SlideShare une entreprise Scribd logo

Wireless Security: A False Sense of Security

siDz
siDz

Wireless Security : A False Sense of Security @ BarCamp Melaka. Made/Presented by Ahmad Siddiq b. Mohd Adnan

Technologie
1  sur  32
Wireless Security: A False Sense of Security BarCamp Melaka – 14th November 2009
Introduction A false sense of security is worse than a true sense of insecurity
Me Ahmad Siddiqb. MohdAdnan CCNA, MCSE, Red Hat Trainer. Asia Talk Sdn. Bhd. Guide young Jedi’s how to deal with cables, switches and servers
IEEE 802.11 Introduction Wireless Security: A False Sense of Security
How 802.11 Works Designed to integrate easily with existing wired networks 802.11 uses CSMA/CA to access the medium Each device has a unique 48bit MAC address just like the 802.3 Ethernet
802.11 Modes of Communication Infrastructure All client adapters associate with the Access point. Each client adapter only communicates with the Access Point Ad-Hoc Wireless client adapters communicate with each other directly
Nature of The Medium Unlike on wired networks, all communications are essentially broadcasts This makes passive sniffing and MITM easier Therefore encryption of data is key to secure communication
WiFiProfileration Source: WiFi Alliance, www.wifialliance.org
Attack Hierarchy Attacks Passive Active Denial Of Service Eavesdropping Replay Masquerade Traffic Analysis Message Modification
Securi..what? Wireless Security: A False Sense of Security
Wi-Fi is No Exception Wi-Fi throws new pieces in the information security puzzle ,[object Object]
Threats operative below Layer 3
Wired firewalls, IDS/IPS, anti-virus ineffective against Wi-Fi threats,[object Object]
802.11 Inbuilt Security Wired Equivalent Privacy (WEP) Uses RC4 Stream cipher for encryption WiFi Protected Access (WPA or TKIP) Uses RC4 Stream cipher for encryption WPA2 Uses AES Block cipher for encryption
Wired Equivalent Privacy (WEP) So damn popular in Malaysia WEP implementation has many flaws WEP encryption is easily broken Client side attacks on WEP make it even easier
Wireless Security A False sense of Security Demo 1: WEP key pwnage within a few minutes
Wi-Fi Protected Access (WPA) WPA or TKIP is more secure than WEP WPA-PSK is the easiest to implement WPA-PSK is susceptible to an offline brute-force attack WPA2 uses AES and is so far considered secure
Cracking Exploits
Most Obvious Wi-Fi Threat Solution: Use of strong wireless authentication and encryption in Wi-Fi OPEN and WEP are a BIG NO WPA can be used, but not enterprise grade. Use WPA2 which is enterprise graded. SSID and MAC access control can be evaded
Wi-Fi or No Wi-Fi Cannot Address Unmanaged Devices Threats From Unmanaged Devices
Rogue APs Unmanaged APs attached to the network (Logically) LAN jacks hanging out from the window ,[object Object]
Provides direct access to wired network from the areas of spillage
Steal data on wire
Scan network for vulnerabilities
Firewall, anti-virus, WPA2 do not see this,[object Object]
Ad-hoc Bridge to Wired Network Users may bridge wired and Wi-Fi network on their laptops
Misassociation Policy violation Gmail, IM, banned websites, banned content ,[object Object]
Password stealing, data interception
Growing number of hack tools: KARMETASPLOIT, SSLstrip, Airbase ,[object Object]
WiFi Hotspots Hotspots offer unencrypted connectivity MITM & sniffing is very easily implemented Tools like SSL strip can nullify HTTPS protection (lol) Use of VPN or higher layer encryption is recommended
DoS Attacks Wireless DoS attacks are inevitable for WiFi Spoofed disconnects Spoofed connection floods Hogging wireless medium Even Cisco MFP and 802.11w are vulnerable to DoS attacks Google “Auto immunity disorder in Wireless LANs”
WPA-2 is Essential, But Not Enough!No-WiFi is Also Not Enough!

Recommandé

Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 
Wlan security
Wlan securityWlan security
Wlan securityUpasona Roy
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALASaikiran Panjala
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityAgris Ameriks
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
WIFI Hacking
WIFI HackingWIFI Hacking
WIFI HackingSuraj Bohara
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan securityAnkit Anand
 

Recommandé

Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 
Wlan security
Wlan securityWlan security
Wlan securityUpasona Roy
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALASaikiran Panjala
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityAgris Ameriks
 
WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and ProtectionChandrak Trivedi
 
WIFI Hacking
WIFI HackingWIFI Hacking
WIFI HackingSuraj Bohara
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan securityAnkit Anand
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan SecuritySANDEEPONSLIDESHARE
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityShital Kat
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi HackingPaul Gillingwater, MBA
 
