SlideShare une entreprise Scribd logo

Skyjacking A Cisco Wlan Attack Analysis And Countermeasures

AirTight Networks
AirTight Networks

This presentation will deconstruct the skyjacking vulnerability - explaining why the vulnerability occurs in Cisco WLANs, which Cisco access points are affected, how skyjacking can be exploited to launch potent attacks, and what are the best practices to proactively protect your enterprise network against such zero-day vulnerabilities and attacks.

TechnologieFormation
1  sur  29
Skyjacking a Cisco WLAN: Attack Analysis and Countermeasures Presenters: Dr. Pravin Bhagwat, CTO Dr. Hemant Chaskar, Director of Technology Moderator: Sri Sundaralingam, VP of Product Management
In the News Cisco wireless LAN vulnerability could open ‘back door’ Cisco wireless LANs at risk of attack, ‘skyjacking’ Newly discovered vulnerability could threaten Cisco wireless LANs
What Cisco says “ No risk of data loss or interception” “ Could allow an attacker to cause a denial of service (DoS) condition” It’s not a big deal! Severity = Mild
Hmm… ? ? ? What exactly is skyjacking? Do I need to worry about it? How severe is the exploit?
What you will learn today The risk from skyjacking vulnerability is much bigger than stated How to assess if you are vulnerable Countermeasures for skyjacking and other zero-day attacks
Five ways a LAP can discover WLCs Subnet-level broadcast Configured DNS DHCP Over-the-air provisioning (OTAP)
Three criteria a LAP uses to select a WLC Primary, Secondary, Tertiary Master mode Maximum excess capacity Step 1 Step 2 Step 3
Over-the-air provisioning (OTAP)
OTAP exploited for “skyjacking”
Skyjacked LAP denies service to wireless users
Is this just tip of the iceberg?
Secure WLAN enterprise access Before Internal to corporate network 20 WPA2 Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
Authorized LAP skyjacked – DoS Before DoS Internal to corporate network 20 WPA2 Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
Authorized LAP turned into Open Rogue AP Before Rogue on Network Internal to corporate network 30 OPEN Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
Camouflaged Rogue LAP: a backdoor to your enterprise network!
Wolf in Sheep Clothing Before Rogue on Network Internal to corporate network 30 WPA2 Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
Wolf in Sheep Clothing – Scenario 2 Before Rogue on Network Internal to corporate network 20 WPA2 Corp Internal to corporate network 30 OPEN Guest Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To DoS
SpectraGuard ® Enterprise WLAN policy set-up Guest WLAN SSID Allowed Subnet (VLAN) for Guest SSID
Normal WLAN operation Authorized SSIDs are seen in “Green” color and are detected with VLAN identifier to which they connect Device list displayed on SpectraGuard Enterprise console
Skyjacking on guest access 1 Change in the VLAN is detected 2 SSID marked as “misconfigured” (Background changes to amber) 3 Automatic Prevention started ( Shield icon appears )
Summary Open rogue WPA2 rogue Open guest rogue Guest access as Open Rogue AP (Wolf in Sheep clothing – scenario 2) Authorized SSID as “Privileged” Rogue AP (Wolf in Sheep clothing) Authorized SSID as Open Rogue AP Type of Skyjacking attack  X  X   AirTight’s unique wireless-wired correlation based threat detection Only over-air threat detection
AirTight’s SpectraGuard Enterprise Thanks to patented marker packet technology for accurate wired connectivity detection and unique VLAN Policy Mapping ™ architecture The only WIPS that can provide zero-day protection against the most potent form of skyjacking attack
Which LAPs can be skyjacked? ? Vulnerable? Type of Cisco LAP No Configured with locally significant certificates (LSC) Mostly No Configured with “preferred” WLCs (primary, secondary, tertiary) Yes LAPs using auto discovery
Countermeasures Manually configure LAPs with preferred WLCs (primary, secondary, tertiary) Manually configure LAPs with LSCs Primarily HA and load balancing feature Impractical Block outgoing traffic from UDP ports 12222 and 12223 on your firewall Not a common practice Turn off OTAP on WLC Ineffective!
Practical difficulties: Do you know ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
One mistake and you could be exposed!
Adding second, independent layer of WIPS protection Misconfigurations Zero-day attacks Designed for security Designed for WLAN access Undesirable connections Misconfigurations Zero-day attacks Undesirable connections
AirTight’s SpectraGuard product family SpectraGuard SAFE Wireless Security for Mobile Users SpectraGuard Online Industry’s Only Wireless Security Service SpectraGuard Enterprise Complete Wireless Intrusion Prevention WLAN Coverage & Security Planning SpectraGuard Planner
About AirTight Networks The Global Leader in Wireless Security and Compliance For more information on wireless security risks, best practices, and solutions, visit: www.airtightnetworks.com Visit our blog to read the root cause analysis of “ Skyjacking: What Went Wrong?” blog.airtightnetworks.com

