SlideShare a Scribd company logo

wifi

Ammar WK
Ammar WKProfessional Bandwidth hunter at Inside your Machine
A set of experience over the air y3dips@echo.or.id 
ECHO •I d E i C IndonEsian Community for Hackers  it  f  H k   and Open Source  • The stressing is still around the  hacking stuffs. We're working on the  Open Source activities • Ezines, Advisories, News, Forum,  , , , , Mailing list • Founded in 2003 • Has 13 staff a k a ECHO STAFF staff a.k.a • Has 11116 mailing lists member,  and 14151 Board Discussions  member (Jan,22 2008) b • http://echo.or.id  || http://e‐rdc.org  y3dips@echo.or.id 
y3dips@echo.or.id 
WI‐FI WI‐ Wi‐Fi, is a wireless networking  l k technology used across the globe.  Wi‐Fi refers to any system that uses  the 802.11 standard, which was  developed by the Institute of  Electrical and Electronics Engineers  g (IEEE) and released in 1997. The  term Wi‐Fi, which is alternatively  spelled WiFi, Wi fi, Wifi, or wifi, was  spelled WiFi  Wi‐fi  Wifi  or wifi  was  pushed by the Wi‐Fi Alliance, a  trade group that pioneered  commercialization of the  technology. Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance y3dips@echo.or.id 
802 11 802.11 802.11 is a set of standards for  f d d f wireless local area network (WLAN)  computer communication,  developed by the IEEE LAN/MAN  Standards Committee (IEEE 802) in  the 5 GHz and 2.4 GHz public  5 4 p spectrum bands. y3dips@echo.or.id 
Why WI‐FI Why WI‐ •Convenience:  Flexibility of time  i l bl f and location •Mobility:  Access the internet even  outside their normal work  environment •P d i i  P Productivity: Potentially be more i ll  b   •Deployment: Requires little more  t a a s g e access po t than a single access point •Expandability: Serve a suddenly‐ increased number of clients  •Cost. y3dips@echo.or.id 
Keep it safe or wide open
WI – WI –FI  Security Outsiders can sometimes get into your wireless networks as fast and easily Some Security Method • MAC ID filtering  • Static IP Addressing  • WEP encryption  • WPA  Wi‐Fi Protected Access • WPA2  • LEAP  Lightweight Extensible Authentication Protocol • PEAP  Protected Extensible Authentication Protocol • TKIP  Temporal Key Integrity Protocol • RADIUS  Remote Authentication Dial In User Service • WAPI  WLAN Authentication and Privacy Infrastructure • Smart cards, USB tokens, and  software tokens y3dips@echo.or.id 
3  General Steps To  Relatively Secure 1. All WI‐FI devices need to be secured ll d d b d 2. All Users need to be educated 3. 3 Need to be actively monitored for weaknesses and breaches http://en.wikipedia.org/wiki/Wireless_security y3dips@echo.or.id 
Specific  Steps  to be relatively Secure Specific  Steps  to be relatively Secure 1. S    h   t k  bli   Secure your home network: enabling security  of your router (AP) , change password,  i    f     (AP)    h   d  restrict the 2. Protect yourself when using a public hotspot: Connecting to a legitimate hotspot . C l h Use a virtual private network or VPN, Stay away from critical action (bank transaction) 3. Configure for approved connections:  simply configure your device to not automatically  connect  4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to  sharing / connecting with other devices.  5. Install anti‐virus software:  makes it more important to have antivirus software installed. 6. Use a personal firewall: a personal firewall program. p p p g y3dips@echo.or.id 
A set of popular things
Hardware Hacking Build A Tin Can Waveguide WiFi ild i id i i Antenna • Using a Can, … and else • Increase the range of your  g Wireless network •http://www.turnpoint.net/wireless/cantennahowto.html •http://wikihost.org/wikis/indonesiainternet/programm/ge bo.prg?name=sejarah_internet_indonesia:wajanbolic_e‐ goen y3dips@echo.or.id 
War Driving Wardriving is the act of searching di i h f h for Wi‐Fi wireless networks by a person in a moving vehicle using a Wi‐Fi‐equipped computer, such as a laptop or a PDA. (http //en wikipedia org/wiki/Wardriving) http://en.wikipedia.org/wiki/Wardriving Wardrivers are only out to log and collect Tools information about the wireless access points, they find while driving, without using the networks' networks •Net Stumbler services. • Kismet • Kismac • MiniStumbler/Pocket Warior y3dips@echo.or.id 
y3dips@echo.or.id 
WarChalking Warchalking is the drawing of symbols in public places to advertise an open Wi‐Fi wireless network. k y3dips@echo.or.id 
PiggyBacking (using someone else's wireless Internet access) l l Piggybacking is a term used to refer i b ki d f to the illegal access of a wireless internet connection without explicit permission or knowledge from the owner. Targets : Hotspots is a venue that offers Wi‐Fi otspots s e ue t at o e s access. (Café, Restaurants, Campus, Office) y3dips@echo.or.id 
List of Abuse & tools
Another WI  FI Abuse • DOS • Injection • Fake Access Point • Fake CaptivePortal • EavesDropes • MAC Spoofing • Man In The Middle Attack
Top 5 WI‐FI  Tools Top 5 WI WI‐ • Kismet A powerful wireless sniffer • Net Stumbler Free Windows 802.11 Sniffer • AirCrack The fastest available WEP/WPA cracking tooll h f l bl k • AirSnort 802.11 WEP Encryption Cracking Tool • Kismac A GUI passive wireless stumbler for Mac OS X Source: http://sectools.org/wireless.html y3dips@echo.or.id 
Maybe yes, Maybe No !
Taking fun from the wifi at the Cafe Taking fun from the wifi • Café with a Hotspot • Not Free Wifi Access  • Using Some  eleet Restriction Mac Restriction Protocol Restriction (All  TCP need a session auth) • Trick It • Change your mac • Tunnel your connection • Not Free Wifi Access y3dips@echo.or.id 
Taking fun from the wifi at the Hotel Taking fun from the wifi at the Hotel • Charge User using their  room number • Using Some  eleet Restriction • Room Number with all  the settings through  Captive Portals • Change the HTTP Request  h h • Not Free Wifi Access y3dips@echo.or.id 
Will we see it right now in front of our eyes
DEMO • War Driving • WarChalking • WI‐FI Abuse ? • WEP Cracking y3dips@echo.or.id 
Discussion
1 of 25

