SlideShare a Scribd company logo

Wireless v2

Download as PPTX, PDF
J
Joshua Johnston

FreeGeek Wireless Course

Technology
1 of 28
Wireless Security Hide yo kids, Hide yo Wi-Fi
Scope Home Wi-fi Public Wireless Usage
Home Wi-Fi
Wireless Threats • Exposing your home network due to low security • Unauthorized Access, Denial of Service • Packet Sniffing • Rouge AP • War Driving • Man in the Middle attacks • Stolen Information (Credentials, Bank Info, etc.)
Securing your Home Wifi • Encrypt your Wi-Fi • List of router default passwords • WEPS vs. WPS vs. WPA/2 • WEPS and WPS easily cracked • TKIP is depreciated • WPA can have handshake stolen and be brute forced (rainbow tables) • Use STRONG PASSWORDS
SSID • Always Change from the Default SSID • Do not include any identifying information • Apt #, Name, DOB, Router info etc. • Make it Hidden
MAC Filtering • A MAC address identifies the individual piece of equipment connected to your network. • You can set up to allow only certain MAC’s onto your network • *WARNING* THIS CAN BE SPOOFED
Finding Your MAC Address iOS • Settings -> • General -> • About -> • Wi-Fi Address • Android • Setting -> • Wireless and Networks-> • Wi-Fi-> • Advanced
Finding Your MAC Address (cont.) OSX • ifconfig • en0 -> ether Windows • ipconfig • Physical address Linux (Mint) • ifconfig • hwaddr
Guest Network • Creates a network separate from your normal Wi-Fi network. Removes access to file shares, network locations and devices. • Still needs to be secured. • Some router have an insecure implementation of guest networks
Firmware • Always ensure your firmware is up to date • Your router can be attacked and added to a botnet • News Article
Who’s on your network? • Monitor your home network. • How many devices are connected to it? • Wifi monitoring tools: • Xirrus • OpenNMS • Often right on your Wi-Fi router
Additional Measures • Decrease your Wi-Fi signal strength • Anti Wi-Fi Paint? • I have a feeling this will mess with cell phone reception as well, but YMMV
Public Wi-Fi
3 Common Attacks • Rouge AP • Evil Twin • Man in the middle • Pineapple • Packet Sniffing • Wireshark • Airpcap • Mobile Charging Stations
Christmas Shopping
Rouge AP • Evil Twin • Some creates a Wi-fi hotspot with the same name as the trusted public hotspot • You connect to it • You are networked with the attacker
Rouge AP • Man in the Middle • Usually starts as an evil twin attack • Rather than attack you machine directly, attacker forwards all your network traffic to wherever you wanted it to go. • Attack can intercept, decrypt or alter your packets • Stolen credentials, cc numbers etc.
Rouge AP - Pineapple • Combines Evil Twin, Man in the Middle and a whole lot more into one piece of Hardware • Karma • Your device probes for a trusted hotspot, Karma says “that’s me!” and you connect • SSL stripping (https://scotthelme.co.uk/wifi- pineapple-karma-sslstrip) • Mitigated with HSTS, but new attacks are being developed to beat this.
Beef
Packet Sniffing • Captures PCAP (packet capture) files • These can be analyzed to pull out very relevant information • MAC/IP addresses • Credentials • Websites visited • Geolocation tags • Basically anything that is passed over the network • 100% passive attack
Packet Sniffing • Wireshark example
Not really wireless, but… • Phony Mobile Charging Stations • “Juice Jacking” • Attacker sets up computer with multiple charge cables attached • When you plug in, the computer attempts to rip everything it can from inside your phone
Mitigation Techniques
Device Settings • Forget Wireless Connections • Turn off wifi when not in use • Turn off file/print share • Browser extensions to force SSL • Enable your Host-based firewall if you have one
Things you can do • Always Verify the name of your public network • Avoid logging into any websites while on public Wi-Fi (Social media, financial, etc.) • Try not avoid public networks • Use your cell phone • If you cant, be sure they are password protected or that are unencrypted/weak encryption • Always check for SSL connections! • USE A VPN! • Ensure OS is up to date.
VPN options Paid • KeepSolid • NordVPN • Hidemyass Free • AnchorFree • SpotFLux • Beware of free or ad driven VPN. Nothing is ever free. Implement your own • This does expose your network to the internet • OpenVPN
Thank you for coming! Please fill out a survey, check out the other Free Geek Courses, and feel free to give suggestions on other topics you would like to see or ways to improve current classes!

