Submit Search
Upload
Ceh v5 module 15 hacking wireless networks
•
2 likes
•
3,760 views
Vi Tính Hoàng Nam
Follow
Ceh v5 module 15 hacking wireless networks
Read less
Read more
Technology
Report
Share
Report
Share
1 of 70
Download now
Download to read offline
Recommended
CEHv9 : module 17 - cloud computing
CEHv9 : module 17 - cloud computing
teknetir
Ceh v5 module 14 sql injection
Ceh v5 module 14 sql injection
Vi Tính Hoàng Nam
Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless Networks
Sam Bowne
WLAN Attacks and Protection
WLAN Attacks and Protection
Chandrak Trivedi
Web application security
Web application security
Kapil Sharma
Web Application Security and Awareness
Web Application Security and Awareness
Abdul Rahman Sherzad
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffers
Vi Tính Hoàng Nam
Ceh v5 module 03 scanning
Ceh v5 module 03 scanning
Vi Tính Hoàng Nam
Recommended
CEHv9 : module 17 - cloud computing
CEHv9 : module 17 - cloud computing
teknetir
Ceh v5 module 14 sql injection
Ceh v5 module 14 sql injection
Vi Tính Hoàng Nam
Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless Networks
Sam Bowne
WLAN Attacks and Protection
WLAN Attacks and Protection
Chandrak Trivedi
Web application security
Web application security
Kapil Sharma
Web Application Security and Awareness
Web Application Security and Awareness
Abdul Rahman Sherzad
Ceh v5 module 07 sniffers
Ceh v5 module 07 sniffers
Vi Tính Hoàng Nam
Ceh v5 module 03 scanning
Ceh v5 module 03 scanning
Vi Tính Hoàng Nam
Penetration testing reporting and methodology
Penetration testing reporting and methodology
Rashad Aliyev
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
DARSHANBHAVSAR14
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
Ceh v5 module 19 evading ids firewall and honeypot
Ceh v5 module 19 evading ids firewall and honeypot
Vi Tính Hoàng Nam
Network Security
Network Security
forpalmigho
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
Vi Tính Hoàng Nam
Web Application Penetration Testing
Web Application Penetration Testing
Priyanka Aash
Cyber Security Best Practices
Cyber Security Best Practices
Evolve IP
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineering
Vi Tính Hoàng Nam
Wi-fi Hacking
Wi-fi Hacking
Paul Gillingwater, MBA
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Vi Tính Hoàng Nam
Sensitive Data Exposure
Sensitive Data Exposure
abodiford
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
Cyber security
Cyber security
vishakha bhagwat
Application security
Application security
Hagar Alaa el-din
Web Application Security 101
Web Application Security 101
Cybersecurity Education and Research Centre
Ceh v5 module 02 footprinting
Ceh v5 module 02 footprinting
Vi Tính Hoàng Nam
Cia security model
Cia security model
Imran Ahmed
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]
Setia Juli Irzal Ismail
Chapter 3 footprinting
Chapter 3 footprinting
Setia Juli Irzal Ismail
More Related Content
What's hot
Penetration testing reporting and methodology
Penetration testing reporting and methodology
Rashad Aliyev
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
Niyas Nazar
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
DARSHANBHAVSAR14
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
Ceh v5 module 19 evading ids firewall and honeypot
Ceh v5 module 19 evading ids firewall and honeypot
Vi Tính Hoàng Nam
Network Security
Network Security
forpalmigho
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
Vi Tính Hoàng Nam
Web Application Penetration Testing
Web Application Penetration Testing
Priyanka Aash
Cyber Security Best Practices
Cyber Security Best Practices
Evolve IP
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
Raghav Bisht
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineering
Vi Tính Hoàng Nam
Wi-fi Hacking
Wi-fi Hacking
Paul Gillingwater, MBA
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Vi Tính Hoàng Nam
Sensitive Data Exposure
Sensitive Data Exposure
abodiford
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
Cyber security
Cyber security
vishakha bhagwat
Application security
Application security
Hagar Alaa el-din
Web Application Security 101
Web Application Security 101
Cybersecurity Education and Research Centre
Ceh v5 module 02 footprinting
Ceh v5 module 02 footprinting
Vi Tính Hoàng Nam
Cia security model
Cia security model
Imran Ahmed
What's hot
(20)
Penetration testing reporting and methodology
Penetration testing reporting and methodology
Vulnerabilities in modern web applications
Vulnerabilities in modern web applications
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Ceh v5 module 19 evading ids firewall and honeypot
Ceh v5 module 19 evading ids firewall and honeypot