wifi

Download to read offline
Technology

y3dips's Wifi [in]security presentation at STMIK MDP Palembang

Ammar WK
Ammar WKProfessional Bandwidth hunter at Inside your Machine

Recommended

Wireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by VijayWireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by Vijaythevijayps
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityShital Kat
 
Wireless hacking and security
Wireless hacking and securityWireless hacking and security
Wireless hacking and securityAdel Zalok
 
Wlan security
Wlan securityWlan security
Wlan securitySajan Sahu
 
Wlan security
Wlan securityWlan security
Wlan securityUpasona Roy
 

More Related Content

What's hot

WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
Attack presentation
Attack presentationAttack presentation
Attack presentationFrikha Nour
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityAyoma Wijethunga
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminarNilesh Sapariya
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected accessLopamudra Das
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Securitykentquirk
 
Wireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaWireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaArpit Bhatia
 
How to hack wireless internet connections
How to hack wireless internet connectionsHow to hack wireless internet connections
How to hack wireless internet connectionsNitin kumar Gupta
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 

What's hot (20)

Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
 
Attack presentation
Attack presentationAttack presentation
Attack presentation
 
Wifi security
Wifi securityWifi security
Wifi security
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hacking
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Cracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary AttacksCracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary Attacks
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
 