Recommended

Remote monitoring system
Remote monitoring systemRemote monitoring system
Remote monitoring systemPk Doctors
 
Demystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source OptionsDemystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source OptionsMichele Chubirka
 
CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1Julie Young
 
Uncommon MiTM in uncommon conditions
Uncommon MiTM in uncommon conditionsUncommon MiTM in uncommon conditions
Uncommon MiTM in uncommon conditionsHeadLightSecurity
 
Session810 ken huang
Session810 ken huangSession810 ken huang
Session810 ken huangKen Huang
 
Google wi fi
Google wi fiGoogle wi fi
Google wi fiRohit Sinha
 
Edu camp presentation 13/4/12
Edu camp presentation 13/4/12Edu camp presentation 13/4/12
Edu camp presentation 13/4/12Azeem Vasanwala
 
Wifi Cracking - Step by Step Using Backtracks Tool
Wifi Cracking - Step by Step Using Backtracks ToolWifi Cracking - Step by Step Using Backtracks Tool
Wifi Cracking - Step by Step Using Backtracks ToolJohn Henry Gaspay
 

Recommended

Remote monitoring system
Remote monitoring systemRemote monitoring system
Remote monitoring systemPk Doctors
 
Demystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source OptionsDemystifying Wireless Security Using Open Source Options
Demystifying Wireless Security Using Open Source OptionsMichele Chubirka
 
CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1Julie Young
 
Uncommon MiTM in uncommon conditions
Uncommon MiTM in uncommon conditionsUncommon MiTM in uncommon conditions
Uncommon MiTM in uncommon conditionsHeadLightSecurity
 
Session810 ken huang
Session810 ken huangSession810 ken huang
Session810 ken huangKen Huang
 
Google wi fi
Google wi fiGoogle wi fi
Google wi fiRohit Sinha
 
Edu camp presentation 13/4/12
Edu camp presentation 13/4/12Edu camp presentation 13/4/12
Edu camp presentation 13/4/12Azeem Vasanwala
 
Wifi Cracking - Step by Step Using Backtracks Tool
Wifi Cracking - Step by Step Using Backtracks ToolWifi Cracking - Step by Step Using Backtracks Tool
Wifi Cracking - Step by Step Using Backtracks ToolJohn Henry Gaspay
 
Bluetooth IN OUR life
Bluetooth IN OUR lifeBluetooth IN OUR life
Bluetooth IN OUR lifeMADDY125
 
Overview on QUBEE Pocket Wi-Fi
Overview on QUBEE Pocket Wi-FiOverview on QUBEE Pocket Wi-Fi
Overview on QUBEE Pocket Wi-FiQUBEE
 
DataSheet-Tely
DataSheet-TelyDataSheet-Tely
DataSheet-TelyAditya Mavlankar
 
How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?QUBEE
 
Threats to Mobile Computing
Threats to Mobile ComputingThreats to Mobile Computing
Threats to Mobile Computingmadhurbyheart
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web HackerHeadLightSecurity
 
QUBEE modems
QUBEE modemsQUBEE modems
QUBEE modemsQUBEE
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slidesguest1c1a9a
 
Get started with Sigfox - IoT Shifts 2015
Get started with Sigfox - IoT Shifts 2015Get started with Sigfox - IoT Shifts 2015
Get started with Sigfox - IoT Shifts 2015Nicolas Lesconnec
 