Network Security
Network Security
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
Web Application Penetration Testing
Web Application Penetration Testing
Cyber Security Best Practices
Cyber Security Best Practices
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineering
Wi-fi Hacking
Wi-fi Hacking
Ceh v5 module 08 denial of service
Ceh v5 module 08 denial of service
Sensitive Data Exposure
Sensitive Data Exposure
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Cyber security
Cyber security
Application security
Application security
Web Application Security 101
Web Application Security 101
Ceh v5 module 02 footprinting
Ceh v5 module 02 footprinting
Cia security model
Cia security model
Viewers also liked
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]
Setia Juli Irzal Ismail
Chapter 3 footprinting
Chapter 3 footprinting
Setia Juli Irzal Ismail
Chapter 1 pendahuluan
Chapter 1 pendahuluan
Setia Juli Irzal Ismail
Chapter 2 sistem operasi
Chapter 2 sistem operasi
Setia Juli Irzal Ismail
Latihan 1 computer forensic
Latihan 1 computer forensic
sabtolinux
Cehv8 - Module 19: Cryptography
Cehv8 - Module 19: Cryptography
Vuz Dở Hơi
Ceh v5 module 18 linux hacking
Ceh v5 module 18 linux hacking
Vi Tính Hoàng Nam
Ceh v5 module 21 cryptography
Ceh v5 module 21 cryptography
Vi Tính Hoàng Nam
10 tk3193-firewall 2
10 tk3193-firewall 2
Setia Juli Irzal Ismail
Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]
Setia Juli Irzal Ismail
Chapter 5 firewall
Chapter 5 firewall
Setia Juli Irzal Ismail
Digital forensic upload
Digital forensic upload
Setia Juli Irzal Ismail
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Vi Tính Hoàng Nam
Chapter 7 security web
Chapter 7 security web
Setia Juli Irzal Ismail
Jurnal metasploit(revisi)
Jurnal metasploit(revisi)
Setia Juli Irzal Ismail
Ch 2: TCP/IP Concepts Review
Ch 2: TCP/IP Concepts Review
Sam Bowne
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Bishop Fox
Owasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root Causes
Marco Morana
Viewers also liked
(18)
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]
Chapter 3 footprinting
Chapter 3 footprinting
Chapter 1 pendahuluan
Chapter 1 pendahuluan
Chapter 2 sistem operasi
Chapter 2 sistem operasi
Latihan 1 computer forensic
Latihan 1 computer forensic
Cehv8 - Module 19: Cryptography
Cehv8 - Module 19: Cryptography
Ceh v5 module 18 linux hacking
Ceh v5 module 18 linux hacking
Ceh v5 module 21 cryptography
Ceh v5 module 21 cryptography
10 tk3193-firewall 2
10 tk3193-firewall 2
Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]
Chapter 5 firewall
Chapter 5 firewall
Digital forensic upload
Digital forensic upload
Ceh v5 module 16 virus and worms
Ceh v5 module 16 virus and worms
Chapter 7 security web
Chapter 7 security web
Jurnal metasploit(revisi)
Jurnal metasploit(revisi)
Ch 2: TCP/IP Concepts Review
Ch 2: TCP/IP Concepts Review
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Black Hat USA 2016 - Highway to the Danger Drone - 03Aug2016 - Slides - UPDAT...
Owasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root Causes
Similar to Ceh v5 module 15 hacking wireless networks
Topic 4.0 wireless technology
Topic 4.0 wireless technology
Atika Zaimi
LAN Switching and Wireless: Ch7 - Basic Wireless Concepts and Configuration
LAN Switching and Wireless: Ch7 - Basic Wireless Concepts and Configuration
Abdelkhalik Mosa
Wireless communication and networking
Wireless communication and networking
M Sabir Saeed
Wifi Technology ppt
Wifi Technology ppt
SABIR ALI MOLLAH
Wireless LAN Security
Wireless LAN Security
Abu Rayhan Ahmmed Rimu
Wireless lan electronics and communication engineering
Wireless lan electronics and communication engineering
eceb9198
Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)
Wail Hassan
Recent Trends in Wireless communication
Recent Trends in Wireless communication
JigsAshley
Wireless technology - Wi-Fi
Wireless technology - Wi-Fi
Bhushan Jadhav
Wi fi
Wi fi
Mayank Saxena
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib Zeeshan
Zaibi Gondal
Wi fi technology
Wi fi technology
Faiq Ali Sayed
Chapter 4 - Wirelsess LAN Lec Concise (1).ppt
Chapter 4 - Wirelsess LAN Lec Concise (1).ppt
abenimelos
Wi-Fi Technology
Wi-Fi Technology
Naveen Kumar
The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005
Bill Drew
SRWE_Module_12.pptx
SRWE_Module_12.pptx
NguyenNM
POLITEKNIK MALAYSIA
POLITEKNIK MALAYSIA
Aiman Hud
Wireless networksppt
Wireless networksppt
pmuthumca51
Wireless networksppt
Wireless networksppt
dxmuthu
Wireless Networks
Wireless Networks
Hîmãńshu Mêęńä
Similar to Ceh v5 module 15 hacking wireless networks
(20)
Topic 4.0 wireless technology
Topic 4.0 wireless technology