Wireless Security null seminar
Wireless Security null seminarWireless Security null seminar
Wireless Security null seminar
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected access
 
WIFI Hacking
WIFI HackingWIFI Hacking
WIFI Hacking
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Wireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaWireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit Bhatia
 
How to hack wireless internet connections
How to hack wireless internet connectionsHow to hack wireless internet connections
How to hack wireless internet connections
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and security
 

Viewers also liked

eGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaeGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaMukund Nadgowda
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guideMatt Ford
 
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training CourseOTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training CourseOsman Suliman
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingMihir Shah
 
Hacking and its types
Hacking and its typesHacking and its types
Hacking and its typeshamza javed
 
Evil Twin Demonstration
Evil Twin DemonstrationEvil Twin Demonstration
Evil Twin DemonstrationEric Goldman
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Sumit Satam
 
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014TGodfrey
 
hacking and its types
hacking and its typeshacking and its types
hacking and its typesBharath Reddy
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hackingSainath Volam
 
Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)Michael Asres
 

Viewers also liked (20)

eGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaeGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund Nadgowda
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guide
 
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training CourseOTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Hacking and its types
Hacking and its typesHacking and its types
Hacking and its types
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking
HackingHacking
Hacking
 
Windows Hacking
Windows HackingWindows Hacking
Windows Hacking
 
Evil Twin
Evil TwinEvil Twin
Evil Twin
 
Evil Twin Demonstration
Evil Twin DemonstrationEvil Twin Demonstration
Evil Twin Demonstration
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)
 
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
 
hacking and its types
hacking and its typeshacking and its types
hacking and its types
 
Hacking 1
Hacking 1Hacking 1
Hacking 1
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hacking
 
Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)
 
Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 

Similar to wifi

AP Takeover Attacks
AP Takeover AttacksAP Takeover Attacks
AP Takeover AttacksEric Goldman
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanZaibi Gondal
 
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017keyalea
 
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networksCeh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networksMehrdad Jingoism
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPJoe McCray
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2DrayTek
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentestingYunfei Yang
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationCARMEN ALCIVAR
 
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Setia Juli Irzal Ismail
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAirTight Networks
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisSavvius, Inc
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksAsep Sopyan
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Mohammad Fareed
 
Wi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxWi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxMairajuddeen
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AlivePositive Hack Days
 

Similar to wifi (20)

AP Takeover Attacks
AP Takeover AttacksAP Takeover Attacks
AP Takeover Attacks
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib Zeeshan
 
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
 
Wireless security
Wireless securityWireless security
Wireless security
 
Wardriving 101
Wardriving 101Wardriving 101
Wardriving 101
 
Wireless security
Wireless securityWireless security
Wireless security
 
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networksCeh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentesting
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
 
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan Analysis
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN Analysis
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networks
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018
 
Wi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxWi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptx
 
Wifi- technology_moni
Wifi- technology_moniWifi- technology_moni
Wifi- technology_moni
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
 
Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014
 

More from Ammar WK

Vvdp-fgd-bssn
Vvdp-fgd-bssnVvdp-fgd-bssn
Vvdp-fgd-bssnAmmar WK
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?Ammar WK
 
How To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsHow To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsAmmar WK
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryAmmar WK
 
Bugbounty vs-0day
Bugbounty vs-0dayBugbounty vs-0day
Bugbounty vs-0dayAmmar WK
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent ThreatAmmar WK
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareAmmar WK
 
Hacker? : it's not about Black or White
Hacker? : it's not about Black or WhiteHacker? : it's not about Black or White
Hacker? : it's not about Black or WhiteAmmar WK
 
Introduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration TestingIntroduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration TestingAmmar WK
 
Burp suite
Burp suiteBurp suite
Burp suiteAmmar WK
 
Web Hacking (basic)
Web Hacking (basic)Web Hacking (basic)
Web Hacking (basic)Ammar WK
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet AnalysisAmmar WK
 