How it Works
How it WorksHow it Works
How it WorksDigilink, Inc
 
Bluetooth technology by shamshad
Bluetooth technology by shamshadBluetooth technology by shamshad
Bluetooth technology by shamshad1122334411223344
 
Datasheet EnGenius EZ Hotspot Extender
Datasheet EnGenius EZ Hotspot ExtenderDatasheet EnGenius EZ Hotspot Extender
Datasheet EnGenius EZ Hotspot ExtenderEnGenius Europe
 
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON
 
Cctv mtnl config
Cctv mtnl configCctv mtnl config
Cctv mtnl configHOME
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyxel Communications Corp.
 
Logging into the Network!
Logging into the Network!Logging into the Network!
Logging into the Network!AdamCurlin
 
Near field communication
Near field communicationNear field communication
Near field communicationvaibhav kubadia
 
OSGi Service Platform in Home Control, Entertainment and Communications Appli...
OSGi Service Platform in Home Control, Entertainment and Communications Appli...OSGi Service Platform in Home Control, Entertainment and Communications Appli...
OSGi Service Platform in Home Control, Entertainment and Communications Appli...mfrancis
 
Wireless networks
Wireless networksWireless networks
Wireless networksJlchons05
 
WiFi Intrustion Detection from WireShark SharkFest
WiFi Intrustion Detection from WireShark SharkFestWiFi Intrustion Detection from WireShark SharkFest
WiFi Intrustion Detection from WireShark SharkFestDavid Sweigert
 
IT infrastructure security 101
IT infrastructure security 101IT infrastructure security 101
IT infrastructure security 101April Mardock CISSP
 

More Related Content

What's hot

Bluetooth IN OUR life
Bluetooth IN OUR lifeBluetooth IN OUR life
Bluetooth IN OUR lifeMADDY125
 
Overview on QUBEE Pocket Wi-Fi
Overview on QUBEE Pocket Wi-FiOverview on QUBEE Pocket Wi-Fi
Overview on QUBEE Pocket Wi-FiQUBEE
 
How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?QUBEE
 
Threats to Mobile Computing
Threats to Mobile ComputingThreats to Mobile Computing
Threats to Mobile Computingmadhurbyheart
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web HackerHeadLightSecurity
 
QUBEE modems
QUBEE modemsQUBEE modems
QUBEE modemsQUBEE
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slidesguest1c1a9a
 
Get started with Sigfox - IoT Shifts 2015
Get started with Sigfox - IoT Shifts 2015Get started with Sigfox - IoT Shifts 2015
Get started with Sigfox - IoT Shifts 2015Nicolas Lesconnec
 
Bluetooth technology by shamshad
Bluetooth technology by shamshadBluetooth technology by shamshad
Bluetooth technology by shamshad1122334411223344
 
Datasheet EnGenius EZ Hotspot Extender
Datasheet EnGenius EZ Hotspot ExtenderDatasheet EnGenius EZ Hotspot Extender
Datasheet EnGenius EZ Hotspot ExtenderEnGenius Europe
 
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON
 
Cctv mtnl config
Cctv mtnl configCctv mtnl config
Cctv mtnl configHOME
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyxel Communications Corp.
 
Logging into the Network!
Logging into the Network!Logging into the Network!
Logging into the Network!AdamCurlin
 
Near field communication
Near field communicationNear field communication
Near field communicationvaibhav kubadia
 
OSGi Service Platform in Home Control, Entertainment and Communications Appli...
OSGi Service Platform in Home Control, Entertainment and Communications Appli...OSGi Service Platform in Home Control, Entertainment and Communications Appli...
OSGi Service Platform in Home Control, Entertainment and Communications Appli...mfrancis
 
Wireless networks
Wireless networksWireless networks
Wireless networksJlchons05
 

What's hot (20)

Bluetooth IN OUR life
Bluetooth IN OUR lifeBluetooth IN OUR life
Bluetooth IN OUR life
 
Overview on QUBEE Pocket Wi-Fi
Overview on QUBEE Pocket Wi-FiOverview on QUBEE Pocket Wi-Fi
Overview on QUBEE Pocket Wi-Fi
 
DataSheet-Tely
DataSheet-TelyDataSheet-Tely
DataSheet-Tely
 
How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?
 