LAN Switching and Wireless: Ch7 - Basic Wireless Concepts and Configuration
LAN Switching and Wireless: Ch7 - Basic Wireless Concepts and Configuration
Wireless communication and networking
Wireless communication and networking
Wifi Technology ppt
Wifi Technology ppt
Wireless LAN Security
Wireless LAN Security
Wireless lan electronics and communication engineering
Wireless lan electronics and communication engineering
Module 15 (hacking wireless networks)
Module 15 (hacking wireless networks)
Recent Trends in Wireless communication
Recent Trends in Wireless communication
Wireless technology - Wi-Fi
Wireless technology - Wi-Fi
Wi fi
Wi fi
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib Zeeshan
Wi fi technology
Wi fi technology
Chapter 4 - Wirelsess LAN Lec Concise (1).ppt
Chapter 4 - Wirelsess LAN Lec Concise (1).ppt
Wi-Fi Technology
Wi-Fi Technology
The Wireless Library Palinet Spring2005
The Wireless Library Palinet Spring2005
SRWE_Module_12.pptx
SRWE_Module_12.pptx
POLITEKNIK MALAYSIA
POLITEKNIK MALAYSIA
Wireless networksppt
Wireless networksppt
Wireless networksppt
Wireless networksppt
Wireless Networks
Wireless Networks
More from Vi Tính Hoàng Nam
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)
Vi Tính Hoàng Nam
CATALOG KBVISION (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
Vi Tính Hoàng Nam
Catalogue 2015
Catalogue 2015
Vi Tính Hoàng Nam
Tl wr740 n-v4_user_guide_1910010682_vn
Tl wr740 n-v4_user_guide_1910010682_vn
Vi Tính Hoàng Nam
CATALOGUE CAMERA GIÁM SÁT
CATALOGUE CAMERA GIÁM SÁT
Vi Tính Hoàng Nam
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
Vi Tính Hoàng Nam
Các loại cáp mạng
Các loại cáp mạng
Vi Tính Hoàng Nam
Catalogue 10-2014-new
Catalogue 10-2014-new
Vi Tính Hoàng Nam
Qtx 6404
Qtx 6404
Vi Tính Hoàng Nam
Camera QTX-1210
Camera QTX-1210
Vi Tính Hoàng Nam
Brochua đầu ghi hình QTD-6100 Series
Brochua đầu ghi hình QTD-6100 Series
Vi Tính Hoàng Nam
NSRT: Dụng cụ tháo đầu báo
NSRT: Dụng cụ tháo đầu báo
Vi Tính Hoàng Nam
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
Vi Tính Hoàng Nam
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
Vi Tính Hoàng Nam
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
Vi Tính Hoàng Nam
HRA-1000: Hiển thị phụ cho TT HCP-1008E
HRA-1000: Hiển thị phụ cho TT HCP-1008E
Vi Tính Hoàng Nam
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ABW: TT báo cháy 10-20 kênh
Vi Tính Hoàng Nam
RPP-ECW: TT báo cháy 3-5 kênh
RPP-ECW: TT báo cháy 3-5 kênh
Vi Tính Hoàng Nam
HCP-1008E: TT báo cháy 8-24 kênh
HCP-1008E: TT báo cháy 8-24 kênh
Vi Tính Hoàng Nam
HCV-2/4/8: TT báo cháy 2,4,8 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
Vi Tính Hoàng Nam
More from Vi Tính Hoàng Nam
(20)
CATALOGUE QUESTEK (Tiếng Việt)
CATALOGUE QUESTEK (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
CATALOG KBVISION (Tiếng Việt)
Catalogue 2015
Catalogue 2015
Tl wr740 n-v4_user_guide_1910010682_vn
Tl wr740 n-v4_user_guide_1910010682_vn
CATALOGUE CAMERA GIÁM SÁT
CATALOGUE CAMERA GIÁM SÁT
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
HƯỚNG DẪN SỬ DỤNG ĐẦU GHI QTD-6108
Các loại cáp mạng
Các loại cáp mạng
Catalogue 10-2014-new
Catalogue 10-2014-new
Qtx 6404
Qtx 6404
Camera QTX-1210
Camera QTX-1210
Brochua đầu ghi hình QTD-6100 Series
Brochua đầu ghi hình QTD-6100 Series
NSRT: Dụng cụ tháo đầu báo
NSRT: Dụng cụ tháo đầu báo
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
SLV-24N: Đầu báo khói quang
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
PEX-xx: Bộ hiển thị phụ 5-210 zone cho tủ RPP, RPS, RPQ
HRA-1000: Hiển thị phụ cho TT HCP-1008E
HRA-1000: Hiển thị phụ cho TT HCP-1008E
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ABW: TT báo cháy 10-20 kênh
RPP-ECW: TT báo cháy 3-5 kênh
RPP-ECW: TT báo cháy 3-5 kênh
HCP-1008E: TT báo cháy 8-24 kênh
HCP-1008E: TT báo cháy 8-24 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
HCV-2/4/8: TT báo cháy 2,4,8 kênh
Recently uploaded
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
OnBoard
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
shyamraj55
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
Ridwan Fadjar
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
LBM Solutions
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
Scott Keck-Warren
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
Paola De la Torre
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
Padma Pradeep
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
soniya singh
Recently uploaded
(20)
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Slack Application Development 101 Slides
Slack Application Development 101 Slides
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
Ceh v5 module 15 hacking wireless networks
1.
