This chapter discusses exploiting wireless networks. It begins by explaining wireless technology and standards such as 802.11. It describes the basic components of a wireless network including access points and service set identifiers. It then covers wireless authentication methods like Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA), and wireless hacking tools and techniques like wardriving. The goal is to help security professionals understand wireless networks and how attackers may exploit them.
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEric Vanderburg
The document describes the TCP/IP protocol stack and key networking concepts. It explains that TCP/IP has four layers - network, internet, transport, and application. The transport layer handles encapsulation and uses TCP for connection-oriented communication, while the internet layer handles packet routing between hosts using IP addresses. It also covers binary, octal, and hexadecimal numbering systems used in IP addressing and packet headers.
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric VanderburgEric Vanderburg
The document discusses tools for assessing vulnerabilities on Microsoft systems, including the Microsoft Baseline Security Analyzer (MBSA), Winfingerprint, and HFNetChk. It describes vulnerabilities in Microsoft operating systems and services like NetBIOS, SMB/CIFS, IIS, and SQL Server. The document provides best practices for securing Microsoft systems such as keeping systems patched, using antivirus software, enabling logging, and disabling unused services.
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEric Vanderburg
This document discusses Linux vulnerabilities and remote attacks. It describes the Linux file system and common vulnerabilities. Remote attack techniques covered include footprinting, social engineering, installing Trojan programs, buffer overflows, and using sniffers. Countermeasures include user awareness training, keeping systems updated with the latest patches, and writing secure code.
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
This document discusses the process of enumeration in ethical hacking. Enumeration extracts information about network resources, user accounts, and operating systems. It describes tools for enumerating Microsoft systems like Nbtstat, Netview, and Net use, as well as tools for NetWare like Novell Client32 and Nessus. For *NIX systems, common enumeration tools are Finger and Nessus. The goal of enumeration is to gather useful information about targets without authorization in the scope of a security assessment.
Ethical hacking Chapter 12 - Encryption - Eric VanderburgEric Vanderburg
The document discusses encryption and certificate management. It describes how certificates expire after a validity period, but can be renewed if the keys are still valid. Certificates can also be revoked for reasons like a user leaving a company or a private key being compromised. A Certificate Revocation List tracks revoked certificates. The document also outlines best practices for backing up keys and setting up a Microsoft Root Certificate Authority.
Ethical hacking Chapter 6 - Port Scanning - Eric VanderburgEric Vanderburg
This document discusses port scanning and various tools used for port scanning. It describes what port scanning is, different types of port scans like SYN and ACK scans, and popular port scanning tools like Nmap, Nessus, and Unicornscan. It also covers ping sweeps to identify active hosts and using shell scripting to automate security tasks.
The document discusses techniques for enumerating information from systems during the hacking process. It describes establishing null sessions to extract user names, shares, and other details without authentication. Tools like DumpSec, Netview, Nbtstat, GetAcct, and PS Tools are also covered as ways to enumerate users, groups, shares, permissions, and more from Windows and UNIX systems. The document also provides countermeasures like restricting null sessions and the anonymous user to protect against enumeration attacks.
security problems in the tcp/ip protocol suiteYash Kotak
Yash Kotak presented on security problems in the TCP/IP protocol suite. Some key issues discussed include TCP sequence number prediction attacks, routing vulnerabilities like source routing and RIP attacks, and vulnerabilities in protocols like ICMP, DNS, FTP, and SNMP. Defenses proposed include increasing TCP sequence number randomness, filtering routing information, encrypting authentication protocols, and implementing comprehensive authentication and encryption across network protocols.
Ethical hacking Chapter 2 - TCP/IP - Eric VanderburgEric Vanderburg
The document describes the TCP/IP protocol stack and key networking concepts. It explains that TCP/IP has four layers - network, internet, transport, and application. The transport layer handles encapsulation and uses TCP for connection-oriented communication, while the internet layer handles packet routing between hosts using IP addresses. It also covers binary, octal, and hexadecimal numbering systems used in IP addressing and packet headers.
Ethical hacking chapter 8 - Windows Vulnerabilities - Eric VanderburgEric Vanderburg
The document discusses tools for assessing vulnerabilities on Microsoft systems, including the Microsoft Baseline Security Analyzer (MBSA), Winfingerprint, and HFNetChk. It describes vulnerabilities in Microsoft operating systems and services like NetBIOS, SMB/CIFS, IIS, and SQL Server. The document provides best practices for securing Microsoft systems such as keeping systems patched, using antivirus software, enabling logging, and disabling unused services.
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEric Vanderburg
This document discusses Linux vulnerabilities and remote attacks. It describes the Linux file system and common vulnerabilities. Remote attack techniques covered include footprinting, social engineering, installing Trojan programs, buffer overflows, and using sniffers. Countermeasures include user awareness training, keeping systems updated with the latest patches, and writing secure code.
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
This document discusses the process of enumeration in ethical hacking. Enumeration extracts information about network resources, user accounts, and operating systems. It describes tools for enumerating Microsoft systems like Nbtstat, Netview, and Net use, as well as tools for NetWare like Novell Client32 and Nessus. For *NIX systems, common enumeration tools are Finger and Nessus. The goal of enumeration is to gather useful information about targets without authorization in the scope of a security assessment.
Ethical hacking Chapter 12 - Encryption - Eric VanderburgEric Vanderburg
The document discusses encryption and certificate management. It describes how certificates expire after a validity period, but can be renewed if the keys are still valid. Certificates can also be revoked for reasons like a user leaving a company or a private key being compromised. A Certificate Revocation List tracks revoked certificates. The document also outlines best practices for backing up keys and setting up a Microsoft Root Certificate Authority.
Ethical hacking Chapter 6 - Port Scanning - Eric VanderburgEric Vanderburg
This document discusses port scanning and various tools used for port scanning. It describes what port scanning is, different types of port scans like SYN and ACK scans, and popular port scanning tools like Nmap, Nessus, and Unicornscan. It also covers ping sweeps to identify active hosts and using shell scripting to automate security tasks.
