Slideshare.net (beta)

Home Browse My Slidespace Upload Community Tags Widgets

Latest | Most Viewed | Most Embedded | Featured | Most Favorited | Most Downloaded | Slidecasts

 
Post to TwitterPost to Twitter
Post: 
Myspace Hi5 Friendster Xanga LiveJournal Facebook Blogger Tagged Typepad Freewebs BlackPlanet gigya icons

All comments

Add a comment on Slide 1

If you have a SlideShare account, login to comment; else you can comment as a guest


Showing 1-50 of 3 (more)

wifi

From y3dips, 8 months ago

y3dips's Wifi [in]security presentation at STMIK MDP Palembang

2060 views  |  0 comments  |  3 favorites  |  260 downloads  |  3 embeds (Stats)
 

Categories

Add Category
 
 

Tags

wardriving wifi security

 
 

Groups / Events

 

 
Embed
options

More Info

This slideshow is Public
Total Views: 2060
on Slideshare: 1967
from embeds: 93

Slideshow transcript

Slide 1: A set of experience over the air y3dips@echo.or.id 

Slide 2: ECHO •I d E i C IndonEsian Community for Hackers  it  f  H k   and Open Source  • The stressing is still around the  hacking stuffs. We're working on the  Open Source activities • Ezines, Advisories, News, Forum,  , , , , Mailing list • Founded in 2003 • Has 13 staff a k a ECHO STAFF staff a.k.a • Has 11116 mailing lists member,  and 14151 Board Discussions  member (Jan,22 2008) b • http://echo.or.id  || http://e‐rdc.org  y3dips@echo.or.id 

Slide 3: y3dips@echo.or.id 

Slide 4: WI‐FI WI‐ Wi‐Fi, is a wireless networking  l k technology used across the globe.  Wi‐Fi refers to any system that uses  the 802.11 standard, which was  developed by the Institute of  Electrical and Electronics Engineers  g (IEEE) and released in 1997. The  term Wi‐Fi, which is alternatively  spelled WiFi, Wi fi, Wifi, or wifi, was  spelled WiFi  Wi‐fi  Wifi  or wifi  was  pushed by the Wi‐Fi Alliance, a  trade group that pioneered  commercialization of the  technology. Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance y3dips@echo.or.id 

Slide 5: 802 11 802.11 802.11 is a set of standards for  f d d f wireless local area network (WLAN)  computer communication,  developed by the IEEE LAN/MAN  Standards Committee (IEEE 802) in  the 5 GHz and 2.4 GHz public  5 4 p spectrum bands. y3dips@echo.or.id 

Slide 6: Why WI‐FI Why WI‐ •Convenience:  Flexibility of time  i l bl f and location •Mobility:  Access the internet even  outside their normal work  environment •P d i i  P Productivity: Potentially be more i ll  b   •Deployment: Requires little more  t a a s g e access po t than a single access point •Expandability: Serve a suddenly‐ increased number of clients  •Cost. y3dips@echo.or.id 

Slide 7: Keep it safe or wide open

Slide 8: WI – WI –FI  Security Outsiders can sometimes get into your wireless networks as fast and easily Some Security Method • MAC ID filtering  • Static IP Addressing  • WEP encryption  • WPA  Wi‐Fi Protected Access • WPA2  • LEAP  Lightweight Extensible Authentication Protocol • PEAP  Protected Extensible Authentication Protocol • TKIP  Temporal Key Integrity Protocol • RADIUS  Remote Authentication Dial In User Service • WAPI  WLAN Authentication and Privacy Infrastructure • Smart cards, USB tokens, and  software tokens y3dips@echo.or.id 

Slide 9: 3  General Steps To  Relatively Secure 1. All WI‐FI devices need to be secured ll d d b d 2. All Users need to be educated 3. 3 Need to be actively monitored for weaknesses and breaches http://en.wikipedia.org/wiki/Wireless_security y3dips@echo.or.id 

