2. ECHO
•I d E i C
IndonEsian Community for Hackers
it f H k
and Open Source
• The stressing is still around the
hacking stuffs. We're working on the
Open Source activities
• Ezines, Advisories, News, Forum,
, , , ,
Mailing list
• Founded in 2003
• Has 13 staff a k a ECHO STAFF
staff a.k.a
• Has 11116 mailing lists member,
and 14151 Board Discussions
member (Jan,22 2008)
b
• http://echo.or.id || http://e‐rdc.org
y3dips@echo.or.id
4. WI‐FI
WI‐
Wi‐Fi, is a wireless networking
l k
technology used across the globe.
Wi‐Fi refers to any system that uses
the 802.11 standard, which was
developed by the Institute of
Electrical and Electronics Engineers
g
(IEEE) and released in 1997. The
term Wi‐Fi, which is alternatively
spelled WiFi, Wi fi, Wifi, or wifi, was
spelled WiFi Wi‐fi Wifi or wifi was
pushed by the Wi‐Fi Alliance, a
trade group that pioneered
commercialization of the
technology.
Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance
y3dips@echo.or.id
5. 802 11
802.11
802.11 is a set of standards for
f d d f
wireless local area network (WLAN)
computer communication,
developed by the IEEE LAN/MAN
Standards Committee (IEEE 802) in
the 5 GHz and 2.4 GHz public
5 4 p
spectrum bands.
y3dips@echo.or.id
6. Why WI‐FI
Why WI‐
•Convenience: Flexibility of time
i l bl f
and location
•Mobility: Access the internet even
outside their normal work
environment
•P d i i P
Productivity: Potentially be more
i ll b
•Deployment: Requires little more
t a a s g e access po t
than a single access point
•Expandability: Serve a suddenly‐
increased number of clients
•Cost.
y3dips@echo.or.id
8. WI –
WI –FI Security
Outsiders can sometimes get into your wireless networks as fast and easily
Some Security Method
• MAC ID filtering
• Static IP Addressing
• WEP encryption
• WPA Wi‐Fi Protected Access
• WPA2
• LEAP Lightweight Extensible Authentication Protocol
• PEAP Protected Extensible Authentication Protocol
• TKIP Temporal Key Integrity Protocol
• RADIUS Remote Authentication Dial In User Service
• WAPI WLAN Authentication and Privacy Infrastructure
• Smart cards, USB tokens, and
software tokens
y3dips@echo.or.id
9. 3 General Steps To Relatively Secure
1. All WI‐FI devices need to be secured
ll d d b d
2. All Users need to be educated
3.
3 Need to be actively monitored for weaknesses and breaches
http://en.wikipedia.org/wiki/Wireless_security
y3dips@echo.or.id
10. Specific Steps to be relatively Secure
Specific Steps to be relatively Secure
1. S h t k bli
Secure your home network: enabling security of your router (AP) , change password,
i f (AP) h d
restrict the
2. Protect yourself when using a public hotspot:
Connecting to a legitimate hotspot .
C l h
Use a virtual private network or VPN,
Stay away from critical action (bank transaction)
3. Configure for approved connections: simply configure your device to not automatically
connect
4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to
sharing / connecting with other devices.
5. Install anti‐virus software: makes it more important to have antivirus software installed.
6. Use a personal firewall: a personal firewall program.
p p p g
y3dips@echo.or.id
12. Hardware Hacking
Build A Tin Can Waveguide WiFi
ild i id i i
Antenna
• Using a Can, … and else
• Increase the range of your
g
Wireless network
•http://www.turnpoint.net/wireless/cantennahowto.html
•http://wikihost.org/wikis/indonesiainternet/programm/ge
bo.prg?name=sejarah_internet_indonesia:wajanbolic_e‐
goen
y3dips@echo.or.id
13. War Driving
Wardriving is the act of searching
di i h f h
for Wi‐Fi wireless networks by a
person in a moving vehicle using a
Wi‐Fi‐equipped computer, such as a
laptop or a PDA.
(http //en wikipedia org/wiki/Wardriving)
http://en.wikipedia.org/wiki/Wardriving
Wardrivers are only out to log and collect Tools
information about the wireless access points, they
find while driving, without using the networks'
networks •Net Stumbler
services. • Kismet
• Kismac
• MiniStumbler/Pocket Warior
y3dips@echo.or.id
15. WarChalking
Warchalking is the drawing of
symbols in public places to
advertise an open Wi‐Fi wireless
network.
k
y3dips@echo.or.id
16. PiggyBacking (using someone else's wireless Internet access)
l l
Piggybacking is a term used to refer
i b ki d f
to the illegal access of a wireless
internet connection without explicit
permission or knowledge from the
owner.
Targets :
Hotspots is a venue that offers Wi‐Fi
otspots s e ue t at o e s
access.
(Café, Restaurants, Campus, Office)
y3dips@echo.or.id
19. Top 5 WI‐FI Tools
Top 5 WI
WI‐
• Kismet A powerful wireless sniffer
• Net Stumbler Free Windows 802.11 Sniffer
• AirCrack The fastest available WEP/WPA cracking tooll
h f l bl k
• AirSnort 802.11 WEP Encryption Cracking Tool
• Kismac A GUI passive wireless stumbler for Mac OS X
Source: http://sectools.org/wireless.html
y3dips@echo.or.id