Recommandé

Pxosys Webinar Amplify your Security
Pxosys Webinar Amplify your SecurityPxosys Webinar Amplify your Security
Pxosys Webinar Amplify your Security🏆Ruben Cocheno💭
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksChema Alonso
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Cevn Vibert. Thales UK. 28th January
Cevn Vibert. Thales UK. 28th JanuaryCevn Vibert. Thales UK. 28th January
Cevn Vibert. Thales UK. 28th JanuaryUKTI2014
 
WIFI Hacking
WIFI HackingWIFI Hacking
WIFI HackingSuraj Bohara
 
Ahmad Siddiq Wi-Fi Ninjutsu Exploitation
Ahmad Siddiq Wi-Fi Ninjutsu ExploitationAhmad Siddiq Wi-Fi Ninjutsu Exploitation
Ahmad Siddiq Wi-Fi Ninjutsu Exploitationbarcamp.my
 
How to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngHow to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngOpen Knowledge Nepal
 

Recommandé

Pxosys Webinar Amplify your Security
Pxosys Webinar Amplify your SecurityPxosys Webinar Amplify your Security
Pxosys Webinar Amplify your Security🏆Ruben Cocheno💭
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksChema Alonso
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Cevn Vibert. Thales UK. 28th January
Cevn Vibert. Thales UK. 28th JanuaryCevn Vibert. Thales UK. 28th January
Cevn Vibert. Thales UK. 28th JanuaryUKTI2014
 
WIFI Hacking
WIFI HackingWIFI Hacking
WIFI HackingSuraj Bohara
 
Ahmad Siddiq Wi-Fi Ninjutsu Exploitation
Ahmad Siddiq Wi-Fi Ninjutsu ExploitationAhmad Siddiq Wi-Fi Ninjutsu Exploitation
Ahmad Siddiq Wi-Fi Ninjutsu Exploitationbarcamp.my
 
How to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngHow to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngOpen Knowledge Nepal
 
Feb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityFeb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityCasey Dunham
 
A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!edwardo
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtubeDhruv Sharma
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Today's Predictions for Tomorrow's Connected World
Today's Predictions for Tomorrow's Connected World Today's Predictions for Tomorrow's Connected World
Today's Predictions for Tomorrow's Connected World Symantec
 
Firewall girija ppt
Firewall girija pptFirewall girija ppt
Firewall girija pptGirija Sankar Dash
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding FirewallsLikan Patra
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
Cracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary AttacksCracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary Attacksn|u - The Open Security Community
 
What is NetFlow?
What is NetFlow?What is NetFlow?
What is NetFlow?NetHound
 
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam tests
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam testsSecurity PWNing 2018 - Penthertz: The use of radio attacks during redteam tests
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam tests📡 Sebastien Dudek
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingarushi bhatnagar
 
謝續平
謝續平謝續平
謝續平9577601
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Day1
Day1Day1
Day1Jai4uk
 
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallDetect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hackingHarshit Varshney
 
Day4
Day4Day4
Day4Jai4uk
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?EnergySec
 
Return oriented programming
Return oriented programmingReturn oriented programming
Return oriented programminghybr1s
 
Oracle UCM Security: Challenges and Best Practices
Oracle UCM Security: Challenges and Best PracticesOracle UCM Security: Challenges and Best Practices
Oracle UCM Security: Challenges and Best PracticesBrian Huff
 

Contenu connexe

Tendances

Feb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityFeb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityCasey Dunham
 
A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!edwardo
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtubeDhruv Sharma
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Today's Predictions for Tomorrow's Connected World
Today's Predictions for Tomorrow's Connected World Today's Predictions for Tomorrow's Connected World
Today's Predictions for Tomorrow's Connected World Symantec
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding FirewallsLikan Patra
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallHuda Seyam
 
What is NetFlow?
What is NetFlow?What is NetFlow?
What is NetFlow?NetHound
 
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam tests
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam testsSecurity PWNing 2018 - Penthertz: The use of radio attacks during redteam tests
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam tests📡 Sebastien Dudek
 
謝續平
謝續平謝續平
謝續平9577601
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallDetect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallHuda Seyam
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?EnergySec
 

Tendances (20)

Feb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityFeb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-Security
 
A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!
 