Wlan security
Wlan securityWlan security
Wlan securitySajan Sahu
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hackingHarshit Varshney
 
Windows firewall
Windows firewallWindows firewall
Windows firewallVC Infotech
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingarushi bhatnagar
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network SecurityInformation Technology
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkSecurityTube.Net
 
05 wi fi network security
05 wi fi network security05 wi fi network security
05 wi fi network securityMinistry of Education Malaysia
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 
How to hack wireless internet connections
How to hack wireless internet connectionsHow to hack wireless internet connections
How to hack wireless internet connectionsNitin kumar Gupta
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Securityphanleson
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
Wireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaWireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaArpit Bhatia
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsüremin_oz
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellHishan Shouketh
 
Home away
Home awayHome away
Home awayJcMagnin
 
Future Simple 3 eso
Future Simple 3 esoFuture Simple 3 eso
Future Simple 3 esoIES - Junta de Andalucia
 

Contenu connexe

Tendances

Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudyMohammad Mahmud Kabir
 
Windows firewall
Windows firewallWindows firewall
Windows firewallVC Infotech
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkSecurityTube.Net
 
How to hack wireless internet connections
How to hack wireless internet connectionsHow to hack wireless internet connections
How to hack wireless internet connectionsNitin kumar Gupta
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Securityphanleson
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network SecurityGyana Ranjana
 
Wireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaWireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaArpit Bhatia
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking SecurityAnshuman Biswal
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsüremin_oz
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellHishan Shouketh
 

Tendances (20)

Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan Security
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi Hacking
 
Wlan security
Wlan securityWlan security
Wlan security
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hacking
 
Windows firewall
Windows firewallWindows firewall
Windows firewall
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Ch06 Wireless Network Security
Ch06 Wireless Network SecurityCh06 Wireless Network Security
Ch06 Wireless Network Security
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
 
05 wi fi network security
05 wi fi network security05 wi fi network security
05 wi fi network security
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
How to hack wireless internet connections
How to hack wireless internet connectionsHow to hack wireless internet connections
How to hack wireless internet connections
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Security
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
Wireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit BhatiaWireless LAN Security by Arpit Bhatia
Wireless LAN Security by Arpit Bhatia
 
Wireless Networking Security
Wireless Networking SecurityWireless Networking Security
Wireless Networking Security
 
Firewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsürFirewall presentation m. emin özgünsür
Firewall presentation m. emin özgünsür
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
 

En vedette

Unforgettable Javita Weight Loss Testimonials of 2013-2014
Unforgettable Javita Weight Loss Testimonials of 2013-2014Unforgettable Javita Weight Loss Testimonials of 2013-2014
Unforgettable Javita Weight Loss Testimonials of 2013-2014Intello
 
Chapter 3 notes 1
Chapter 3 notes 1Chapter 3 notes 1
Chapter 3 notes 1charsh
 
Brian Le Roux Presentation Introducing Phone Gap
Brian Le Roux Presentation Introducing Phone GapBrian Le Roux Presentation Introducing Phone Gap
Brian Le Roux Presentation Introducing Phone GapAjax Experience 2009
 
Moon phases[1]
Moon phases[1]Moon phases[1]
Moon phases[1]charsh
 
Samiya Hethcock's Javita Weight Loss Testimonial
Samiya Hethcock's Javita Weight Loss TestimonialSamiya Hethcock's Javita Weight Loss Testimonial
Samiya Hethcock's Javita Weight Loss TestimonialIntello
 
Heads in the Cloud, Students in the Driving Seat
Heads in the Cloud, Students in the Driving SeatHeads in the Cloud, Students in the Driving Seat
Heads in the Cloud, Students in the Driving SeatVictoria College
 
Haileybury Group Directors of Studies Presentation June 2011
Haileybury Group Directors of Studies Presentation June 2011 Haileybury Group Directors of Studies Presentation June 2011
Haileybury Group Directors of Studies Presentation June 2011 Victoria College
 
信息分类和方法
信息分类和方法信息分类和方法
信息分类和方法tony
 
Weathering Andie
Weathering AndieWeathering Andie
Weathering Andiecharsh
 
The science of productive breaks
The science of productive breaksThe science of productive breaks
The science of productive breaksWrike
 
Brasil III PPS by Sonia Medeiros
Brasil III PPS by Sonia MedeirosBrasil III PPS by Sonia Medeiros
Brasil III PPS by Sonia MedeirosSonia Medeiros
 
Ted Husted Api Doc Smackdown Ae2009
Ted Husted Api Doc Smackdown Ae2009Ted Husted Api Doc Smackdown Ae2009
Ted Husted Api Doc Smackdown Ae2009Ajax Experience 2009
 

En vedette (20)