Threats to Mobile Computing
Threats to Mobile ComputingThreats to Mobile Computing
Threats to Mobile Computing
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?44CON @ IPexpo - You're fighting an APT with what exactly?
44CON @ IPexpo - You're fighting an APT with what exactly?
 
Hacking routers as Web Hacker
Hacking routers as Web HackerHacking routers as Web Hacker
Hacking routers as Web Hacker
 
QUBEE modems
QUBEE modemsQUBEE modems
QUBEE modems
 
wifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slideswifi-y3dips-stmik_mdp_slides
wifi-y3dips-stmik_mdp_slides
 
Get started with Sigfox - IoT Shifts 2015
Get started with Sigfox - IoT Shifts 2015Get started with Sigfox - IoT Shifts 2015
Get started with Sigfox - IoT Shifts 2015
 
How it Works
How it WorksHow it Works
How it Works
 
Bluetooth technology by shamshad
Bluetooth technology by shamshadBluetooth technology by shamshad
Bluetooth technology by shamshad
 
Datasheet EnGenius EZ Hotspot Extender
Datasheet EnGenius EZ Hotspot ExtenderDatasheet EnGenius EZ Hotspot Extender
Datasheet EnGenius EZ Hotspot Extender
 
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
 
Cctv mtnl config
Cctv mtnl configCctv mtnl config
Cctv mtnl config
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and FeaturesZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
 
Logging into the Network!
Logging into the Network!Logging into the Network!
Logging into the Network!
 
Near field communication
Near field communicationNear field communication
Near field communication
 
OSGi Service Platform in Home Control, Entertainment and Communications Appli...
OSGi Service Platform in Home Control, Entertainment and Communications Appli...OSGi Service Platform in Home Control, Entertainment and Communications Appli...
OSGi Service Platform in Home Control, Entertainment and Communications Appli...
 
Wireless networks
Wireless networksWireless networks
Wireless networks
 

Similar to Wireless v2

WiFi Intrustion Detection from WireShark SharkFest
WiFi Intrustion Detection from WireShark SharkFestWiFi Intrustion Detection from WireShark SharkFest
WiFi Intrustion Detection from WireShark SharkFestDavid Sweigert
 
How to keep your laptop & mobile safe
How to keep your laptop & mobile safeHow to keep your laptop & mobile safe
How to keep your laptop & mobile safekanika sharma
 
Tingling wireless security
Tingling wireless securityTingling wireless security
Tingling wireless securityrash2kool
 
Secure calling for IP telephony - webinar 2016, English
Secure calling for IP telephony - webinar 2016, EnglishSecure calling for IP telephony - webinar 2016, English
Secure calling for IP telephony - webinar 2016, EnglishAskozia
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security PracticeBrian Pichman
 
Anti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net PresenceAnti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net PresenceEngineers Australia
 
Anti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net PresenceAnti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net Presencegueste0b5fe
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanZaibi Gondal
 
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...Askozia
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceBrian Pichman
 
CompTIA Security+ Chapter Four Review
CompTIA Security+ Chapter Four ReviewCompTIA Security+ Chapter Four Review
CompTIA Security+ Chapter Four ReviewDCPS
 
Wireless and how safe are you
Wireless and how safe are youWireless and how safe are you
Wireless and how safe are youMarcus Dempsey
 
Presentation made by Marcin R.from Poland
Presentation made by Marcin R.from PolandPresentation made by Marcin R.from Poland
Presentation made by Marcin R.from Polandirenazd
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version Brian Pichman
 

Similar to Wireless v2 (20)

