Downloaded 10 times
Uploaded byJohn Intindolo
ISSC456_Project_Presentation_Intindolo
This document discusses wireless networks and attacks, as well as iPhone forensics. It begins by defining wireless networks and technologies like Bluetooth, Wi-Fi, and wireless USB. It then explains different types of wireless attacks such as wardriving, warflying, warchalking, eavesdropping, denial-of-service attacks, and man-in-the-middle attacks. The document also provides an overview of best practices to secure wireless networks and devices. Finally, it covers topics related to iPhone forensics including evidence collection and analysis techniques as well as tools used for password cracking and data recovery.
More Related Content
!["The State of IoT Security" Keynote by Shawn Henry at Inform[ED] IoT Security](https://cdn.slidesharecdn.com/ss_thumbnails/01-shawnhenry-visionofiotsecurity20170412-170509161242-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to ISSC456_Project_Presentation_Intindolo
ISSC456_Project_Presentation_Intindolo
- 1. WIRELESS ATTACKS &IPHONE FORENSICS By John Intindolo ISSC456 Digital Forensics: InvestigatingWireless Networks and Devices ProfessorAndrew Ingraham (Iphone forensics, n.d.)(Wireless web, n.d.)
- 2. WIRELESS NETWORKS Whatis aWireless Network? Overview ofWireless Networks WirelessTechnologies Bluetooth Infrared Wi-Fi Wireless USB (Wireless network advantages, n.d.)
- 3. WIRELESS ATTACKS Methods Wardriving Warflying Warchalking (Wardriver, n.d.) (Warchalking symbols, n.d.)
- 4. WIRELESS ATTACKS CONT’D. Passive Attacks Eavesdropping Traffic Analysis Traffic Monitoring ((Hacker, n.d.)
- 5. WIRELESS ATTACKS CONT’D. Active Attacks Denial-of-Service Flooding Man-in-the-Middle Hijacking (Dos attack, n.d.)
- 6. BEST PRACTICES CreateaWireless Security Policy Secure the Enterprise Wireless LAN Secure the Enterprise Ethernet Network Secure Corporate Laptops fromWirelessThreats When Outside the Enterprise Educate Employees onWireless Policy
- 7. WIRELESS FORENSICS OVERVIEW Obtain a Search Warrant IdentifyWireless Devices Rogue Access Point Document the Scene DetectWireless Connections/Wireless Field Strength
- 8. WIRELESS FORENSICS OVERVIEW CONT’D. MapWireless Zones and Hot Spots Connect to theWireless Network Acquiring and Analyzing Data Generate Report
- 9. IPHONE FORENSICS EvidenceStored Collection Disable Automatic Syncing Write Blocking Image Evidence Viewing Evidence (Iphone forensics 2, n.d.)
- 10. IPHONE FORENSICS CONT’D. Breaking an iPhone Security Passcode Acquire Recover Forensic Information Analyze the Information
- 11. IPHONE FORENSICS CONT’D. Jailbreaking Tools Encase DiskInternals Music Recovery Elcomsoft Phone Password Breaker Cellebrite UFED Katana Forensics Lantern
- 12. REFERENCES Dos attack.(n.d.). Retrieved from http://botandbotnets.weebly.com/uploads/1/3/8/4/13840480/1556513_orig.jpg Hacker. (n.d.). Retrieved from https://1.bp.blogspot.com/- mubCSoqmXbk/Um5vwbDHElI/AAAAAAAAYT8/5l-BUCCZFGQ/s800/Israeli Road Control System hack, shutting down Haifa highwayTraffic.jpg IPhone forensics. (n.d.). Retrieved from http://www.htcia.org/wp- content/uploads/iphone_forensics.jpg Iphone fornesics 2. (n.d.). Retrieved from http://www.google.com/imgres?imgurl=http://gcn.com/articles/2014/10/08/~/me dia/GIG/GCN/Redesign/Articles/2014/October/passware.png&imgrefurl=http://g cn.com/articles/2014/10/08/passware-ios- forensics.asp&xh=300&w=620&tbnid=VuG8m5Yj20emHM:&zoom=1&docid=A3 560UUrjbuwPM&ei=kx6RVMb7G6bGsQSZpoKwCw&tbm=isch&ved=0CEcQMyg gMCA&iact=rc&uact=3&dur=1600&page=2&start=15&ndsp=19
- 13. REFERENCES CONT’D. Warchalkingsymbols. (n.d.). Retrieved from http://weblog.bergersen.net/wp/mt/archives/warchalk.gif Wardriver. (n.d.). Retrieved from http://muskrat707.tripod.com/pictures/pageicon.gif Wireless network advantages. (n.d.). Retrieved from http://wireless- head.net/img/wireless-network-advantages.jpg Wireless web. (n.d.). Retrieved from http://www.renogeek.com/blog/wp- content/uploads/2014/08/wireless-1-web.jpg
Editor's Notes
- #2 I have chosen wireless attacks and iPhone forensics as my topic for the project paper, because I am very interested in securing against wireless attacks and performing forensics analysis on a mobile phone.