Module XV Hacking Wireless
Networks Ethical Hacking Version 5
2.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Module Objective Concept of Wireless Networking Effects of Wireless Attacks on Business Types of Wireless Networks Wireless Standards Antennas Wireless Access Points SSID Setting up a WLAN Detecting a Wireless Network How to Access a WLAN Wired Equivalent Privacy Wi-Fi Protected Access Steps for Hacking Wireless Networks Cracking WEP Tools for Scanning Tools for Sniffing Securing Wireless Networks WIDZ and RADIUS This module will familiarize you with the following:
3.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Module Flow WEP Business and Wireless Attacks Wireless Access Points Antennas Wireless Standards Types of Wireless Networks SSID Setting up a WLAN How to Access a WLAN Scanning Tools Cracking WEP WPA Securing Wireless Networks Sniffing Tools WIDZ and RADIUS Detecting a Wireless Network Steps for Hacking Wireless NetworksWireless Networking
4.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Introduction to Wireless Networking Wireless networking technology is becoming increasingly popular and at the same time has introduced several security issues The popularity of wireless technology is driven by two primary factors: convenience and cost A Wireless Local Area Network (WLAN) allows workers to access digital resources without being locked to their desks Laptops can be carried to meetings, or even to Starbucks, and connected to a wireless network. This convenience has become more affordable
5.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wired Network vs. Wireless Network Wired networks offer more and better security options than wireless More thoroughly established standards with wired networks Wireless networks are much more equipment-dependent than wired networks Easier to implement security policies on wired networks
6.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Effects of Wireless Attacks on Business As more and more firms adopt wireless networks, security becomes more crucial Business is at high risk from whackers (wireless hackers) who do not require physical entry into a business network to hack, but can easily compromise the network with the help of freely available tools Warchalking, Wardriving, and Warflying are some of the ways in which a whacker can assess the vulnerability of a firm’s network
7.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Types of Wireless Network There are four basic types: • Peer-to-Peer • Extension to a wired network • Multiple access points • LAN-to-LAN wireless network
8.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Advantages and Disadvantages of a Wireless Network Advantages are: • Mobility (easy) • Cost-effective in the initial phase • Easy connection • Different ways to transmit data • Easy sharing Disadvantages are: • Mobility (insecure) • High cost post- implementation • No physical protection of networks • Hacking has become more convenient • Risk of data sharing is high
9.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Standards The first wireless standard was 802.11. It defines three physical layers: • Frequency Hopping Spread Spectrum (FHSS) • Direct Sequence Spread Spectrum (DSSS) • Infrared 802.11a: More channels, high speed, less interference 802.11b: Protocol of Wi-Fi revolution, de facto standard 802.11g: Similar to 802.11b, only faster 802.11i: Improves WLAN security 802.16: Long distance wireless infrastructure Bluetooth: Cable replacement option 900 MHz: Low speed, coverage, backward compatibility
10.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Standard: 802.11a Works at 40mhz, in the 5g hz range Theoretical transfer rates of up to 54 mpbs Actual transfer rates of about 26.4 mbps Limited in use because it is almost a line of sight transmittal that necessitates multiple WAPs (wireless access points) Cannot operate in same range as 802.11b/g Absorbed more easily than other wireless implementations
11.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Standard: 802.11b – “WiFi” Operates at 20 MHz, in the 2.4 GHz range Most widely used and accepted form of wireless networking Theoretical speeds of up to 11 mbps Actual speeds depend on implementation • 5.9 mbps when TCP (Transmission Control Protocol) is used (error checking) • 7.1 mbps when UDP (User Datagram Protocol) is used (no error checking) Can transmit up to 8 km in the city
12.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Standard: 802.11b - “WiFi” Not as easily absorbed as 802.11a signal Can cause or receive interference from: • Microwave ovens (microwaves in general) • Wireless telephones • Other wireless appliances operating in the same frequency
13.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Standard: 802.11g Operates at the same frequency range as 802.11b Theoretical throughput of 54 Mpbs Actual transmission rate is dependent on several factors, but averages 24.7 mbps Logical upgrade from 802.11b wireless networks – backwards compatibility Suffers from same limitations as 802.11b network System may suffer significant decrease in network speeds if network is not completely upgraded from 802.11b
14.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Standard: 802.11i 802.11i is a standard for wireless local area networks that provides improved encryption for networks that use the popular 802.11a, 802.11b & 802.11g standards The 802.11i standard was officially ratified by the IEEE in June of 2004 Security is made up of three factors: • 802.1x for Authentication (EAP and Authentication Server) • Robust Security Network (RSN) to keep track of associations • Counter-Mode/CBC-Mac Protocol (CCMP) to provide confidentiality, integrity, and origin authentication