Packet analysis (Basic)
Packet analysis (Basic)Packet analysis (Basic)
Packet analysis (Basic)Ammar WK
 
Network security
Network securityNetwork security
Network securityAmmar WK
 
Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Information Security Professional
Information Security ProfessionalInformation Security Professional
Information Security ProfessionalAmmar WK
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsAmmar WK
 
Layer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigationLayer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigationAmmar WK
 
How To Become A Hacker
How To Become A HackerHow To Become A Hacker
How To Become A HackerAmmar WK
 

More from Ammar WK (20)

Vvdp-fgd-bssn
Vvdp-fgd-bssnVvdp-fgd-bssn
Vvdp-fgd-bssn
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?
 
How To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsHow To [relatively] Secure your Web Applications
How To [relatively] Secure your Web Applications
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industry
 
Bugbounty vs-0day
Bugbounty vs-0dayBugbounty vs-0day
Bugbounty vs-0day
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent Threat
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malware
 
Hacker? : it's not about Black or White
Hacker? : it's not about Black or WhiteHacker? : it's not about Black or White
Hacker? : it's not about Black or White
 
Introduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration TestingIntroduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration Testing
 
Burp suite
Burp suiteBurp suite
Burp suite
 
Web Hacking (basic)
Web Hacking (basic)Web Hacking (basic)
Web Hacking (basic)
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet Analysis
 
Packet analysis (Basic)
Packet analysis (Basic)Packet analysis (Basic)
Packet analysis (Basic)
 
Network security
Network securityNetwork security
Network security
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Information Security Professional
Information Security ProfessionalInformation Security Professional
Information Security Professional
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dips
 
Layer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigationLayer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigation
 
How To Become A Hacker
How To Become A HackerHow To Become A Hacker
How To Become A Hacker
 

Recently uploaded

Global Lighthouse Network - 2021
Global Lighthouse Network - 2021Global Lighthouse Network - 2021
Global Lighthouse Network - 2021Marcio Venturelli
 
Breakthrough in Long-Range Drone Inspection.pdf
Breakthrough in Long-Range Drone Inspection.pdfBreakthrough in Long-Range Drone Inspection.pdf
Breakthrough in Long-Range Drone Inspection.pdfveroniquelapierre
 
Fundamentals of BI Report Testing - Module 2
Fundamentals of BI Report Testing - Module 2Fundamentals of BI Report Testing - Module 2
Fundamentals of BI Report Testing - Module 2MichaelCalabrese20
 
top 5 world's richest countries
top 5 world's richest countriestop 5 world's richest countries
top 5 world's richest countriesAngelTalosig2
 
ITSP Lesson 6 - Information Privacy.pdf
ITSP Lesson 6 - Information Privacy.pdfITSP Lesson 6 - Information Privacy.pdf
ITSP Lesson 6 - Information Privacy.pdfROWELL MARQUINA
 
IASW Drawings Final.pdf
IASW Drawings Final.pdfIASW Drawings Final.pdf
IASW Drawings Final.pdfehclark63
 
Upgrade to 3.1 Planning.pdf
Upgrade to 3.1 Planning.pdfUpgrade to 3.1 Planning.pdf
Upgrade to 3.1 Planning.pdfMarna Walle
 
zdlra-db-migration-5188715.pdf
zdlra-db-migration-5188715.pdfzdlra-db-migration-5188715.pdf
zdlra-db-migration-5188715.pdfAhmed Abdellatif
 
Career Counseling - How to begin a career in Network & Cybersecurity.pdf
Career Counseling - How to begin a career in Network & Cybersecurity.pdfCareer Counseling - How to begin a career in Network & Cybersecurity.pdf
Career Counseling - How to begin a career in Network & Cybersecurity.pdfHaris Chughtai
 
9C Monthly Newsletter - JAN 2024
9C Monthly Newsletter - JAN 20249C Monthly Newsletter - JAN 2024
9C Monthly Newsletter - JAN 2024PublishingTeam
 