- #3 A wireless network is any type of computer network that is comprised of wireless data connections for connecting network nodes. An example of this would be a modem connected to the Internet that uses a wireless router to connect computers, laptops, smartphones, tablets, T.V.’s, or any other wireless devices by way of a Wi-Fi connection found in an average person’s home. Wireless Networks such as Wi-Fi would not exist today if it were not for the decision of the Federal Communications Commission (FCC) to open several bands of wireless spectrum, and allowing them to be used without the need of a government license. The most common types of wireless technologies include Bluetooth, Infrared, Wi-Fi, and Wireless USB.
- #4 Wireless Attacks can occur anywhere a wireless connection is being used. This could range from a person’s home, a corporate business, schools and universities, an internet café, or even a local pizza shop. The three methods used by hackers to perform a wireless attack are Wardriving, Warflying, and Warchalking. Wardriving is the act of searching for Wi-Fi networks to exploit in a moving vehicle through the use of a laptop, smartphone, tablet, or PDA. Warflying is performing the same action as Wardiving, with the only difference being that an airplane or even a drone is used rather than a car. Warchalking is the use of chalk marks on outdoor surfaces to let others know the existence of an open wireless network connection. Open networks make for easy targets and are at a high risk of an attack.
- #5 There are many different wireless attacks that fall under two categories, passive and active. Passive attack examples would be eavesdropping, traffic analysis, and traffic monitoring, and are used to find vulnerabilities that can be exploited to perform an active attack or to obtain sensitive information.
- #6 Active attacks are used for several reasons depending on the type of attack. For instance denial-of-service and flooding attack’s are used to make the network unavailable to the user. A man-in-the-middle attack allows the attacker the ability to monitor and inject messages into a communication between two users. They do so by impersonating one user to trick the other to believing the message is authentic. This could cause the victim to give valuable information such as an encryption key.
- #7 Some of the best practices that should be implemented to safeguard against wireless attacks include the following: creating a wireless security policy, securing the Wireless LAN, Securing the Ethernet network, Securing business laptops when employees are using them outside of the workplace, and ensuring that all employees are educated on company the wireless policy.
- #8 Wireless Forensics is much like a typical forensic investigation in that the main concepts remain. A warrant must be obtained, the scene must be “taped off”, then document everything at the scene, and all while following the chain of custody. The difference here is that all wireless devices must be identified including the rogue access point which allowed the attack to occur.
- #9 Once all that information is acquired there are several more steps to take. Using a program such as Microsoft Visio, investigators can prepare a map of the wireless zones and hot spots that were used. Connecting to the network can be done directly to the WAP or by sniffing traffic between the access point and its associated devices. Once all data is acquired and analyzed it needs to be written in a report.
- #10 The iPhone has a vast amount of evidence that is stored on it that can be recover even if deleted.
- #11 An iPhone’s that is acquired and has a secure password can be broken using a forensic tool that allow the investigator to obtain the pass code. The evidence acquired falls into the following DeviceInfo file and SysInfo file. DeviceInfo is things like the name given to the device and username logged into the computer, while SysInfo gives information about the iPhone itself such as model number, serial number, etc. There are many things that can be recovered including: network informaiton, photos, contacts, calendar events, call logs, messages and e-mails, etc. Once the information is gather it must be analyzed using forensic tools.
- #12 There are many different tools that can be used in analyzing the iPhone. One method is by jailbreaking it. This means that the phone is unlocked so that third-party applications can be installed and it will allow the investigator to open the file system of the iPhone so it may be accessed from a computer. Some of the more popular forensic tools for the iPhone are listed here such as EnCase, DiskInternals Music Recovery, Elcomsoft Phone Password Breaker, Cellebrite UFED, and Katana Forensics Lantern. Some of these are tools that will help to recover even deleted data (Encase and Cellebrite UFED for instance).