The document discusses techniques for enumerating information from systems during the hacking process. It describes establishing null sessions to extract user names, shares, and other details without authentication. Tools like DumpSec, Netview, Nbtstat, GetAcct, and PS Tools are also covered as ways to enumerate users, groups, shares, permissions, and more from Windows and UNIX systems. The document also provides countermeasures like restricting null sessions and the anonymous user to protect against enumeration attacks.
security problems in the tcp/ip protocol suiteYash Kotak
Yash Kotak presented on security problems in the TCP/IP protocol suite. Some key issues discussed include TCP sequence number prediction attacks, routing vulnerabilities like source routing and RIP attacks, and vulnerabilities in protocols like ICMP, DNS, FTP, and SNMP. Defenses proposed include increasing TCP sequence number randomness, filtering routing information, encrypting authentication protocols, and implementing comprehensive authentication and encryption across network protocols.
The document discusses vulnerabilities in the Linux operating system and countermeasures to protect Linux systems from remote attacks. It describes how attackers can use tools like Nessus to discover vulnerabilities, deploy trojan programs, and create buffer overflows. It also provides recommendations for system administrators, including keeping systems updated with the latest patches, using rootkit detectors, and training users to avoid social engineering attacks.
The document discusses weaknesses in the TCP/IP protocol suite and solutions to address those weaknesses. It outlines security issues with IP, such as a lack of authentication, encryption, and traffic prioritization. Common attacks like spoofing, sniffing, and denial of service are described. Solutions proposed include using IPv6, IPSec, firewalls, and intrusion detection to authenticate devices, encrypt traffic, and monitor networks for attacks.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Firewalls can effectively protect networks from external threats while allowing access to outside networks. There are different types of firewalls that use packet filtering, application gateways, or circuit gateways. More complex firewall configurations provide multiple layers of defense by using screened subnets or dual-homed bastion hosts. Trusted systems aim to enhance security through mandatory access control and multilevel security models enforced by a reference monitor.
This document provides an overview of security tools and concepts for Linux systems. It discusses Linux file structure, basic commands, vulnerabilities, compiling programs, security tools like Nmap, Nessus, SARA, iptables firewall, password cracking with John the Ripper, intrusion detection with Snort, network monitoring tools like tcpdump, and security hardening techniques like chrooting. The document aims to familiarize the reader with fundamental Linux security topics.
The document provides information on various network defense tools. It begins by defining a computer network and listing common network types. It then discusses firewalls, describing them as software or hardware that checks incoming and outgoing information on a network. It lists the main types of firewalls as packet filters, application gateways, circuit gateways, and unified threat management. It provides details on each type, such as how packet filters use transport layer information to filter packets and how application gateways use proxies. The document also covers network address translation (NAT) and port forwarding.
The document provides an overview of computer networking fundamentals including:
- The seven layers of the OSI reference model and their functions from physical transmission to application interfaces.
- Reasons for using a layered networking model including modularity, interoperability, and error checking.
- Key networking concepts such as MAC addresses, connection-oriented vs. connectionless transmission, and data encapsulation.
This document provides instructions for setting up an internet connection using either a wired or wireless modem. It discusses the purpose of the lesson, which is to familiarize students with the tools used to set up an internet connection. It also defines what an Internet Service Provider (ISP) is and lists some of the leading ISPs in the country. The document outlines the materials needed and steps to set up a wired or wireless internet connection, including plugging the modem into an outlet, connecting an Ethernet cable between the modem and computer, and enabling the network connection on the computer. It includes tasks for students to design a poster of a networked connected to the internet and to present their output through a PowerPoint presentation.
The document discusses how unprotected Windows file shares can expose systems to exploitation. Malicious software like the Klez worm, Nimda worm, and Sircam virus spread rapidly in 2001 by accessing unprotected shares. The document outlines techniques attackers use like scanning for systems with port 445 open and exploiting weak or null passwords. Examples of malware discussed are the W32/Deloder, GT-bot, and W32/Slackor worms which use these techniques to spread. The document recommends disabling unnecessary shares, using strong unique passwords, and keeping anti-virus software up to date to prevent exploitation.
Network defenses include tools like firewalls, VPNs, and intrusion detection systems that help secure networks and protect them from cyber attacks. Firewalls act as barriers that control incoming and outgoing network traffic according to security policies. VPNs extend private networks over public networks through secure tunnels. Intrusion detection systems monitor network traffic and detect suspicious activity. Denial of service attacks aim to make network services unavailable by overwhelming them with malicious traffic. Distributed denial of service attacks use multiple compromised systems to launch large-scale attacks.
This document provides an overview of cyber security vulnerabilities and scanning. It defines what a vulnerability is, lists common types like buffer overflows and input validation issues. It explains what ports are and lists commonly used port numbers. It also defines packet sniffing and lists packet sniffers like Wireshark that can capture network traffic. It concludes by describing the packet analyzers TCPdump and Windump that can read and write network packets.
In computing, a firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted.
Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions.
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEric Vanderburg
This chapter discusses various types of network and computer attacks, including malicious software like viruses, worms, and trojans. It also covers denial of service attacks, buffer overflows, and session hijacking on networks. Additionally, the chapter emphasizes the importance of physical security measures to protect against keyloggers and restrict access to computer servers through locks and security cards.
The document provides an overview of IP Security (IPsec) which is a framework that allows secure communication between entities by authenticating and encrypting IP packets. It discusses IPsec architecture, security associations, authentication header, encapsulating security payload, and Internet key exchange. Key exchange protocols like Oakley and ISAKMP are used to establish security associations and negotiate encryption keys between communicating parties. The document also provides examples of IPsec in transport and tunnel mode as well as combinations of authentication and encryption.
The document provides an overview of network infrastructure components including networking hardware, software, and services. It then discusses several key network protocols including TCP, IP, routing protocols, and DNS. It provides details on the OSI model and describes each layer including typical functions, protocols, and vulnerabilities. For TCP and IP, it outlines the basic operation including packet formatting, connection establishment, flow control, congestion control, and error handling.