5 Must-know Functionalities Of Sharepoint Intranet.pdf
5 Must-know Functionalities Of Sharepoint Intranet.pdf5 Must-know Functionalities Of Sharepoint Intranet.pdf
5 Must-know Functionalities Of Sharepoint Intranet.pdfMoreyeahs
 
ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...
ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...
ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...Pei-Yuan Chien
 
Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...
Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...
Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...corphedge274
 
Global Lighthouse Network - 2019
Global Lighthouse Network - 2019Global Lighthouse Network - 2019
Global Lighthouse Network - 2019Marcio Venturelli
 
Analysis of algorithms
Analysis of algorithmsAnalysis of algorithms
Analysis of algorithmsAsen Bozhilov
 
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdfISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdfHaris Chughtai
 
Empathic AI: Human Factors, System Assessment and Standardisation
Empathic AI: Human Factors, System Assessment and StandardisationEmpathic AI: Human Factors, System Assessment and Standardisation
Empathic AI: Human Factors, System Assessment and StandardisationAladdin Ayesh
 
Green flag Wrap up Google Solution Challenge.pdf
Green flag Wrap up Google Solution Challenge.pdfGreen flag Wrap up Google Solution Challenge.pdf
Green flag Wrap up Google Solution Challenge.pdfGoogleDeveloperStude22
 
Forms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App DesignForms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App DesignDianaGray10
 
Leveraging logging for threat detection.pptx
Leveraging logging for threat detection.pptxLeveraging logging for threat detection.pptx
Leveraging logging for threat detection.pptxChristian Bassey
 

Recently uploaded (20)

Global Lighthouse Network - 2021
Global Lighthouse Network - 2021Global Lighthouse Network - 2021
Global Lighthouse Network - 2021
 
Breakthrough in Long-Range Drone Inspection.pdf
Breakthrough in Long-Range Drone Inspection.pdfBreakthrough in Long-Range Drone Inspection.pdf
Breakthrough in Long-Range Drone Inspection.pdf
 
Fundamentals of BI Report Testing - Module 2
Fundamentals of BI Report Testing - Module 2Fundamentals of BI Report Testing - Module 2
Fundamentals of BI Report Testing - Module 2
 
top 5 world's richest countries
top 5 world's richest countriestop 5 world's richest countries
top 5 world's richest countries
 
ITSP Lesson 6 - Information Privacy.pdf
ITSP Lesson 6 - Information Privacy.pdfITSP Lesson 6 - Information Privacy.pdf
ITSP Lesson 6 - Information Privacy.pdf
 
IASW Drawings Final.pdf
IASW Drawings Final.pdfIASW Drawings Final.pdf
IASW Drawings Final.pdf
 
Upgrade to 3.1 Planning.pdf
Upgrade to 3.1 Planning.pdfUpgrade to 3.1 Planning.pdf
Upgrade to 3.1 Planning.pdf
 
zdlra-db-migration-5188715.pdf
zdlra-db-migration-5188715.pdfzdlra-db-migration-5188715.pdf
zdlra-db-migration-5188715.pdf
 
Career Counseling - How to begin a career in Network & Cybersecurity.pdf
Career Counseling - How to begin a career in Network & Cybersecurity.pdfCareer Counseling - How to begin a career in Network & Cybersecurity.pdf
Career Counseling - How to begin a career in Network & Cybersecurity.pdf
 
9C Monthly Newsletter - JAN 2024
9C Monthly Newsletter - JAN 20249C Monthly Newsletter - JAN 2024
9C Monthly Newsletter - JAN 2024
 
5 Must-know Functionalities Of Sharepoint Intranet.pdf
5 Must-know Functionalities Of Sharepoint Intranet.pdf5 Must-know Functionalities Of Sharepoint Intranet.pdf
5 Must-know Functionalities Of Sharepoint Intranet.pdf
 
ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...
ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...
ML Paper Tutorial - Video Face Manipulation Detection Through Ensemble of CNN...
 
Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...
Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...
Empowering Currency Risk Mastery: Key Features of CorpHedge FX Management Sof...
 
Global Lighthouse Network - 2019
Global Lighthouse Network - 2019Global Lighthouse Network - 2019
Global Lighthouse Network - 2019
 
Analysis of algorithms
Analysis of algorithmsAnalysis of algorithms
Analysis of algorithms
 
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdfISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
ISC2 CC Course (Certified in Cybersecurity) - Part 2.pdf
 
Empathic AI: Human Factors, System Assessment and Standardisation
Empathic AI: Human Factors, System Assessment and StandardisationEmpathic AI: Human Factors, System Assessment and Standardisation
Empathic AI: Human Factors, System Assessment and Standardisation
 
Green flag Wrap up Google Solution Challenge.pdf
Green flag Wrap up Google Solution Challenge.pdfGreen flag Wrap up Google Solution Challenge.pdf
Green flag Wrap up Google Solution Challenge.pdf
 
Forms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App DesignForms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App Design
 
Leveraging logging for threat detection.pptx
Leveraging logging for threat detection.pptxLeveraging logging for threat detection.pptx
Leveraging logging for threat detection.pptx
 

wifi

  • 2. ECHO •I d E i C IndonEsian Community for Hackers  it  f  H k   and Open Source  • The stressing is still around the  hacking stuffs. We're working on the  Open Source activities • Ezines, Advisories, News, Forum,  , , , , Mailing list • Founded in 2003 • Has 13 staff a k a ECHO STAFF staff a.k.a • Has 11116 mailing lists member,  and 14151 Board Discussions  member (Jan,22 2008) b • http://echo.or.id  || http://e‐rdc.org  y3dips@echo.or.id 
  • 4. WI‐FI WI‐ Wi‐Fi, is a wireless networking  l k technology used across the globe.  Wi‐Fi refers to any system that uses  the 802.11 standard, which was  developed by the Institute of  Electrical and Electronics Engineers  g (IEEE) and released in 1997. The  term Wi‐Fi, which is alternatively  spelled WiFi, Wi fi, Wifi, or wifi, was  spelled WiFi  Wi‐fi  Wifi  or wifi  was  pushed by the Wi‐Fi Alliance, a  trade group that pioneered  commercialization of the  technology. Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance y3dips@echo.or.id 
  • 5. 802 11 802.11 802.11 is a set of standards for  f d d f wireless local area network (WLAN)  computer communication,  developed by the IEEE LAN/MAN  Standards Committee (IEEE 802) in  the 5 GHz and 2.4 GHz public  5 4 p spectrum bands. y3dips@echo.or.id 
  • 6. Why WI‐FI Why WI‐ •Convenience:  Flexibility of time  i l bl f and location •Mobility:  Access the internet even  outside their normal work  environment •P d i i  P Productivity: Potentially be more i ll  b   •Deployment: Requires little more  t a a s g e access po t than a single access point •Expandability: Serve a suddenly‐ increased number of clients  •Cost. y3dips@echo.or.id 
  • 8. WI – WI –FI  Security Outsiders can sometimes get into your wireless networks as fast and easily Some Security Method • MAC ID filtering  • Static IP Addressing  • WEP encryption  • WPA  Wi‐Fi Protected Access • WPA2  • LEAP  Lightweight Extensible Authentication Protocol • PEAP  Protected Extensible Authentication Protocol • TKIP  Temporal Key Integrity Protocol • RADIUS  Remote Authentication Dial In User Service • WAPI  WLAN Authentication and Privacy Infrastructure • Smart cards, USB tokens, and  software tokens y3dips@echo.or.id 
  • 9. 3  General Steps To  Relatively Secure 1. All WI‐FI devices need to be secured ll d d b d 2. All Users need to be educated 3. 3 Need to be actively monitored for weaknesses and breaches http://en.wikipedia.org/wiki/Wireless_security y3dips@echo.or.id 