15.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Standard: 802.11n The 802.11n standard, which will be based on multiple- in/multiple out (MIMO) technology, is expected to boost throughput to potentially well over 100 Mbps
16.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Antennas Antennas are very important for sending and receiving radio waves They convert electrical impulses into radio waves and vice versa There are two types of antennas: • Omni-directional antennas • Directional antennas Can antennas are also popular in the wireless community and are used mostly for personal use
17.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Cantenna – www.cantenna.com
18.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wireless Access Points An access point is a piece of wireless communications hardware that creates a central point of wireless connectivity Similar to a “hub,” the access point is a common connection point for devices in a wireless network Wireless access points must be deployed and managed in common areas of the campus, and they must be coordinated with telecommunications and network managers
19.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited SSID The SSID is a unique identifier that wireless networking devices use to establish and maintain wireless connectivity An SSID acts as a single shared identifier between access points and clients Security concerns arise when the default values are not changed, as these units can be easily compromised A non-secure access mode allows clients to connect to the access point using the configured SSID, a blank SSID, or an SSID configured as “any”
20.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Beacon Frames Beacon frames broadcast the SSID: • Help users locate available networks • Layer 2 management frames • Networks without BFs are called “closed networks”: – Simply means that the SSID is not broadcast anymore – Weak attempt at security through obscurity, to make the presence of the network less obvious – BSSIDs are revealed as soon as a single frame is sent by any member station – Mapping between SSIDs and BSSIDs is revealed by several management frames that are not encrypted
21.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Is the SSID a Secret? Stations looking for an access point send the SSID they are looking for in a "probe request" Access points answer with a "probe reply" frame, which contains the SSID and BSSID pair Stations wanting to become part of a BSS send an association request frame, which also contains the SSID/BSSID pair in cleartext: • As do reassociation requests (see next slides) and their response Therefore, the SSID remains secret only on closed networks with no activity Closed networks are mainly inconvenient to legitimate users
22.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Setting up a WLAN When setting up a WLAN, the channel and service set identifier (SSID) must be configured in addition to traditional network settings such as IP address and a subnet mask The channel is a number between 1 and 11 (between 1 and 13 in Europe) and it designates the frequency on which the network will operate The SSID is an alphanumeric string that differentiates networks operating on the same channel It is essentially a configurable name that identifies an individual network. These settings are important factors when identifying WLANs and sniffing traffic
23.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Detecting a Wireless Network Using an operating system, such as Windows XP or Mac with Airport, to detect available networks Using handheld PCs (Tool: MiniStumbler) Using passive scanners (Tool: Kismet, KisMAC) Using active beacon scanners (Tool: NetStumbler, MacStumbler, iStumbler)
24.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited How to Access a WLAN Use a laptop with a wireless NIC (WNIC) Configure the NIC to automatically set up its IP address, gateway, and DNS servers Use the software that came with the NIC to automatically detect and go online Run an intrusion detection system to check if the system is online An IDS alerts when the device gets any kind of network traffic An easier way to find access points (APs) is by running software such as Wi Fi Finder or NetStumbler
25.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Terminologies WarWalking – Walking around to look for open wireless networks Wardriving – Driving around to look for open wireless networks WarFlying – Flying around to look for open wireless networks WarChalking – Using chalk to identify available open networks Blue jacking – Temporarily hijacking another person’s cell phone using Bluetooth technology Global Positioning System (GPS) – Can also be used to help map the open networks that are found
26.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited WarChalking
27.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited WarChalking
28.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited WarChalking
29.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Authentication and Association To become part of a BSS, a station must first authenticate itself to the network: • Then, it will request association to a specific access point The access point is in charge of authentication and is accepting the association of the station: • Unless an add-on authentication system (e.g., Radius) is used MAC address is trusted as giving the correct identity of the station or access point: • How can this be abused?