Home away
Home awayHome away
Home away
 
Future Simple 3 eso
Future Simple 3 esoFuture Simple 3 eso
Future Simple 3 eso
 
Unforgettable Javita Weight Loss Testimonials of 2013-2014
Unforgettable Javita Weight Loss Testimonials of 2013-2014Unforgettable Javita Weight Loss Testimonials of 2013-2014
Unforgettable Javita Weight Loss Testimonials of 2013-2014
 
Wave Energy
Wave EnergyWave Energy
Wave Energy
 
Chapter 3 notes 1
Chapter 3 notes 1Chapter 3 notes 1
Chapter 3 notes 1
 
Brian Le Roux Presentation Introducing Phone Gap
Brian Le Roux Presentation Introducing Phone GapBrian Le Roux Presentation Introducing Phone Gap
Brian Le Roux Presentation Introducing Phone Gap
 
Moon phases[1]
Moon phases[1]Moon phases[1]
Moon phases[1]
 
Redes Sociales2
Redes Sociales2Redes Sociales2
Redes Sociales2
 
Imunita v zimě
Imunita v ziměImunita v zimě
Imunita v zimě
 
Samiya Hethcock's Javita Weight Loss Testimonial
Samiya Hethcock's Javita Weight Loss TestimonialSamiya Hethcock's Javita Weight Loss Testimonial
Samiya Hethcock's Javita Weight Loss Testimonial
 
Heads in the Cloud, Students in the Driving Seat
Heads in the Cloud, Students in the Driving SeatHeads in the Cloud, Students in the Driving Seat
Heads in the Cloud, Students in the Driving Seat
 
Haileybury Group Directors of Studies Presentation June 2011
Haileybury Group Directors of Studies Presentation June 2011 Haileybury Group Directors of Studies Presentation June 2011
Haileybury Group Directors of Studies Presentation June 2011
 
Have to 3-4 ESO
Have to 3-4 ESOHave to 3-4 ESO
Have to 3-4 ESO
 
150321 bagian isi
150321 bagian isi150321 bagian isi
150321 bagian isi
 
信息分类和方法
信息分类和方法信息分类和方法
信息分类和方法
 
Weathering Andie
Weathering AndieWeathering Andie
Weathering Andie
 
The science of productive breaks
The science of productive breaksThe science of productive breaks
The science of productive breaks
 
Is Your Business on Local Ad Link?
Is Your Business on Local Ad Link?Is Your Business on Local Ad Link?
Is Your Business on Local Ad Link?
 
Brasil III PPS by Sonia Medeiros
Brasil III PPS by Sonia MedeirosBrasil III PPS by Sonia Medeiros
Brasil III PPS by Sonia Medeiros
 
Ted Husted Api Doc Smackdown Ae2009
Ted Husted Api Doc Smackdown Ae2009Ted Husted Api Doc Smackdown Ae2009
Ted Husted Api Doc Smackdown Ae2009
 

Similaire à Wireless Security: A False Sense of Security

Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level securityChetan Kumar S
 
Module 6 Wireless Network security
Module 6 Wireless Network securityModule 6 Wireless Network security
Module 6 Wireless Network securitynikshaikh786
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesMichael Boman
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSreekanth GS
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11bguestd7b627
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfSeanHussey8
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Hacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonHacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonOWASP Delhi
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-accessbhanu4ugood1
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...Lindsey Landolfi
 
Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedIRJET Journal
 
Pentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssuePentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssueIshan Girdhar
 
Wireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by VijayWireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by Vijaythevijayps
 
Wireless security report
Wireless security reportWireless security report
Wireless security reportMarynol Cahinde
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprisesshrutisreddy
 
White paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksWhite paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksAltaware, Inc.
 

Similaire à Wireless Security: A False Sense of Security (20)

Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
Module 6 Wireless Network security
Module 6 Wireless Network securityModule 6 Wireless Network security
Module 6 Wireless Network security
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best Practices
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Securing the Use of Wireless Fidelity (WiFi) in Libraries
Securing the Use of Wireless Fidelity (WiFi) in LibrariesSecuring the Use of Wireless Fidelity (WiFi) in Libraries
Securing the Use of Wireless Fidelity (WiFi) in Libraries
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
 
Hacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonHacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh Jadon
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
 
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
The Risks and Security Standards of WLAN Technologies: Bluetooth and Wireles...
 
Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be Jeopardized
 
Wi fi technology
Wi fi technologyWi fi technology
Wi fi technology
 
Pentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssuePentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 Issue
 
Wireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by VijayWireless and WLAN Secuirty, Presented by Vijay
Wireless and WLAN Secuirty, Presented by Vijay
 
Wireless security report
Wireless security reportWireless security report
Wireless security report
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprises
 
Wi Fi Technology
Wi Fi TechnologyWi Fi Technology
Wi Fi Technology
 
White paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksWhite paper - Building Secure Wireless Networks
White paper - Building Secure Wireless Networks
 

Dernier

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 

Dernier (20)

Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 

Wireless Security: A False Sense of Security

  • 1. Wireless Security: A False Sense of Security BarCamp Melaka – 14th November 2009
  • 2. Introduction A false sense of security is worse than a true sense of insecurity
  • 3. Me Ahmad Siddiqb. MohdAdnan CCNA, MCSE, Red Hat Trainer. Asia Talk Sdn. Bhd. Guide young Jedi’s how to deal with cables, switches and servers
  • 4. IEEE 802.11 Introduction Wireless Security: A False Sense of Security
  • 5. How 802.11 Works Designed to integrate easily with existing wired networks 802.11 uses CSMA/CA to access the medium Each device has a unique 48bit MAC address just like the 802.3 Ethernet
  • 6. 802.11 Modes of Communication Infrastructure All client adapters associate with the Access point. Each client adapter only communicates with the Access Point Ad-Hoc Wireless client adapters communicate with each other directly
  • 7. Nature of The Medium Unlike on wired networks, all communications are essentially broadcasts This makes passive sniffing and MITM easier Therefore encryption of data is key to secure communication
  • 8. WiFiProfileration Source: WiFi Alliance, www.wifialliance.org
  • 9. Attack Hierarchy Attacks Passive Active Denial Of Service Eavesdropping Replay Masquerade Traffic Analysis Message Modification
  • 10. Securi..what? Wireless Security: A False Sense of Security
  • 11.
  • 13.
  • 14. 802.11 Inbuilt Security Wired Equivalent Privacy (WEP) Uses RC4 Stream cipher for encryption WiFi Protected Access (WPA or TKIP) Uses RC4 Stream cipher for encryption WPA2 Uses AES Block cipher for encryption
  • 15. Wired Equivalent Privacy (WEP) So damn popular in Malaysia WEP implementation has many flaws WEP encryption is easily broken Client side attacks on WEP make it even easier
  • 16. Wireless Security A False sense of Security Demo 1: WEP key pwnage within a few minutes
  • 17. Wi-Fi Protected Access (WPA) WPA or TKIP is more secure than WEP WPA-PSK is the easiest to implement WPA-PSK is susceptible to an offline brute-force attack WPA2 uses AES and is so far considered secure
  • 19. Most Obvious Wi-Fi Threat Solution: Use of strong wireless authentication and encryption in Wi-Fi OPEN and WEP are a BIG NO WPA can be used, but not enterprise grade. Use WPA2 which is enterprise graded. SSID and MAC access control can be evaded
  • 20. Wi-Fi or No Wi-Fi Cannot Address Unmanaged Devices Threats From Unmanaged Devices
  • 21.
  • 22. Provides direct access to wired network from the areas of spillage
  • 24. Scan network for vulnerabilities
  • 25.
  • 26. Ad-hoc Bridge to Wired Network Users may bridge wired and Wi-Fi network on their laptops
  • 27.
  • 28. Password stealing, data interception
  • 29.
  • 30. WiFi Hotspots Hotspots offer unencrypted connectivity MITM & sniffing is very easily implemented Tools like SSL strip can nullify HTTPS protection (lol) Use of VPN or higher layer encryption is recommended
  • 31. DoS Attacks Wireless DoS attacks are inevitable for WiFi Spoofed disconnects Spoofed connection floods Hogging wireless medium Even Cisco MFP and 802.11w are vulnerable to DoS attacks Google “Auto immunity disorder in Wireless LANs”
  • 32. WPA-2 is Essential, But Not Enough!No-WiFi is Also Not Enough!
  • 33. 24x7 Comprehensive Protection with Wireless Intrusion Prevention System (WIPS) Wireless DOS
  • 34. WIPS Providers in the Market
  • 35. Wireless Security A False sense of Security Demo 2: Cuz I’m a Man In The Mirror
  • 36. Conclusion Wi-Fi warrants new security controls in enterprise networks For both Wi-Fi and no Wi-Fi networks Perceived as high priority item today Also a regulatory compliance requirements Strong authorization and encryption (WPA2) is essential for authorized Wi-Fi Prevents eavesdropping and unauthorized access Another layer of security in the form of WIPS (Wireless Intrusion Prevention System) is essential for comprehensive protection Prevents Rogue AP’s, ad-hoc connection, misassociations, cracking exploits, DoS attacks Compliance monitoring Performance monitoring and troubleshooting as added benefits
  • 37. Questions? I don’t bring my name card. I love trees. email: mysiddiq@gmail.com Thanks for listening May your next day be more secure