4. Wireless Threats
• Exposing your home network
due to low security
• Unauthorized Access, Denial
of Service
• Packet Sniffing
• Rouge AP
• War Driving
• Man in the Middle attacks
• Stolen Information
(Credentials, Bank Info, etc.)
5. Securing your Home Wifi
• Encrypt your Wi-Fi
• List of router default
passwords
• WEPS vs. WPS vs. WPA/2
• WEPS and WPS easily
cracked
• TKIP is depreciated
• WPA can have handshake
stolen and be brute forced
(rainbow tables)
• Use STRONG
PASSWORDS
6. SSID
• Always Change from the
Default SSID
• Do not include any
identifying information
• Apt #, Name, DOB,
Router info etc.
• Make it Hidden
7. MAC Filtering
• A MAC address identifies the
individual piece of equipment
connected to your network.
• You can set up to allow only
certain MAC’s onto your
network
• *WARNING* THIS CAN BE
SPOOFED
8. Finding Your MAC
Address
iOS
• Settings ->
• General ->
• About ->
• Wi-Fi Address
• Android
• Setting ->
• Wireless and Networks->
• Wi-Fi->
• Advanced
9. Finding Your MAC
Address (cont.)
OSX
• ifconfig
• en0 -> ether
Windows
• ipconfig
• Physical address
Linux (Mint)
• ifconfig
• hwaddr
10. Guest Network
• Creates a network separate
from your normal Wi-Fi
network. Removes access to
file shares, network locations
and devices.
• Still needs to be secured.
• Some router have an insecure
implementation of guest
networks
11. Firmware
• Always ensure your firmware
is up to date
• Your router can be
attacked and added to a
botnet
• News Article
12. Who’s on your network?
• Monitor your home network.
• How many devices are
connected to it?
• Wifi monitoring tools:
• Xirrus
• OpenNMS
• Often right on your Wi-Fi
router
13. Additional Measures
• Decrease your Wi-Fi signal
strength
• Anti Wi-Fi Paint?
• I have a feeling this will
mess with cell phone
reception as well, but
YMMV
17. Rouge AP
• Evil Twin
• Some creates a Wi-fi
hotspot with the same
name as the trusted
public hotspot
• You connect to it
• You are networked with
the attacker
18. Rouge AP
• Man in the Middle
• Usually starts as an evil
twin attack
• Rather than attack you
machine directly, attacker
forwards all your network
traffic to wherever you
wanted it to go.
• Attack can intercept,
decrypt or alter your
packets
• Stolen credentials, cc
numbers etc.
19. Rouge AP - Pineapple
• Combines Evil Twin, Man in
the Middle and a whole lot
more into one piece of
Hardware
• Karma
• Your device probes for a
trusted hotspot, Karma
says “that’s me!” and you
connect
• SSL stripping
(https://scotthelme.co.uk/wifi-
pineapple-karma-sslstrip)
• Mitigated with HSTS, but
new attacks are being
developed to beat this.
21. Packet Sniffing
• Captures PCAP (packet
capture) files
• These can be analyzed to
pull out very relevant
information
• MAC/IP addresses
• Credentials
• Websites visited
• Geolocation tags
• Basically anything that
is passed over the
network
• 100% passive attack
23. Not really wireless, but…
• Phony Mobile Charging
Stations
• “Juice Jacking”
• Attacker sets up computer
with multiple charge
cables attached
• When you plug in, the
computer attempts to rip
everything it can from
inside your phone
25. Device Settings
• Forget Wireless Connections
• Turn off wifi when not in use
• Turn off file/print share
• Browser extensions to force
SSL
• Enable your Host-based
firewall if you have one
26. Things you can do
• Always Verify the name of your public
network
• Avoid logging into any websites while on
public Wi-Fi (Social media, financial, etc.)
• Try not avoid public networks
• Use your cell phone
• If you cant, be sure they are
password protected or that are
unencrypted/weak encryption
• Always check for SSL connections!
• USE A VPN!
• Ensure OS is up to date.
27. VPN options
Paid
• KeepSolid
• NordVPN
• Hidemyass
Free
• AnchorFree
• SpotFLux
• Beware of free or ad driven VPN.
Nothing is ever free.
Implement your own
• This does expose your network to the
internet
• OpenVPN
28. Thank you for coming!
Please fill out a survey, check out the other Free Geek Courses, and feel free to give
suggestions on other topics you would like to see or ways to improve current
classes!