30.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Authentication Modes Authentication is done by: • A station providing the correct SSID • Or, through "shared key authentication: – Access point and all base stations share a secret encryption key: – Difficult to deploy – Difficult to change – Difficult to keep secret – No accountability – Requires a station to encrypt with WEP a challenge text provided by the access point – An eavesdropper gains both the plaintext and the cyphertext: – Perform a known plaintext attack – This authentication helps to crack WEP encryption
31.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Authentication and (Dis)Association Attacks Any station can impersonate another station or access point and attack or interfere with the authentication and association mechanisms: • As these frames are not encrypted, the difficulty is trivial Disassociation and deauthentication frames: • A station receiving one of those frames must redo the authentication and association processes • With a single short frame, an attacker can delay the transmission of data and require the station and real access point to redo these processes: – This takes several frames to perform
32.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Rogue Access Points A rogue/unauthorized access point is one that is not authorized for operation by a particular firm or network Tools that can detect rogue/unauthorized access points include NetStumbler and MiniStumbler The two basic methods for locating rogue access points are: • Beaconing/requesting a beacon • Network sniffing: Looking for packets in the air
33.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Tools to Generate Rogue Access Points: Fake AP Fake AP provides the means of hiding in plain sight, making it unlikely for an organization to be discovered Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points Fake AP is a proof of concept released under the GPL Fake AP runs on Linux and BSD versions http://www.blackalchemy.to/project/fakeap/
34.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Tools to Detect Rogue Access Points: Netstumbler NetStumbler is a Windows utility for WarDriving written by MariusMilner Netstumbler is a high-level WLAN scanner. It operates by sending a steady stream of broadcast packets on all possible channels Access points (APs) respond to broadcast packets to verify their existence, even if beacons have been disabled NetStumbler displays: • Signal Strength • MAC Address • SSID • Channel details http://www.netstumbler.com
35.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Tools to Detect Rogue Access Points: MiniStumbler MiniStumbler is the smaller sibling of a free product called NetStumbler By default, most WLAN access points (APs) broadcast their Service Set Identifier (SSID) to anyone who will listen. This flaw in WLAN is used by MiniStumbler It can connect to a global positioning system (GPS) www.netstumbler.com
36.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wired Equivalent Privacy (WEP) WEP is a component of the IEEE 802.11 WLAN standards. Its primary purpose is to provide for confidentiality of data on wireless networks at a level equivalent to that of wired LANs Wired LANs typically employ physical controls to prevent unauthorized users from connecting to the network and viewing data. In a wireless LAN, the network can be accessed without physically connecting to the LAN IEEE chose to employ encryption at the data link layer to prevent unauthorized eavesdropping on a network. This is accomplished by encrypting data with the RC4 encryption algorithm
37.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wired Equivalent Privacy (cont’d) Cryptographic mechanism used to defend against threats Developed without : • Academic or public review • Review from cryptologists Has significant vulnerabilities and design flaws Only about a quarter to a third of wireless access points use WEP: • Tam et al. 2002 • Hamilton 2002 • Pickard and Cracknell 2001, 2003
38.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Wired Equivalent Privacy (cont’d) WEP is a stream cipher: • Uses RC-4 to produce a stream of bytes that are XORed with the plaintext • The input to the stream cipher algorithm is an "initial value" (IV) sent in plaintext and a secret key • IV is 24 bits long • Length of the secret is either 40 or 104 bits, for a total length for the IV and secret of 64 or 128 bits • Marketing publicized the larger number, implying that the secret was a 64 or 128 bit number, in a classical case of deceptive advertising: – How else can you call a protection that is 16.8 million times weaker than advertised?
39.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited What is WPA? WPA is not an official IEEE standard, but will be compatible with the upcoming 802.11i security standard WPA (Wi-Fi Protected Access) is a data encryption method for 802.11 WLANs WPA resolves the issue of weak WEP headers, which are called initialization vectors (IVs) WPA is designed to be a software upgrade With WPA, the rekeying of global encryption keys is required
40.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited WPA (cont’d) Wi-Fi Protected Access: • Stop-gap solution that solves issues related to the WEP encryption itself: – IVs are larger (48 bits instead of 24) – Shared key is used more rarely: – Used to negotiate and communicate "temporal keys" – "Temporal keys" are used to encrypt packets instead • Does not solve issues with the management frames • Collision avoidance mechanism can still be exploited • Can be supported by most of the 802.11b hardware
41.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited WPA Vulnerabilities Denial-of-service attack: • Attacker injects or corrupts packets • IV and message hash checked before MIC to reduce the number of false positives • Only way around this is to use WEP Pre-shared key dictionary attack: • Weak passphrase used to generate pre-shared key • 14 characters or less that form words • More than 14 characters that do not form words is almost impossible to crack
42.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited WEP, WPA, and WPA2 WEP is extremely weak and fails to meet any of its goals WPA fixes most of WEP’s problems, but adds some new vulnerabilities WPA2 is expected to make wireless networks as secure as wired networks
43.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Steps for Hacking Wireless Networks Step 1: Find networks to attack Step 2: Choose the network to attack Step 3: Analyze the network Step 4: Crack the WEP key Step 5: Sniff the network
44.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Step 1: Find Networks to Attack An attacker would first use NetStumbler to drive around and map out active wireless networks Using Netstumbler, the attacker locates a strong signal on the target WLAN Netstumbler not only has the ability to monitor all active networks in the area, but it also integrates with a GPS to map APs
45.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Step 2: Choose the Network to Attack At this point, the attacker has chosen his target NetStumbler or Kismet can tell him whether or not the network is encrypted
46.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Step 3: Analyzing the Network Example: • WLAN has no broadcasted SSID • NetStubmler tells you that SSID is ZXECCOUNCIL • Multiple access points are present • Open authentication method • WLAN is encrypted with 40bit WEP • WLAN is not using 802.1X
47.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Step 4: Cracking the WEP Key Attacker sets NIC drivers to Monitor Mode Begins capturing packets with Airodump Airodump quickly lists the available network with SSID and starts capturing packets After a few hours of Airodump session, launch Aircrack to start cracking! WEP key for ZXECCOUNCIL is now revealed!