Ethical hacking Chapter 1 - Overview - Eric VanderburgEric Vanderburg
The document discusses ethical hacking and the role of ethical hackers. Ethical hackers are employed by companies to perform penetration tests to find vulnerabilities in a company's network. There are different penetration testing models like white box, black box, and gray box. Security testers can earn certifications from programs like CEH, CISSP, and OPST. Ethical hackers must understand what activities are legally allowed like penetration testing and what are not, such as installing viruses, as laws vary by location. It is important for ethical hackers to have a contract in place when performing security tests for a company.
A firewall filters network traffic between an organization's private network and the internet. It allows or blocks traffic based on predefined rules. A firewall includes components like packet filtering, NAT, stateful inspection. Benefits include protecting against threats like viruses, blocking unauthorized access, and hiding private network details.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
This document provides an overview of wireless networking standards and security. It describes wireless technology components like access points and wireless network interface cards. It explains wireless networking standards established by IEEE like 802.11b, 802.11g, and 802.11n. The document also covers wireless authentication methods including wired equivalent privacy (WEP), Wi-Fi protected access (WPA), 802.1X, and protocols like EAP, PPP, and CHAP. It discusses vulnerabilities of early security standards and improvements made by newer standards to strengthen wireless network security.
The document discusses wireless local area networks (WLANs) and the IEEE 802.11 standards. It provides an overview of wireless technology, outlines the 802.11 standards including 802.11a, 802.11b, 802.11g, security features, and challenges. It also summarizes how WLANs integrate with existing networks through access points and allow roaming between coverage areas.
The document discusses vulnerabilities in the Linux operating system and countermeasures to protect Linux systems from remote attacks. It describes how attackers can use tools like Nessus to discover vulnerabilities, deploy trojan programs, and create buffer overflows. It also provides recommendations for system administrators, including keeping systems updated with the latest patches, using rootkit detectors, and training users to avoid social engineering attacks.
The document discusses weaknesses in the TCP/IP protocol suite and solutions to address those weaknesses. It outlines security issues with IP, such as a lack of authentication, encryption, and traffic prioritization. Common attacks like spoofing, sniffing, and denial of service are described. Solutions proposed include using IPv6, IPSec, firewalls, and intrusion detection to authenticate devices, encrypt traffic, and monitor networks for attacks.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
Firewalls can effectively protect networks from external threats while allowing access to outside networks. There are different types of firewalls that use packet filtering, application gateways, or circuit gateways. More complex firewall configurations provide multiple layers of defense by using screened subnets or dual-homed bastion hosts. Trusted systems aim to enhance security through mandatory access control and multilevel security models enforced by a reference monitor.
This document provides an overview of security tools and concepts for Linux systems. It discusses Linux file structure, basic commands, vulnerabilities, compiling programs, security tools like Nmap, Nessus, SARA, iptables firewall, password cracking with John the Ripper, intrusion detection with Snort, network monitoring tools like tcpdump, and security hardening techniques like chrooting. The document aims to familiarize the reader with fundamental Linux security topics.
The document provides information on various network defense tools. It begins by defining a computer network and listing common network types. It then discusses firewalls, describing them as software or hardware that checks incoming and outgoing information on a network. It lists the main types of firewalls as packet filters, application gateways, circuit gateways, and unified threat management. It provides details on each type, such as how packet filters use transport layer information to filter packets and how application gateways use proxies. The document also covers network address translation (NAT) and port forwarding.
The document provides an overview of computer networking fundamentals including:
- The seven layers of the OSI reference model and their functions from physical transmission to application interfaces.
- Reasons for using a layered networking model including modularity, interoperability, and error checking.
- Key networking concepts such as MAC addresses, connection-oriented vs. connectionless transmission, and data encapsulation.
This document provides instructions for setting up an internet connection using either a wired or wireless modem. It discusses the purpose of the lesson, which is to familiarize students with the tools used to set up an internet connection. It also defines what an Internet Service Provider (ISP) is and lists some of the leading ISPs in the country. The document outlines the materials needed and steps to set up a wired or wireless internet connection, including plugging the modem into an outlet, connecting an Ethernet cable between the modem and computer, and enabling the network connection on the computer. It includes tasks for students to design a poster of a networked connected to the internet and to present their output through a PowerPoint presentation.
The document discusses how unprotected Windows file shares can expose systems to exploitation. Malicious software like the Klez worm, Nimda worm, and Sircam virus spread rapidly in 2001 by accessing unprotected shares. The document outlines techniques attackers use like scanning for systems with port 445 open and exploiting weak or null passwords. Examples of malware discussed are the W32/Deloder, GT-bot, and W32/Slackor worms which use these techniques to spread. The document recommends disabling unnecessary shares, using strong unique passwords, and keeping anti-virus software up to date to prevent exploitation.
Network defenses include tools like firewalls, VPNs, and intrusion detection systems that help secure networks and protect them from cyber attacks. Firewalls act as barriers that control incoming and outgoing network traffic according to security policies. VPNs extend private networks over public networks through secure tunnels. Intrusion detection systems monitor network traffic and detect suspicious activity. Denial of service attacks aim to make network services unavailable by overwhelming them with malicious traffic. Distributed denial of service attacks use multiple compromised systems to launch large-scale attacks.
This document provides an overview of cyber security vulnerabilities and scanning. It defines what a vulnerability is, lists common types like buffer overflows and input validation issues. It explains what ports are and lists commonly used port numbers. It also defines packet sniffing and lists packet sniffers like Wireshark that can capture network traffic. It concludes by describing the packet analyzers TCPdump and Windump that can read and write network packets.
In computing, a firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted.
Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions.
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEric Vanderburg
This chapter discusses various types of network and computer attacks, including malicious software like viruses, worms, and trojans. It also covers denial of service attacks, buffer overflows, and session hijacking on networks. Additionally, the chapter emphasizes the importance of physical security measures to protect against keyloggers and restrict access to computer servers through locks and security cards.