Slide 10: Specific  Steps  to be relatively Secure Specific  Steps  to be relatively Secure 1. S    h   t k  bli   Secure your home network: enabling security  of your router (AP) , change password,  i    f     (AP)    h   d  restrict the 2. Protect yourself when using a public hotspot: Connecting to a legitimate hotspot . C l h Use a virtual private network or VPN, Stay away from critical action (bank transaction) 3. Configure for approved connections:  simply configure your device to not automatically  connect  4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to  sharing / connecting with other devices.  5. Install anti‐virus software:  makes it more important to have antivirus software installed. 6. Use a personal firewall: a personal firewall program. p p p g y3dips@echo.or.id 

Slide 11: A set of popular things

Slide 12: Hardware Hacking Build A Tin Can Waveguide WiFi ild i id i i Antenna • Using a Can, … and else • Increase the range of your  g Wireless network •http://www.turnpoint.net/wireless/cantennahowto.html •http://wikihost.org/wikis/indonesiainternet/programm/ge bo.prg?name=sejarah_internet_indonesia:wajanbolic_e‐ goen y3dips@echo.or.id 

Slide 13: War Driving Wardriving is the act of searching di i h f h for Wi‐Fi wireless networks by a person in a moving vehicle using a Wi‐Fi‐equipped computer, such as a laptop or a PDA. (http //en wikipedia org/wiki/Wardriving) http://en.wikipedia.org/wiki/Wardriving Wardrivers are only out to log and collect Tools information about the wireless access points, they find while driving, without using the networks' networks •Net Stumbler services. • Kismet • Kismac • MiniStumbler/Pocket Warior y3dips@echo.or.id 

Slide 14: y3dips@echo.or.id 

Slide 15: WarChalking Warchalking is the drawing of symbols in public places to advertise an open Wi‐Fi wireless network. k y3dips@echo.or.id 

Slide 16: PiggyBacking (using someone else's wireless Internet access) l l Piggybacking is a term used to refer i b ki d f to the illegal access of a wireless internet connection without explicit permission or knowledge from the owner. Targets : Hotspots is a venue that offers Wi‐Fi otspots s e ue t at o e s access. (Café, Restaurants, Campus, Office) y3dips@echo.or.id 

Slide 17: List of Abuse & tools

Slide 18: Another WI  FI Abuse • DOS • Injection • Fake Access Point • Fake CaptivePortal • EavesDropes • MAC Spoofing • Man In The Middle Attack

Slide 19: Top 5 WI‐FI  Tools Top 5 WI WI‐ • Kismet A powerful wireless sniffer • Net Stumbler Free Windows 802.11 Sniffer • AirCrack The fastest available WEP/WPA cracking tooll h f l bl k • AirSnort 802.11 WEP Encryption Cracking Tool • Kismac A GUI passive wireless stumbler for Mac OS X Source: http://sectools.org/wireless.html y3dips@echo.or.id 

Slide 20: Maybe yes, Maybe No !

Slide 21: Taking fun from the wifi at the Cafe Taking fun from the wifi • Café with a Hotspot • Not Free Wifi Access  • Using Some  eleet Restriction Mac Restriction Protocol Restriction (All  TCP need a session auth) • Trick It • Change your mac • Tunnel your connection • Not Free Wifi Access y3dips@echo.or.id 

Slide 22: Taking fun from the wifi at the Hotel Taking fun from the wifi at the Hotel • Charge User using their  room number • Using Some  eleet Restriction • Room Number with all  the settings through  Captive Portals • Change the HTTP Request  h h • Not Free Wifi Access y3dips@echo.or.id 

Slide 23: Will we see it right now in front of our eyes

Slide 24: DEMO • War Driving • WarChalking • WI‐FI Abuse ? • WEP Cracking y3dips@echo.or.id 

Slide 25: Discussion

© 2008 SlideShare Inc. All Rights Reserved.
App08 is serving you.