48.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Step 5: Sniffing the Network Once the WEP key is cracked and the NIC is configured appropriately, the attacker is assigned an IP and can access the WLAN Attacker begins listening to traffic with Ethereal Look for plaintext protocols (in this case, FTP, POP, and Telnet)
49.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Cracking WEP Passive attacks: • The presence of the attacker does not change traffic, until WEP has been cracked Active attacks: • Active attacks increase the risk of being detected, but are more capable • If an active attack is reasonable (i.e., the risk of detection is disregarded), the goal is to stimulate traffic: – Collect more pads and uses of weak IVs – Some attacks require only one pad
50.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Weak Keys (a.k.a. Weak IVs) Some IVs can reveal information about the secret key depending upon how RC4 is used in WEP: • Mathematical details out of the scope of this material Attack • FMS (Fluhrer et al. 2001) cryptographic attack on WEP • Practicality demonstrated by Stubblefield et al. (2001) • Collection of the first encrypted octet of several million packets • Exploits: – WEPcrack (Rager 2001) – Airsnort (Bruestle et al. 2001) • Key can be recovered in under a second (after collecting the data)
51.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Problems with WEP’s Key Stream and Reuse Secret key never changes, only the initialization vectors Initialization vectors are sent unencrypted If two messages with the same initialization vector are intercepted it is possible to obtain the plaintext Initialization vectors are commonly reused Initialization vectors can be used up in less than 1 hour Attackers can inject a known plaintext and re-capture the ciphertext Leaves WEP susceptible to replay attacks
52.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Automated WEP Crackers AiroPeek (Commercial) • Easy-to-use, flexible, and sophisticated analyzer WEPCrack, AirSnort • Implementations of the FMA attack NetStumbler • This is a popular network discovery tool, with GPS support. It does not perform any cracking. A Mac OS equivalent is named "iStumbler" KisMAC • This is a Mac OS X tool for network discovery and cracking WEP with several different methods Kismet • Swiss-army knife
53.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Temporal Key Integrity Protocol (TKIP) Secret key created during 4-way handshake authentication Dynamically changes secret key Function used to create new keys based on the original secret key created during authentication Initialization vectors increased to 48 bits First 4 bits indicate QoS traffic class Remaining 44 bits are used as a counter Over 500 trillion key streams possible Initialization vectors are hashed Harder to detect key streams with the same initialization vectors
54.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited LEAP: The Lightweight Extensible Authentication Protocol Proprietary, closed solution: • Was started (without many details) by Cisco as unaffected by WEP vulnerabilities (Cisco 2002) LEAP conducts mutual authentication: • Client is assured that the access point is an authorized one • Uses per-session keys that can be renewed regularly: – Makes the collection of a pad or weak IVs more difficult – Secret key can be changed before the collection is complete • The user is authenticated, instead of the hardware: – MAC address access control lists are not needed • LEAP requires an authentication server (RADIUS) to support the access points
55.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited LEAP Attacks Dictionary attacks • Password-based scheme • Passwords should be guessable (Joshua Wright 2003) LEAP access points do not use weak IVs • Use MS-CHAP v2, show the same weaknesses as MS-CHAP (Wright 2003) • There are many variants of the Extensible Authentication Protocol, such as EAP-TLS and PEAP
56.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited MAC Sniffing and AP Spoofing Attackers can easily sniff MAC addresses because they must appear in the clear even when WEP is enabled Attackers can use those advantages in order to masquerade as a valid MAC address by programming the wireless card and getting into the wireless network and using the wireless pipes Spoofing MAC addresses is easy. Using packet-capturing software, attackers can determine a valid MAC address using one packet To perform a spoofing attack, an attacker must set up an access point (rogue) near the target wireless network or in a place where a victim may believe that wireless Internet is available
57.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Denial-of-Service Attacks Wireless LANs are susceptible to the same protocol-based attacks that plague wired LANs WLANs send information via radio waves on public frequencies, making them susceptible to inadvertent or deliberate interference from traffic using the same radio band Types of DoS attacks: • Physical Layer • Data-Link Layer • Network Layer
58.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited DoS Attack Tool: Fatajack Fatajack is a modified WLAN Jack that sends a deauth instead of an auth This tool highlights poor AP security and works by sending authentication requests to an AP with an inappropriate authentication algorithm and status code. This causes most to drop the relevant associated session