The document provides an overview of IP Security (IPsec) which is a framework that allows secure communication between entities by authenticating and encrypting IP packets. It discusses IPsec architecture, security associations, authentication header, encapsulating security payload, and Internet key exchange. Key exchange protocols like Oakley and ISAKMP are used to establish security associations and negotiate encryption keys between communicating parties. The document also provides examples of IPsec in transport and tunnel mode as well as combinations of authentication and encryption.
The document provides an overview of network infrastructure components including networking hardware, software, and services. It then discusses several key network protocols including TCP, IP, routing protocols, and DNS. It provides details on the OSI model and describes each layer including typical functions, protocols, and vulnerabilities. For TCP and IP, it outlines the basic operation including packet formatting, connection establishment, flow control, congestion control, and error handling.
Ethical hacking Chapter 1 - Overview - Eric VanderburgEric Vanderburg
The document discusses ethical hacking and the role of ethical hackers. Ethical hackers are employed by companies to perform penetration tests to find vulnerabilities in a company's network. There are different penetration testing models like white box, black box, and gray box. Security testers can earn certifications from programs like CEH, CISSP, and OPST. Ethical hackers must understand what activities are legally allowed like penetration testing and what are not, such as installing viruses, as laws vary by location. It is important for ethical hackers to have a contract in place when performing security tests for a company.
A firewall filters network traffic between an organization's private network and the internet. It allows or blocks traffic based on predefined rules. A firewall includes components like packet filtering, NAT, stateful inspection. Benefits include protecting against threats like viruses, blocking unauthorized access, and hiding private network details.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
This document provides an overview of wireless networking standards and security. It describes wireless technology components like access points and wireless network interface cards. It explains wireless networking standards established by IEEE like 802.11b, 802.11g, and 802.11n. The document also covers wireless authentication methods including wired equivalent privacy (WEP), Wi-Fi protected access (WPA), 802.1X, and protocols like EAP, PPP, and CHAP. It discusses vulnerabilities of early security standards and improvements made by newer standards to strengthen wireless network security.
The document discusses wireless local area networks (WLANs) and the IEEE 802.11 standards. It provides an overview of wireless technology, outlines the 802.11 standards including 802.11a, 802.11b, 802.11g, security features, and challenges. It also summarizes how WLANs integrate with existing networks through access points and allow roaming between coverage areas.
The document discusses wireless local area networks (WLANs) and the IEEE 802.11 standards. It provides an overview of wireless technology, outlines the 802.11 standards including 802.11a, 802.11b, 802.11g, security features, and challenges. It also summarizes how WLANs integrate with existing networks through access points and allow roaming between coverage areas.
The document discusses wireless local area networks (WLANs), including an overview of common WLAN standards such as 802.11b, 802.11a, and 802.11g. It covers topics such as how WLANs integrate with existing wired networks using access points, security considerations for WLANs, and factors to consider when migrating to a wireless network such as performing a site survey.
The document outlines a presentation on wireless technology and migrating to wireless LANs. It discusses key topics such as the IEEE 802.11 standards, securing wireless LANs, and considerations for cutting the cord to wired networks. An overview of wireless LAN technologies like 802.11a, 802.11b, 802.11g is provided along with their advantages and disadvantages. The presentation also covers wireless LAN fundamentals, security issues, and best practices for planning a wireless network migration through access point placement and site surveys.
The document discusses Wi-Fi technology, including its standards, architecture, security techniques, and applications. It describes the IEEE 802.11 standards for Wi-Fi networks, including 802.11b, 802.11a, and 802.11g. It outlines the basic components of a Wi-Fi network including access points, Wi-Fi cards, and security measures. It also summarizes common Wi-Fi network configurations, topologies, and applications as well as security techniques such as SSID, WEP, WPA, and 802.1x access control.
This document provides an overview of wireless communication and networking. It defines wireless communication and discusses wireless network topologies and integration with wired networks. It describes the IEEE 802.11 wireless standards including 802.11a, 802.11b, 802.11g and 802.11n. It also discusses wireless networking devices such as access points, wireless LAN controllers, and bridges. Finally, it covers common wireless security measures including SSID hiding, MAC address filtering, static IP addressing, 802.1X authentication, WEP, WPA, and WPA2 encryption.
The document discusses wireless local area networks (WLANs) and the IEEE 802.11 standard. It provides an overview of wired and wireless LANs, the development and specifications of IEEE 802.11, and differences between wireless and wired networks that 802.11 addresses like power management, security, and bandwidth. It also covers wireless LAN topologies, media access control, security issues, and physical layer standards defined in original 802.11 like frequency hopping spread spectrum and direct sequence spread spectrum.
The document discusses wireless networks and wireless local area networks (WLANs). It provides an overview of wireless technology, IEEE 802.11 WLAN standards including 802.11a, 802.11b, security considerations, and migrating to wireless networks. The key topics covered include how wireless LANs work and differ from wired LANs, common network topologies, hardware requirements, and performance comparisons between the different 802.11 standards.
Wi-Fi uses radio waves to transmit data through the air according to the IEEE 802.11 standards. It allows computers and other devices to connect to the internet and each other wirelessly. The 802.11 standards include 802.11b, 802.11a, 802.11g, 802.11n, and 802.11ac which provide different speeds and capabilities. Wi-Fi networks use access points, wireless cards, and security protocols like WEP, WPA, and WPA2 to transmit data securely between devices over short ranges.
The document discusses best practices for wireless LAN deployment and security. It covers wireless concepts and standards, security issues with wireless networks like weak encryption and rogue access points, and common attacks. It also provides countermeasures like using encryption, limiting the broadcast range of access points, implementing authentication, and monitoring for unauthorized devices on the network.
Wireless networking technology uses wireless stations like computers or devices with radios to transmit and receive data without wires. There are two main types of wireless networks: infrastructure networks with an access point that devices connect to and ad-hoc peer-to-peer networks without an access point where devices connect directly. Wireless networks use radio frequencies and transmission methods like frequency hopping spread spectrum or direct sequence spread spectrum to transmit data over the air. Newer standards are developing technologies like MIMO that use multiple antennas to improve wireless network performance and speeds.
1. Wireless networking uses radio waves rather than cables to connect devices in a network. It provides mobility and flexibility but is susceptible to interference.
