li></ul><ul><ul><li>http://www.youtube.com/watch?v=Aak6-B3JORE </li></ul></ul>Using Backtrack and Ettercap
    11. 11. How I secure my traffic? SSH tunneling SSH tunneling <ul><li>I have installed Ubuntu server with SSH and squid proxy at home with fixed IP </li></ul><ul><li>I use small app on OS X SSH Tunnel Manager and tunnel proxy port to localhost:6023 </li></ul><ul><li>In firefox I use proxy localhost:6023 </li></ul><ul><li>On Windows XP I use Tutty to do the same thing </li></ul>
    12. 12. Pay for security <ul><li>Pay for VPN service </li></ul><ul><ul><li>www.witopia.net - $39.99/year </li></ul></ul><ul><ul><li>www.publicvpn.com - $6.95/month OR $69.95/year </li></ul></ul><ul><li>Pay for tunneling service </li></ul><ul><ul><li>www.secure-tunnel.com - $9.95/month OR $99.95/year </li></ul></ul>
    13. 13. Latvian Law <ul><li>Latvian Criminal Law § 241. </li></ul><ul><li>You will get penalty if you break any kind of security </li></ul><ul><li>http://www.likumi.lv/doc.php?id=88966 </li></ul>
    14. 14. References <ul><li>Used materials and links: </li></ul><ul><ul><li>http://en.wikipedia.org/wiki/Wireless_security </li></ul></ul><ul><ul><li>http://www.slideshare.net/rudivd/wireless-security-416902 </li></ul></ul><ul><ul><li>http://www.slideshare.net/y3dips/wifi-259965 </li></ul></ul><ul><ul><li>http://www.slideshare.net/som.mukhopadhyay/wifi-security-explained </li></ul></ul><ul><ul><li>http://webworkerdaily.com/2007/08/15/keeping-your-public-wi-fi-sessions-secure/ </li></ul></ul><ul><ul><li>http://www.techsoup.org/learningcenter/connections/page5998.cfm </li></ul></ul><ul><ul><li>http://www.dslreports.com/forum/r21012040-Public-WiFi-Wireless-Sniffing-SSL </li></ul></ul><ul><ul><li>http://www.youtube.com/watch?v=Aak6-B3JORE </li></ul></ul><ul><ul><li>http://en.wikipedia.org/wiki/ARP_spoofing#ARP_spoofing_tools </li></ul></ul>