59.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Phone Jammers: Illustration Base Station Jammer Area
60.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Scanning Tools Redfang 2.5 Kismet THC-WarDrive PrismStumbler MacStumbler Mognet WaveStumbler StumbVerter AP Scanner SSID Sniff Wavemon Wireless Security Auditor AirTraf Wifi Finder AirMagnet
61.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Sniffing Tools AiroPeek NAI Wireless Sniffer Ethereal VPNmonitorl Aerosol v0.65 vxSniffer EtherPEG DriftNet WinDump ssidsniff
62.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Tool: AirPcap Features: • Complete Visibility on Your Wireless Networks • Portable and Versatile • Easy to Set up • Easy to Use • The Performance You Need • Ready to Power Your Application
63.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Securing Wireless Networks MAC Address Filtering This method uses a list of MAC addresses of client wireless network interface cards that are allowed to associate with the access point SSID (NetworkID) The first attempt to secure a wireless network was the use of Network ID (SSID). When a wireless client wants to associate with an access point, the SSID is transmitted during the process. The SSID is a seven-digit alphanumeric ID that is hard coded into the access point and the client device Firewalls Using a firewall to secure a wireless network is probably the only way to prevent unauthorized access Wireless networks that use infrared beams to transport data from one point to another are very secure
64.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Securing Wireless Networks (cont’d) Change the default SSID names, such as NETGEAR Add passwords to all devices on the wireless network Disable broadcasting on network access points Do not give the network a name that identifies your company, like EC-Council-NYC Move wireless access points away from windows Disable DHCP and use manual IP addresses Do not allow remote management of access points
65.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Securing Wireless Networks (cont’d) Use the built-in encryption at the access point Disable the features you don't use like printing and music support in the AP Upgrade your firmware regularly Put a firewall between the wireless network and other company computers on the network Encrypt data at the application protocol, for example, SSL Change all default settings for access points: • Such as the IP address Regularly test wireless network security Include VPN in your wireless security solutions
66.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Auditing Tool: BSD-Airtools BSD-Airtools is a package that provides a complete toolset for wireless 802.11b auditing It contains a bsd-based WEPCracking application, called dweputils, as well as kernel patches for NetBSD, OpenBSD, and FreeBSD It also contains a curses-based AP detection application similar to NetStumbler (dstumbler) that can be used to detect wireless access points and connected nodes, view signal to noise graphs, and interactively scroll through scanned APs and view statistics for each It also includes other tools to provide a complete toolset for making use of all 14 of the prism2 debug modes as well as do basic analysis of the hardware-based link-layer protocols provided by prism2's monitor debug mode http://www.dachb0den.com/projects/bsd-airtools.html
67.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited AirDefense Guard
68.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Radius: Used as Additional Layer in Security
69.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Google Secure Access Google Secure Access is a downloadable client application that allows users to establish a more secure WiFi connection Google Secure Access connects to Google's VPN ("Virtual Private Network") Google Secure Access encrypts your Internet traffic and sends it through Google's servers to the Internet. The data that is received will then be encrypted and sent back through Google’s servers to your computer
70.
EC-Council Copyright © by
EC-Council All Rights reserved. Reproduction is strictly prohibited Summary A wireless network enables a mobile user to connect to a LAN through a wireless (radio) connection Wired Equivalent Privacy (WEP), a security protocol, specified in the IEEE Wi-Fi standard, 802.11b, is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN WEP is vulnerable because of relatively short IVs and keys that remain static Even if WEP is enabled, an attacker can easily sniff MAC addresses as they appear in the clear format. Spoofing MAC addresses is also easy If an attacker holds wireless equipment near a wireless network, he could perform a spoofing attack by setting up an access point (rogue) near the target wireless network Wireless networks are extremely vulnerable to DoS attacks A variety of hacking and monitoring tools are available for wireless networks Wireless network security can include adopting a suitable strategy of MAC address filtering, firewalling, or a combination of protocol-based measures
Download now