2. Common wireless technologies include infrared and radio frequency. Wireless local area networks (WLANs) extend the boundaries of a wired network using access points.
3. Security measures for WLANs include encryption, authentication, limiting access through MAC address filtering, and following best practices like changing default passwords and enabling strong encryption.
Wi-Fi is a wireless technology that uses radio frequencies to transmit data through the air based on the 802.11 standard. Security for Wi-Fi networks has evolved from the basic WEP encryption to WPA and WPA2, which provide stronger encryption through the use of keys, authentication, and integrity checks. Additional security measures for Wi-Fi networks include blocking the SSID, changing default passwords, MAC filtering, firewalls, VPNs, and protocols like Kerberos that authenticate nodes and check for modifications to data.
Wi-Fi is a wireless technology that uses radio waves to transmit data. It uses various IEEE 802.11 standards including 802.11a, 802.11b, and 802.11g. The Wi-Fi Alliance certifies products for interoperability. Early Wi-Fi had speeds up to 11Mbps but newer standards allow speeds up to 54Mbps. Security measures for Wi-Fi networks include WEP, WPA, WPA2, MAC filtering, VPNs, firewalls, and hiding the SSID. While Wi-Fi provides mobility and flexibility over wired networks, it also has limitations such as slower speeds, shorter ranges, and less security.
This document discusses wireless communications and ad hoc networks. It begins with an introduction to wireless communications, including the generations of wireless technologies and electromagnetic spectrum used. It then covers wireless computer networks, focusing on wireless local area networks (WLANs) and transmission techniques like infrared and spread spectrum. The document explains the IEEE 802.11 standard architecture, including components like access points, basic service sets, and extended service sets. It discusses security issues and considerations for wireless networks. Finally, it defines ad hoc networks as decentralized peer-to-peer networks without a central access point, set up temporarily to meet immediate needs.
This document discusses wireless communications and ad hoc networks. It begins with an introduction to wireless communications, including the generations of wireless technologies and the electromagnetic spectrum used. It then covers wireless computer networks, focusing on wireless local area networks (WLANs) and describing the IEEE 802.11 standard architecture. This includes components like access points, basic service sets, and extended service sets. It also discusses security issues with wireless networks and ad hoc networks, which are decentralized peer-to-peer networks without a central access point. In the end, it provides some references for further reading on these topics.
Similar to Ethical hacking Chapter 11 - Exploiting Wireless Networks - Eric Vanderburg (20)
GDPR, Data Privacy and Cybersecurity - MIT SymposiumEric Vanderburg
GDPR, Data Privacy, and Cybersecurity presented by Eric Vanderburg and Stephanie Gruber at the MIT Chief Data Officer Information Quality Symposium on July 20, 2018.
Robin Systems VP of Products Razi Sharir sits down with Cybersecurity Expert Eric Vandenburg for a chat about modern datacenter and hybrid cloud security challenges and considerations in the context of Equifax breach.
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
Timothy Opsitnick and Eric Vanderburg of TCDI presented at the Risk Management Society's 2017 Northeast Ohio Regional Conference on Cybersecurity incident response strategies and tactics.
Mobile device usage has skyrocketed in enterprises and so have the risks. Eric Vanderburg and Trevor Tucker discuss the evidentiary value of mobile forensics, its limitations, and how cybersecurity can ensure the processes, procedures, and controls necessary to protect mobile devices and organizational data. This helps companies and attorneys to be better prepared for investigations and associated legal implications of mobile use in the enterprise.
2017 March ISACA Security Challenges with the Internet of Things - Eric Vande...Eric Vanderburg
The document discusses security challenges with the Internet of Things (IoT). It notes that while IoT usage is growing, security has not kept pace, leaving many devices vulnerable to attacks. Common threats discussed are distributed denial of service attacks using compromised IoT devices, ransomware targeting IoT, surveillance through insecure cameras and assistants, backdoors in device firmware, data breaches exposing private information, and botnets of hijacked IoT devices used to launch attacks. The document advocates for securing IoT through built-in security practices, segmentation, access control, patching, and disabling unused functions.
Ransomware has troubled many individuals and companies and it has been called the greatest malware threat of 2016. Learn how it works and how to protect yourself.
This document discusses Japan's position regarding emerging technologies such as information technology, the human genome project, and nanotechnology. It notes that while Japan was an early leader in concepts like a fiber optic network and human genome mapping, it failed to maintain leads in these areas due to lack of sustained governmental support and inconsistent funding. Currently, Japan is a top investor in nanotechnology but has fewer startups than the US; maintaining leadership will depend on supporting infrastructure and applying its materials expertise to drive more products to market.
This document discusses principles of technology management. It defines technology management as leveraging technology components to maximize economic gains by managing challenges posed by emerging technologies from research to commercialization. It notes competitiveness is key. It also discusses methods of acquiring technology, such as internal R&D, technological learning, and alliances. Factors that determine international competitiveness include a country's technology trajectory, barriers to entry, pace of innovation, macroeconomic environment, and Porter's Diamond model relating to firm strategy, demand conditions, supporting industries, and factor conditions.
Japanese railway technology dates back to the Meiji Era when Japan sought foreign technology from Britain and Germany. A key milestone was the 1964 development of the Tokaido Shinkansen, which became the fastest train in the world at 200km/h and helped transform Japan's railway system. Before the Shinkansen, 60 trains carried 60,000 passengers daily between Tokyo and Osaka, but now 285 trains carry 360,000 passengers daily with significant time savings and economic benefits. The Shinkansen system prioritizes speed, safety, reliability, and large transport capacity through features like elevated tracks, automated stopping controls, and rigorous maintenance practices.
Evaluating japanese technological competitivenessEric Vanderburg
This document analyzes Japan's technological competitiveness. It finds that while Japan faces economic challenges, it remains competitive in niche markets and product innovation. Japan spends a high percentage of its GDP on research and development, focusing on applied research and incremental improvements. This approach, along with strong industrial clusters and a commitment to quality, has allowed Japan to capture significant global market shares in various niche technology areas.