WiFi Intrustion Detection from WireShark SharkFest
WiFi Intrustion Detection from WireShark SharkFestWiFi Intrustion Detection from WireShark SharkFest
WiFi Intrustion Detection from WireShark SharkFest
 
IT infrastructure security 101
IT infrastructure security 101IT infrastructure security 101
IT infrastructure security 101
 
How to keep your laptop & mobile safe
How to keep your laptop & mobile safeHow to keep your laptop & mobile safe
How to keep your laptop & mobile safe
 
Tingling wireless security
Tingling wireless securityTingling wireless security
Tingling wireless security
 
Secure calling for IP telephony - webinar 2016, English
Secure calling for IP telephony - webinar 2016, EnglishSecure calling for IP telephony - webinar 2016, English
Secure calling for IP telephony - webinar 2016, English
 
Public Wi-Fi security 101
Public Wi-Fi security 101Public Wi-Fi security 101
Public Wi-Fi security 101
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
Personal Internet Security Practice
Personal Internet Security PracticePersonal Internet Security Practice
Personal Internet Security Practice
 
Wireless security
Wireless securityWireless security
Wireless security
 
Anti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net PresenceAnti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net Presence
 
Anti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net PresenceAnti Whaling Hardening Up Your Net Presence
Anti Whaling Hardening Up Your Net Presence
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib Zeeshan
 
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
 
Implementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day ConferenceImplementing security for your library | PLAN Tech Day Conference
Implementing security for your library | PLAN Tech Day Conference
 
CompTIA Security+ Chapter Four Review
CompTIA Security+ Chapter Four ReviewCompTIA Security+ Chapter Four Review
CompTIA Security+ Chapter Four Review
 
Wireless and how safe are you
Wireless and how safe are youWireless and how safe are you
Wireless and how safe are you
 
Cyber Crime..pptx
Cyber Crime..pptxCyber Crime..pptx
Cyber Crime..pptx
 
Presentation made by Marcin R.from Poland
Presentation made by Marcin R.from PolandPresentation made by Marcin R.from Poland
Presentation made by Marcin R.from Poland
 
It security the condensed version
It security the condensed version It security the condensed version
It security the condensed version
 

More from Joshua Johnston

Free geek class on Data privacy
Free geek class on Data privacyFree geek class on Data privacy
Free geek class on Data privacyJoshua Johnston
 
FreeGeek -Cryptocurrency and Blockchain
FreeGeek -Cryptocurrency and BlockchainFreeGeek -Cryptocurrency and Blockchain
FreeGeek -Cryptocurrency and BlockchainJoshua Johnston
 

More from Joshua Johnston (7)

Free geek class on Data privacy
Free geek class on Data privacyFree geek class on Data privacy
Free geek class on Data privacy
 
Holiday scams
Holiday scamsHoliday scams
Holiday scams
 
IoT -Internet of Things
IoT -Internet of ThingsIoT -Internet of Things
IoT -Internet of Things
 
FreeGeek -Cryptocurrency and Blockchain
FreeGeek -Cryptocurrency and BlockchainFreeGeek -Cryptocurrency and Blockchain
FreeGeek -Cryptocurrency and Blockchain
 
Holiday scams
Holiday scamsHoliday scams
Holiday scams
 
Home computing security
Home computing securityHome computing security
Home computing security
 
Intro to firewalls
Intro to firewallsIntro to firewalls
Intro to firewalls
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

