WiFi Insecurity2013

214
-1

Published on

Brief presentation on wifi security risk in 2013.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
214
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

WiFi Insecurity2013

  1. 1. Wifi Insecurity 2013 Risks and Usage Kurt Baumgartner @k_sec Principal Security Researcher Global Research and Analysis Team
  2. 2. Wifi Insecurity 2013 Usage and Risks Credit: wigle.net , 2013.08.29 • WiFi • Absolutely ubiquitous • Demonstrably insecure
  3. 3. Wifi Availability Who cares? 15%-20% WiFi is “unprotected” Credit: wigle.net , 2013.08.29
  4. 4. Wifi Availability Does WPA2 really matter? Session hijacking, complete compromise • • Banking / Retail cc Credit: www.immunityinc.com/images/silica/new_wifimonitor_edited.png
  5. 5. Wifi Attacker’s Toolset 2013 Getting in – is anything new? • Evil Twin == ARPSpoof, DHCP spoofing • Aircrack-ng handshake collector, WPS PIN defaults and Reaver brute forcing • Cloud based cracking, ocl-Hashcat-plus • 55 is the new 15! • Performance improvements by orders of magnitude • Certificate forging, SSLStrip, HTML Injection and Sidejacking • Cookie theft and replay • System Compromise and DNS Hijacking
  6. 6. Connecting to Public Wifi Confident connections • VPN (and/or SSH) • Pay attention to your browser!
  7. 7. Connecting to Public Wifi Confident connections
  8. 8. Connecting to Public Wifi Confident connections
  9. 9. Thank You Kurt Baumgartner, @k_sec Principal Security Researcher Global Research and Analysis Team

×