Japanese current and future technology management challengesEric Vanderburg
This document discusses Japan's current and future technology management challenges across various sectors. It outlines Japan's large-scale projects and research in areas like nuclear energy, space development, aviation, marine development, life sciences, and computer sciences. While Japan has had some successes, it also faces ongoing challenges with safety, cost, and developing breakthrough technologies to solve major problems. The document concludes by noting that Japan has established public and private business incubators, but the results have not been very encouraging so far.
This document provides an overview of robotics management in Japan. It discusses the history of robots beginning with Isaac Asimov coining the term "robotics" in 1942 and establishing three laws of robotics. Japan became a leader in robotics through manga influences and the growth of its robot industry in the 1970s. Today, Japan produces and uses more industrial robots than any other country, with major robotics firms like Sony, Honda, and Toyota. The document outlines various uses for robots and recent innovations from Japanese researchers. It predicts continued growth in markets like domestic robots and notes Japan's strategies to maintain leadership through constant innovation.
An unauthorized individual accessed private confidential data on an FTP server, triggering an incident response. The response team needed to determine how the data was accessed, scope the incident, and identify impacted stakeholders. They then took steps to contain the incident by blocking IP addresses, shutting down the FTP server, changing credentials, and moving servers. The team also restored data from backups and requested clients resend information. Post-incident activities included meetings with management and IT to prevent future occurrences through measures like shortening timeouts, adding alerts and encryption, and restricting FTP server access.
The Prescription for Protection - Avoid Treatment Errors To The Malware ProblemEric Vanderburg
Malware is an ailment many companies suffer from but the prescription for protection is simpler than you think. In this presentation, Vanderburg and Salamakha apply the five rights for avoiding drug errors to the malware problem at the Advanced Persistent Threats Summit.
1) Right client – Authentication
2) Right route – Gaps and strategies
3) Right drug – Security controls
4) Right dose – Security/business balance
5) Right time – Staying up to date.
Stay healthy, stay safe.
Cloud Storage and Security: Solving Compliance ChallengesEric Vanderburg
This document discusses challenges and best practices for cloud storage and security. It begins by introducing the panelists and outlining the topics to be discussed, which include realities and pain points of cloud storage, how and where cloud security could be compromised, navigating legal and regulatory compliance, and recommendations for deploying the right cloud storage strategy. Key points made include that sensitive data is often stored in the cloud without visibility, cloud breaches and unauthorized access are concerns, and regulations like GDPR and ISO 27001 provide security standards to consider. The document emphasizes knowing cloud vendors, evaluating costs and benefits, and establishing secure data management practices throughout the data lifecycle.
This document summarizes a presentation on hacktivism given by Eric Vanderburg. It defines hacktivism as hacking to promote a political, religious, or social ideology. It discusses how technology and anonymity on the internet have enabled hacktivist groups like Anonymous and LulzSec to conduct cyberattacks. Common hacktivist tactics discussed include DDoS attacks, website defacement, negative SEO, doxxing, and information disclosure. The document advises organizations to assess their culture and risks from hacktivism through background checks, social engineering tests, and limiting social media use.
Correct the most common web development security mistakes - Eric VanderburgEric Vanderburg
The document discusses common web development security mistakes and how to correct them. It covers security misconfiguration, unrestricted URL access, unvalidated redirects and forwards, direct object references, insecure storage of sensitive data, and insufficient transport layer protection. Mistakes in these areas can allow attackers to access unauthorized data and functionality. The document provides techniques to protect against these risks, such as verifying system configurations, restricting access by URL and role, validating redirect targets, encrypting sensitive data storage and transmissions, and more.
Deconstructing website attacks - Eric VanderburgEric Vanderburg
The document discusses various types of website attacks such as injection attacks, cross-site scripting, session management attacks, and object reference attacks. It provides details on the nature of each attack, their potential impacts, and techniques for protecting against them. Some key points are that the average breach costs $214 per record and $7.2 million per incident, while the US is increasing cybersecurity funding by 35% to $548 million. Injection attacks can allow access to entire databases or operating systems if not properly protected against with input validation and encoding. Cross-site scripting can steal user data or install malware if raw user input is reflected in outputs. The document recommends output encoding and validating all user input to prevent attacks.
Malware is a significant threat as it provides a way for an attacker to use your machine for nefarious means or take data from you and those connected to you. Learn how to combat this threat and protect yourself.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Introducing Milvus Lite: Easy-to-Install, Easy-to-Use vector database for you...Zilliz
Join us to introduce Milvus Lite, a vector database that can run on notebooks and laptops, share the same API with Milvus, and integrate with every popular GenAI framework. This webinar is perfect for developers seeking easy-to-use, well-integrated vector databases for their GenAI apps.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
2. Objectives
Explain wireless technology
Describe wireless networking standards
Describe the process of authentication
Describe wardriving
Describe wireless hacking and tools used by hackers and
security professionals
3. Understanding Wireless
Technology
For a wireless network to function, you must have the right
hardware and software
Wireless technology is part of our lives
Baby monitors
Cell and cordless phones
Pagers
GPS
Remote controls
Garage door openers
Two-way radios
Wireless PDAs
4. Components of a Wireless
Network
A wireless network has only three basic components