  • 10. Specific  Steps  to be relatively Secure Specific  Steps  to be relatively Secure 1. S    h   t k  bli   Secure your home network: enabling security  of your router (AP) , change password,  i    f     (AP)    h   d  restrict the 2. Protect yourself when using a public hotspot: Connecting to a legitimate hotspot . C l h Use a virtual private network or VPN, Stay away from critical action (bank transaction) 3. Configure for approved connections:  simply configure your device to not automatically  connect  4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to  sharing / connecting with other devices.  5. Install anti‐virus software:  makes it more important to have antivirus software installed. 6. Use a personal firewall: a personal firewall program. p p p g y3dips@echo.or.id 
  • 12. Hardware Hacking Build A Tin Can Waveguide WiFi ild i id i i Antenna • Using a Can, … and else • Increase the range of your  g Wireless network •http://www.turnpoint.net/wireless/cantennahowto.html •http://wikihost.org/wikis/indonesiainternet/programm/ge bo.prg?name=sejarah_internet_indonesia:wajanbolic_e‐ goen y3dips@echo.or.id 
  • 13. War Driving Wardriving is the act of searching di i h f h for Wi‐Fi wireless networks by a person in a moving vehicle using a Wi‐Fi‐equipped computer, such as a laptop or a PDA. (http //en wikipedia org/wiki/Wardriving) http://en.wikipedia.org/wiki/Wardriving Wardrivers are only out to log and collect Tools information about the wireless access points, they find while driving, without using the networks' networks •Net Stumbler services. • Kismet • Kismac • MiniStumbler/Pocket Warior y3dips@echo.or.id 
  • 15. WarChalking Warchalking is the drawing of symbols in public places to advertise an open Wi‐Fi wireless network. k y3dips@echo.or.id 
  • 16. PiggyBacking (using someone else's wireless Internet access) l l Piggybacking is a term used to refer i b ki d f to the illegal access of a wireless internet connection without explicit permission or knowledge from the owner. Targets : Hotspots is a venue that offers Wi‐Fi otspots s e ue t at o e s access. (Café, Restaurants, Campus, Office) y3dips@echo.or.id 
  • 18. Another WI  FI Abuse • DOS • Injection • Fake Access Point • Fake CaptivePortal • EavesDropes • MAC Spoofing • Man In The Middle Attack
  • 19. Top 5 WI‐FI  Tools Top 5 WI WI‐ • Kismet A powerful wireless sniffer • Net Stumbler Free Windows 802.11 Sniffer • AirCrack The fastest available WEP/WPA cracking tooll h f l bl k • AirSnort 802.11 WEP Encryption Cracking Tool • Kismac A GUI passive wireless stumbler for Mac OS X Source: http://sectools.org/wireless.html y3dips@echo.or.id 
  • 21. Taking fun from the wifi at the Cafe Taking fun from the wifi • Café with a Hotspot • Not Free Wifi Access  • Using Some  eleet Restriction Mac Restriction Protocol Restriction (All  TCP need a session auth) • Trick It • Change your mac • Tunnel your connection • Not Free Wifi Access y3dips@echo.or.id 
  • 22. Taking fun from the wifi at the Hotel Taking fun from the wifi at the Hotel • Charge User using their  room number • Using Some  eleet Restriction • Room Number with all  the settings through  Captive Portals • Change the HTTP Request  h h • Not Free Wifi Access y3dips@echo.or.id 
  • 24. DEMO • War Driving • WarChalking • WI‐FI Abuse ? • WEP Cracking y3dips@echo.or.id 

Report as inappropriate

*Required
Copyright Complaint

10 likes

views

Total views2,557
On Slideshare0
From embeds0
Number of embeds0

This saved item is also in a list.

Removing from saved will also delete the item from your lists

Add to a new list

*Required0/50