Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

So you want to be a wireless hacker


Published on

Short presentation I did at BrainTank 2012 in Providence RI. The focus was on issues surrounding wireless security at the small business level and how there is not enough being done to address it.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

So you want to be a wireless hacker

  1. 1. So you want to be a wireless hacker… Casey Dunham Gnosis Consulting BrainTank 2012 Providence RI
  2. 2. Background• B.S. Computer Science – Univ. Southern Maine• Active – DC207 ( Portland, ME DEF CON Group – PWM TOOOL ( – Have you been by the Lockpick Village?• Gnosis – Security Consulting for Small Biz
  3. 3. WiFi Everywhere
  4. 4. IssuesBroken encryptionConfusing Administration InterfacesRogue Access PointsMan In the Middle AttacksLack of visibility (who / what / when)WPS (WiFi Protected Setup)
  6. 6. Firesheep
  7. 7. Pineapple Nothing to see here. Just a plastic pineapple.
  8. 8. Why YOU should care “… FBI special agents drove past the home and noted the existence of two WiFi networks reachable from the property. One used WEP encryption, the other had the more robust WPA2, but the key point from the FBIs perspective was that neither network was unsecured. A search thus seemed much more likely to find its proper target.”
  9. 9. “…they used sophisticated electronic equipment to break through networks”
  10. 10. sophisticated electronic equipment Alfa-AWUS036NHR
  11. 11. Aircrack-ng Set of tools for auditing wireless packet sniffer WEP and WPA/WPA2-PSK cracker / analyzer Can also use airbase-ng to attack clients Included with BackTrack Linux Works out of the box with Alfa cards
  12. 12. Antennae
  13. 13. Making it Better (sort of)Disable remote managementOnly allow management via HTTPSDisable WPSUse WPA2 + AES + Really Good Key!Don’t Use WiFi
  14. 14. Which one is stronger?A. P4ssw0rdB. MH0hzFt4ZMgRgCbt2ibqC. dinosaursarereallyveryexcitingcreaturesD. r;IX&15z[&Kf+0aM4fi
  15. 15. Questions / Feedback?
  16. 16. Resources BackTrack 5 Wireless Penetration Testing Beginners Guide
  17. 17. DEMO