Your SlideShare is downloading. ×

wifi

4,464

Published on

y3dips's Wifi [in]security presentation at STMIK MDP Palembang

y3dips's Wifi [in]security presentation at STMIK MDP Palembang

Published in: Technology
2 Comments
4 Likes
Statistics
Notes
  • http://www.mediafire.com/download/bibo8k8wqt5ckwe
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • http://www.mediafire.com/download/bibo8k8wqt5ckwe
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total Views
4,464
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
728
Comments
2
Likes
4
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. A set of experience over the air y3dips@echo.or.id 
  • 2. ECHO •I d E i C IndonEsian Community for Hackers  it  f  H k   and Open Source  • The stressing is still around the  hacking stuffs. We're working on the  Open Source activities • Ezines, Advisories, News, Forum,  , , , , Mailing list • Founded in 2003 • Has 13 staff a k a ECHO STAFF staff a.k.a • Has 11116 mailing lists member,  and 14151 Board Discussions  member (Jan,22 2008) b • http://echo.or.id  || http://e‐rdc.org  y3dips@echo.or.id 
  • 3. y3dips@echo.or.id 
  • 4. WI‐FI WI‐ Wi‐Fi, is a wireless networking  l k technology used across the globe.  Wi‐Fi refers to any system that uses  the 802.11 standard, which was  developed by the Institute of  Electrical and Electronics Engineers  g (IEEE) and released in 1997. The  term Wi‐Fi, which is alternatively  spelled WiFi, Wi fi, Wifi, or wifi, was  spelled WiFi  Wi‐fi  Wifi  or wifi  was  pushed by the Wi‐Fi Alliance, a  trade group that pioneered  commercialization of the  technology. Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance y3dips@echo.or.id 
  • 5. 802 11 802.11 802.11 is a set of standards for  f d d f wireless local area network (WLAN)  computer communication,  developed by the IEEE LAN/MAN  Standards Committee (IEEE 802) in  the 5 GHz and 2.4 GHz public  5 4 p spectrum bands. y3dips@echo.or.id 
  • 6. Why WI‐FI Why WI‐ •Convenience:  Flexibility of time  i l bl f and location •Mobility:  Access the internet even  outside their normal work  environment •P d i i  P Productivity: Potentially be more i ll  b   •Deployment: Requires little more  t a a s g e access po t than a single access point •Expandability: Serve a suddenly‐ increased number of clients  •Cost. y3dips@echo.or.id 
  • 7. Keep it safe or wide open
  • 8. WI – WI –FI  Security Outsiders can sometimes get into your wireless networks as fast and easily Some Security Method • MAC ID filtering  • Static IP Addressing  • WEP encryption  • WPA  Wi‐Fi Protected Access • WPA2  • LEAP  Lightweight Extensible Authentication Protocol • PEAP  Protected Extensible Authentication Protocol • TKIP  Temporal Key Integrity Protocol • RADIUS  Remote Authentication Dial In User Service • WAPI  WLAN Authentication and Privacy Infrastructure • Smart cards, USB tokens, and  software tokens y3dips@echo.or.id 
  • 9. 3  General Steps To  Relatively Secure 1. All WI‐FI devices need to be secured ll d d b d 2. All Users need to be educated 3. 3 Need to be actively monitored for weaknesses and breaches http://en.wikipedia.org/wiki/Wireless_security y3dips@echo.or.id 
  • 10. Specific  Steps  to be relatively Secure Specific  Steps  to be relatively Secure 1. S    h   t k  bli   Secure your home network: enabling security  of your router (AP) , change password,  i    f     (AP)    h   d  restrict the 2. Protect yourself when using a public hotspot: Connecting to a legitimate hotspot . C l h Use a virtual private network or VPN, Stay away from critical action (bank transaction) 3. Configure for approved connections:  simply configure your device to not automatically  connect  4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to  sharing / connecting with other devices.  5. Install anti‐virus software:  makes it more important to have antivirus software installed. 6. Use a personal firewall: a personal firewall program. p p p g y3dips@echo.or.id 
  • 11. A set of popular things
  • 12. Hardware Hacking Build A Tin Can Waveguide WiFi ild i id i i Antenna • Using a Can, … and else • Increase the range of your  g Wireless network •http://www.turnpoint.net/wireless/cantennahowto.html •http://wikihost.org/wikis/indonesiainternet/programm/ge bo.prg?name=sejarah_internet_indonesia:wajanbolic_e‐ goen y3dips@echo.or.id 
  • 13. War Driving Wardriving is the act of searching di i h f h for Wi‐Fi wireless networks by a person in a moving vehicle using a Wi‐Fi‐equipped computer, such as a laptop or a PDA. (http //en wikipedia org/wiki/Wardriving) http://en.wikipedia.org/wiki/Wardriving Wardrivers are only out to log and collect Tools information about the wireless access points, they find while driving, without using the networks' networks •Net Stumbler services. • Kismet • Kismac • MiniStumbler/Pocket Warior y3dips@echo.or.id 
  • 14. y3dips@echo.or.id 
  • 15. WarChalking Warchalking is the drawing of symbols in public places to advertise an open Wi‐Fi wireless network. k y3dips@echo.or.id 
  • 16. PiggyBacking (using someone else's wireless Internet access) l l Piggybacking is a term used to refer i b ki d f to the illegal access of a wireless internet connection without explicit permission or knowledge from the owner. Targets : Hotspots is a venue that offers Wi‐Fi otspots s e ue t at o e s access. (Café, Restaurants, Campus, Office) y3dips@echo.or.id 
  • 17. List of Abuse & tools
  • 18. Another WI  FI Abuse • DOS • Injection • Fake Access Point • Fake CaptivePortal • EavesDropes • MAC Spoofing • Man In The Middle Attack
  • 19. Top 5 WI‐FI  Tools Top 5 WI WI‐ • Kismet A powerful wireless sniffer • Net Stumbler Free Windows 802.11 Sniffer • AirCrack The fastest available WEP/WPA cracking tooll h f l bl k • AirSnort 802.11 WEP Encryption Cracking Tool • Kismac A GUI passive wireless stumbler for Mac OS X Source: http://sectools.org/wireless.html y3dips@echo.or.id 
  • 20. Maybe yes, Maybe No !
  • 21. Taking fun from the wifi at the Cafe Taking fun from the wifi • Café with a Hotspot • Not Free Wifi Access  • Using Some  eleet Restriction Mac Restriction Protocol Restriction (All  TCP need a session auth) • Trick It • Change your mac • Tunnel your connection • Not Free Wifi Access y3dips@echo.or.id 
  • 22. Taking fun from the wifi at the Hotel Taking fun from the wifi at the Hotel • Charge User using their  room number • Using Some  eleet Restriction • Room Number with all  the settings through  Captive Portals • Change the HTTP Request  h h • Not Free Wifi Access y3dips@echo.or.id 
  • 23. Will we see it right now in front of our eyes
  • 24. DEMO • War Driving • WarChalking • WI‐FI Abuse ? • WEP Cracking y3dips@echo.or.id 
  • 25. Discussion

×