Wireless v2

  • 1. Wireless Security Hide yo kids, Hide yo Wi-Fi
  • 4. Wireless Threats • Exposing your home network due to low security • Unauthorized Access, Denial of Service • Packet Sniffing • Rouge AP • War Driving • Man in the Middle attacks • Stolen Information (Credentials, Bank Info, etc.)
  • 5. Securing your Home Wifi • Encrypt your Wi-Fi • List of router default passwords • WEPS vs. WPS vs. WPA/2 • WEPS and WPS easily cracked • TKIP is depreciated • WPA can have handshake stolen and be brute forced (rainbow tables) • Use STRONG PASSWORDS
  • 6. SSID • Always Change from the Default SSID • Do not include any identifying information • Apt #, Name, DOB, Router info etc. • Make it Hidden
  • 7. MAC Filtering • A MAC address identifies the individual piece of equipment connected to your network. • You can set up to allow only certain MAC’s onto your network • *WARNING* THIS CAN BE SPOOFED
  • 8. Finding Your MAC Address iOS • Settings -> • General -> • About -> • Wi-Fi Address • Android • Setting -> • Wireless and Networks-> • Wi-Fi-> • Advanced
  • 9. Finding Your MAC Address (cont.) OSX • ifconfig • en0 -> ether Windows • ipconfig • Physical address Linux (Mint) • ifconfig • hwaddr
  • 10. Guest Network • Creates a network separate from your normal Wi-Fi network. Removes access to file shares, network locations and devices. • Still needs to be secured. • Some router have an insecure implementation of guest networks
  • 11. Firmware • Always ensure your firmware is up to date • Your router can be attacked and added to a botnet • News Article
  • 12. Who’s on your network? • Monitor your home network. • How many devices are connected to it? • Wifi monitoring tools: • Xirrus • OpenNMS • Often right on your Wi-Fi router
  • 13. Additional Measures • Decrease your Wi-Fi signal strength • Anti Wi-Fi Paint? • I have a feeling this will mess with cell phone reception as well, but YMMV
  • 15. 3 Common Attacks • Rouge AP • Evil Twin • Man in the middle • Pineapple • Packet Sniffing • Wireshark • Airpcap • Mobile Charging Stations
  • 17. Rouge AP • Evil Twin • Some creates a Wi-fi hotspot with the same name as the trusted public hotspot • You connect to it • You are networked with the attacker
  • 18. Rouge AP • Man in the Middle • Usually starts as an evil twin attack • Rather than attack you machine directly, attacker forwards all your network traffic to wherever you wanted it to go. • Attack can intercept, decrypt or alter your packets • Stolen credentials, cc numbers etc.
  • 19. Rouge AP - Pineapple • Combines Evil Twin, Man in the Middle and a whole lot more into one piece of Hardware • Karma • Your device probes for a trusted hotspot, Karma says “that’s me!” and you connect • SSL stripping (https://scotthelme.co.uk/wifi- pineapple-karma-sslstrip) • Mitigated with HSTS, but new attacks are being developed to beat this.
  • 20. Beef
  • 21. Packet Sniffing • Captures PCAP (packet capture) files • These can be analyzed to pull out very relevant information • MAC/IP addresses • Credentials • Websites visited • Geolocation tags • Basically anything that is passed over the network • 100% passive attack
  • 23. Not really wireless, but… • Phony Mobile Charging Stations • “Juice Jacking” • Attacker sets up computer with multiple charge cables attached • When you plug in, the computer attempts to rip everything it can from inside your phone
  • 25. Device Settings • Forget Wireless Connections • Turn off wifi when not in use • Turn off file/print share • Browser extensions to force SSL • Enable your Host-based firewall if you have one
  • 26. Things you can do • Always Verify the name of your public network • Avoid logging into any websites while on public Wi-Fi (Social media, financial, etc.) • Try not avoid public networks • Use your cell phone • If you cant, be sure they are password protected or that are unencrypted/weak encryption • Always check for SSL connections! • USE A VPN! • Ensure OS is up to date.
  • 27. VPN options Paid • KeepSolid • NordVPN • Hidemyass Free • AnchorFree • SpotFLux • Beware of free or ad driven VPN. Nothing is ever free. Implement your own • This does expose your network to the internet • OpenVPN
  • 28. Thank you for coming! Please fill out a survey, check out the other Free Geek Courses, and feel free to give suggestions on other topics you would like to see or ways to improve current classes!