Access Point (AP)
Wireless network interface card (WNIC)
Ethernet cable
5. Access Points
An access point (AP) is a transceiver that connects to an
Ethernet cable
It bridges the wireless network with the wired network
Not all wireless networks connect to a wired network
Most companies have WLANs that connect to their wired network
topology
The AP is where channels are configured
An AP enables users to connect to a LAN using wireless
technology
An AP is available only within a defined area
6. Service Set Identifiers (SSIDs)
Name used to identify the wireless local area network (WLAN)
The SSID is configured on the AP
Unique 1- to 32-character alphanumeric name
Name is case sensitive
Wireless computers need to configure the SSID before
connecting to a wireless network
SSID is transmitted with each packet
Identifies which network the packet belongs
The AP usually broadcasts the SSID
7. Service Set Identifiers (SSIDs)
(continued)
Many vendors have SSIDs set to a default value that
companies never change
An AP can be configured to not broadcast its SSID until after
authentication
Wireless hackers can attempt to guess the SSID
Verify that your clients or customers are not using a default SSID
8. Configuring an Access Point
Configuring an AP varies depending on the hardware
Most devices allow access through any Web browser
Steps for configuring a D-Link wireless router
Enter IP address on your Web browser and provide your user logon
name and password
After a successful logon you will see the device’s main window
Click on Wireless button to configure AP options
SSID
Wired Equivalent Privacy (WEP) keys
9. Configuring an Access Point
(continued)
Steps for configuring a D-Link wireless router (continued)
Turn off SSID broadcast
Disabling SSID broadcast is not enough to protect your WLAN
You must also change your SSID
10. Wireless NICs
For wireless technology to work, each node or computer must have
a wireless NIC
NIC’s main function
Converting the radio waves it receives into digital signals the computer
understands
There are many wireless NICs on the market
Choose yours depending on how you plan to use it
Some tools require certain specific brands of NICs
11. Understanding Wireless Network
Standards
A standard is a set of rules formulated by an organization
Institute of Electrical and Electronics Engineers (IEEE)
Defines several standards for wireless networks
12. Institute of Electrical and
Electronics Engineers (IEEE)
Working group (WG)
Standards
A group of people from the electrical and electronics industry
that meet to create a standard
Sponsor Executive Committee (SEC)
Group that reviews and approves proposals of new standards
created by a WG
Standards Review Committee (RevCom)
Recommends proposals to be reviewed by the IEEE Standards
Board
IEEE Standards Board
Approves proposals to become new standards
13. The 802.11 Standard
The first wireless technology standard
Defined wireless connectivity at 1 Mbps and 2 Mbps within a LAN
Applied to layers 1 and 2 of the OSI model
Wireless networks cannot detect collisions
Carrier sense multiple access/collision avoidance (CSMA/CA) is used
instead of CSMA/CD
Wireless LANs do not have an address associated with a physical
location
An addressable unit is called a station (STA)
14. The Basic Architecture of 802.11
802.11 uses a basic service set (BSS) as its building block
Computers within a BSS can communicate with each others
To connect two BSSs, 802.11 requires a distribution system (DS) as an
intermediate layer
An access point (AP) is a station that provides access to the DS
Data moves between a BSS and the DS through the AP
15. The Basic Architecture of 802.11
(continued)
IEEE 802.11 also defines the operating frequency range of 802.11
In the United States, it is 2.400 to 2.4835 GHz
Each frequency band contains channels
A channel is a frequency range
The 802.11 standard defines 79 channels
If channels overlap, interference could occur
16. The Basic Architecture of 802.11
(continued)
Other terms
Wavelength
Frequency
Cycle
Hertz or cycles per second
Bands
17. An Overview of Wireless
Technologies Infrared (IR)
Infrared light can’t be seen by the human eye
IR technology is restricted to a single room or line of sight
IR light cannot penetrate walls, ceilings, or floors
Narrowband
Uses microwave radio band frequencies to transmit data
Popular uses
Cordless phones
Garage door openers
18. An Overview of Wireless
Technologies (continued)
Spread Spectrum
Modulation defines how data is placed on a carrier signal
Data is spread across a large-frequency bandwidth instead of
traveling across just one frequency band
Methods
Frequency-hopping spread spectrum (FHSS)
Direct sequence spread spectrum (DSSS)
Orthogonal frequency division multiplexing (OFDM)
19. IEEE Additional 802.11 Projects
802.11a
Created in 1999
Operating frequency range changed from 2.4 GHz to 5 GHz
Throughput increased from 11 Mbps to 54 Mbps
Bands or frequencies
Lower band—5.15 to 5.25 GHz
Middle band—5.25 to 5.35 GHz
Upper band—5.75 to 5.85 GHz
20. IEEE Additional 802.11 Projects
(continued)
802.11b
Operates in the 2.4 GHz range
Throughput increased from 1 or 2 Mbps to 11 Mbps
Also referred as Wi-Fi (wireless fidelity)
Allows for 11 channels to prevent overlapping signals
Effectively only three channels (1, 6, and 11) can be used in combination
without overlapping
Introduced Wired Equivalent Privacy (WEP)
21. IEEE Additional 802.11 Projects
(continued)
802.11e
It has improvements to address the problem of interference
When interference is detected, signals can jump to another frequency more
quickly
802.11g
Operates in the 2.4 GHz range
Uses OFDM for modulation
Throughput increased from 11 Mbps to 54 Mbps
22. IEEE Additional 802.11 Projects
(continued)
802.11i
Introduced Wi-Fi Protected Access (WPA)
Corrected many of the security vulnerabilities of 802.11b
802.15
Addresses networking devices within one person’s workspace
Called wireless personal area network (WPAN)
Bluetooth is a common example
23. IEEE Additional 802.11 Projects
(continued)
802.16
Addresses the issue of wireless metropolitan area networks (MANs)
Defines the WirelessMAN Air Interface
It will have a range of up to 30 miles
Throughput of up to 120 Mbps
802.20
Addresses wireless MANs for mobile users who are sitting in trains,
subways, or cars traveling at speeds up to 150 miles per hour
24. IEEE Additional 802.11 Projects
(continued)
Bluetooth
Defines a method for interconnecting portable devices without wires
Maximum distance allowed is 10 meters
It uses the 2.45 GHz frequency band
Throughput of up to 12 Mbps
HiperLAN2
European WLAN standard
It is not compatible with 802.11 standards
25. Understanding Authentication
An organization that introduces wireless technology to the mix
increases the potential for security problems
26. The 802.1X Standard
Defines the process of authenticating and authorizing users on a
