Short presentation I did at BrainTank 2012 in Providence RI. The focus was on issues surrounding wireless security at the small business level and how there is not enough being done to address it.
DevEX - reference for building teams, processes, and platforms
So you want to be a wireless hacker
1. So you want to be a wireless hacker…
Casey Dunham
Gnosis Consulting
BrainTank 2012
Providence RI
2. Background
• B.S. Computer Science – Univ. Southern Maine
• Active
– DC207 (dc207.org) Portland, ME DEF CON Group
– PWM TOOOL (toool.us)
– Have you been by the Lockpick Village?
• Gnosis – Security Consulting for Small Biz
8. Pineapple
Nothing to see here.
Just a plastic pineapple.
http://hakshop.myshopify.com/products/wifi-pineapple
9. Why YOU should care
“… FBI special agents drove past the home
and noted the existence of two WiFi networks
reachable from the property. One used WEP
encryption, the other had the more robust
WPA2, but the key point from the FBI's
perspective was that neither network was
unsecured. A search thus seemed much
more likely to find its proper target.”
http://arstechnica.com/tech-policy/2012/06/swat-team-throws-flashbangs-raids-wrong-home-due-to-open-wifi-network/
10. “…they used
sophisticated electronic equipment
to break through networks”
http://www.seattlepi.com/local/article/Feds-Wi-Fi-hacking-burglars-targeted-dozens-of-2178421.php
12. Aircrack-ng
Set of tools for auditing wireless
packet sniffer
WEP and WPA/WPA2-PSK cracker / analyzer
Can also use airbase-ng to attack clients
Included with BackTrack Linux
Works out of the box with Alfa cards