WLAN
Addresses the concerns with authentication
Basic concepts
Point-to-Point Protocol (PPP)
Extensible Authentication Protocol (EAP)
Wired Equivalent Privacy (WEP)
Wi-Fi Protected Access (WPA)
27. Point-to-Point Protocol (PPP)
Many ISPs use PPP to connect dial-up or DSL users
PPP handles authentication by requiring a user to enter a valid user
name and password
PPP verifies that users attempting to use the link are indeed who
they say they are
28. Extensible Authentication Protocol
(EAP)
EAP is an enhancement to PPP
Allows a company to select its authentication method
Certificates
Kerberos
Certificate
Record that authenticates network entities
It contains X.509 information that identifies the owner, the certificate
authority (CA), and the owner’s public key
29. Extensible Authentication Protocol
(EAP) (continued)
EAP methods to improve security on a wireless networks
Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)
Protected EAP (PEAP)
Microsoft PEAP
802.1X components
Supplicant
Authenticator
Authentication server
30. Wired Equivalent Privacy (WEP)
Part of the 802.11b standard
It was implemented specifically to encrypt data that traversed a
wireless network
WEP has many vulnerabilities
Works well for home users or small businesses when combined with a
Virtual Private Network (VPN)
31. Wi-Fi Protected Access (WPA)
Specified in the 802.11i standard
It is the replacement for WEP
WPA improves encryption by using Temporal Key Integrity
Protocol (TKIP)
TKIP is composed of four enhancements
Message Integrity Check (MIC)
Cryptographic message integrity code
Main purpose is to prevent forgeries
Extended Initialization Vector (IV) with sequencing rules
Implemented to prevent replays
32. Wi-Fi Protected Access (WPA)
(continued)
TKIP enhancements (continued)
Per-packet key mixing
It helps defeat weak key attacks that occurred in WEP
MAC addresses are used in creating an intermediate key
Rekeying mechanism
It provides fresh keys that help prevent attacks that relied on reusing old keys
WPA also adds an authentication mechanism implementing 802.1X
and EAP
33. Understanding Wardriving
Hackers use wardriving
Driving around with inexpensive hardware and software that enables
them to detect access points that haven’t been secured
Wardriving is not illegal
But using the resources of these networks is illegal
Warflying
Variant where an airplane is used instead of a car
34. How It Works
An attacker or security tester simply drives around with the following
equipment
Laptop computer
Wireless NIC
An antenna
Software that scans the area for SSIDs
Not all wireless NICs are compatible with scanning programs
Antenna prices vary depending on the quality and the range they
can cover
35. How It Works (continued)
Scanning software can identify
The company’s SSID
The type of security enabled
The signal strength
Indicating how close the AP is to the attacker
36. NetStumbler
Shareware tool written for Windows that enables you to
detect WLANs
Supports 802.11a, 802.11b, and 802.11g standards
NetStumbler was primarily designed to
Verify your WLAN configuration
Detect other wireless networks
Detect unauthorized APs
NetStumbler is capable of interface with a GPS
Enabling a security tester or hacker to map out locations of all
the WLANs the software detects
37. NetStumbler (continued)
NetStumbler logs the following information
SSID
MAC address of the AP
Manufacturer of the AP
Channel on which it was heard
Strength of the signal
Encryption
Attackers can detect APs within a 350-foot radius
But with a good antenna, they can locate APs a couple of miles
away
38. Kismet
Another product for conducting wardriving attacks
Written by Mike Kershaw
Runs on Linux, BSD, MAC OS X, and Linux PDAs
Kismet is advertised also as a sniffer and IDS
Kismet can sniff 802.11b, 802.11a, and 802.11g traffic
Kismet features
Ethereal- and Tcpdump-compatible data logging
AirSnort compatible
Network IP range detection
39. Kismet (continued)
Kismet features (continued)
Hidden network SSID detection
Graphical mapping of networks
Client-server architecture
Manufacturer and model identification of APs and clients
Detection of known default access point configurations
XML output
Supports 20 card types
40. Understanding Wireless Hacking
Hacking a wireless network is not much different from hacking a
wired LAN
Techniques for hacking wireless networks
Port scanning
Enumeration
41. Tools of the Trade
Equipment
Laptop computer
A wireless NIC
An antenna
Sniffers
Wireless routers that perform DHCP functions can pose a big security
risk
Tools for cracking WEP keys
AirSnort
WEPCrack
42. AirSnort
Created by Jeremy Bruestle and Blake Hegerle
It is the tool most hackers wanting to access WEP-enabled WLANs
use
AirSnort limitations
Runs only on Linux
Requires specific drivers
Not all wireless NICs function with AirSnort
43. WEPCrack
Another open-source tool used to crack WEP encryption
WEPCrack was released about a week before AirSnort
It also works on *NIX systems
WEPCrack uses Perl scripts to carry out attacks on wireless systems
Future versions are expected to include features for attackers to
conduct brute-force attacks
44. Countermeasures for Wireless
Attacks
Consider using anti-wardriving software to make it more difficult for
attackers to discover your wireless LAN
Honeypots
Fakeap
Black Alchemy Fake AP
Limit the use of wireless technology to people located in your facility
Allow only predetermined MAC addresses and IP addresses to have
access to the wireless LAN
45. Countermeasures for Wireless
Attacks (continued)
Consider using an authentication server instead of relying on a
wireless device to authenticate users
Consider using EAP, which allows different protocols to be used that
enhance security
Consider placing the AP in the demilitarized zone (DMZ)
If you use WEP, consider using 104-bit encryption rather than 40-bit
encryption
Assign static IP addresses to wireless clients instead of using DHCP
46. Summary
IEEE’s main purpose is to create standards for LANs and WANs
802.11 is the IEEE standard for wireless networking
Wireless technology defines how and at what frequency data
travels over carrier sound waves
Three main components of a wireless network
Access Points (APs)
Wireless network interface cards (WNICs)
Ethernet cables
47. Summary (continued)
A service set identifier (SSID) assigned to an AP
Represents the wireless segment of a network for which the AP is
responsible
Data must be modulated over carrier signals
DSSS, FHSS, and OFDM are the most common modulations for
wireless networks
Wardriving and warflying
WLANs can be attacked with many of the same tools used for
hacking wired LANS
48. Summary (continued)
Countermeasures include
Disabling SSID broadcast
Renaming default SSIDs
Using an authentication server
Placing the AP in the DMZ
Using a router to filter any unauthorized MAC and IP address from
network access