Cisco umbrella youtube
Cisco umbrella youtubeCisco umbrella youtube
Cisco umbrella youtube
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
 
Today's Predictions for Tomorrow's Connected World
Today's Predictions for Tomorrow's Connected World Today's Predictions for Tomorrow's Connected World
Today's Predictions for Tomorrow's Connected World
 
Firewall girija ppt
Firewall girija pptFirewall girija ppt
Firewall girija ppt
 
Tech 101: Understanding Firewalls
Tech 101: Understanding FirewallsTech 101: Understanding Firewalls
Tech 101: Understanding Firewalls
 
Snort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense FirewallSnort Intrusion Detection / Prevention System on PFSense Firewall
Snort Intrusion Detection / Prevention System on PFSense Firewall
 
Cracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary AttacksCracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary Attacks
 
What is NetFlow?
What is NetFlow?What is NetFlow?
What is NetFlow?
 
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam tests
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam testsSecurity PWNing 2018 - Penthertz: The use of radio attacks during redteam tests
Security PWNing 2018 - Penthertz: The use of radio attacks during redteam tests
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
謝續平
謝續平謝續平
謝續平
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
Day1
Day1Day1
Day1
 
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense FirewallDetect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
Detect HTTP Brute Force attack using Snort IDS/IPS on PFSense Firewall
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hacking
 
Day4
Day4Day4
Day4
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 

En vedette

Return oriented programming
Return oriented programmingReturn oriented programming
Return oriented programminghybr1s
 
Oracle UCM Security: Challenges and Best Practices
Oracle UCM Security: Challenges and Best PracticesOracle UCM Security: Challenges and Best Practices
Oracle UCM Security: Challenges and Best PracticesBrian Huff
 
Patent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignPatent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignYosuke Sakai
 
Antivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and CountermeasuresAntivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and Countermeasuressecurityxploded
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
Dstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous PathogensDstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous Pathogenswarwick_amr
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Jeremiah Grossman
 
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011International Atomic Energy Agency
 
Cehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingCehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingpolichen
 
VoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate WorldVoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate WorldJason Edelstein
 
Bone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and CountermeasuresBone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and CountermeasuresAmerican Astronautical Society
 
Iis Security Programming Countermeasures
Iis Security Programming CountermeasuresIis Security Programming Countermeasures
Iis Security Programming Countermeasuresguestc27cd9
 
Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.Marko Kovic
 
Designing Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows ThreatsDesigning Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows ThreatsDarwish Ahmad
 
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"Alonso Caballero
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsDr. Emin İslam Tatlı
 
Irregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData ProcessorsIrregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData ProcessorsTokyo University of Science
 
Owasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesOwasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesMarco Morana
 
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...CODE BLUE
 

En vedette (20)

Return oriented programming
Return oriented programmingReturn oriented programming
Return oriented programming
 
Oracle UCM Security: Challenges and Best Practices
Oracle UCM Security: Challenges and Best PracticesOracle UCM Security: Challenges and Best Practices
Oracle UCM Security: Challenges and Best Practices
 
Patent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction DesignPatent Risk and Countermeasures Related to Open Management in Interaction Design
Patent Risk and Countermeasures Related to Open Management in Interaction Design
 
Antivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and CountermeasuresAntivirus Evasion Techniques and Countermeasures
Antivirus Evasion Techniques and Countermeasures
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Dstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous PathogensDstl Medical Countermeasures for Dangerous Pathogens
Dstl Medical Countermeasures for Dangerous Pathogens
 
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
Identifying Web Servers: A First-look Into the Future of Web Server Fingerpri...
 
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
Table 4: Unit 4 Reactor: Fukushima Daiichi Nuclear Power Plant - 18 May 2011
 
Cehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingCehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hacking
 
Seminar Presentation
Seminar PresentationSeminar Presentation
Seminar Presentation
 
VoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate WorldVoIP: Attacks & Countermeasures in the Corporate World
VoIP: Attacks & Countermeasures in the Corporate World
 
Bone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and CountermeasuresBone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
Bone Loss in Long-Duration Spaceflight: Measurements and Countermeasures
 
Iis Security Programming Countermeasures
Iis Security Programming CountermeasuresIis Security Programming Countermeasures
Iis Security Programming Countermeasures
 
Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.Digital Astroturfing: Definition, typology, and countermeasures.
Digital Astroturfing: Definition, typology, and countermeasures.
 
Designing Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows ThreatsDesigning Countermeasures For Tomorrows Threats
Designing Countermeasures For Tomorrows Threats
 
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
Webinar Gratuito: "Herramientas Graficas en Kali Linux 2.0"
 
Google Hacking for Cryptographic Secrets
Google Hacking for Cryptographic SecretsGoogle Hacking for Cryptographic Secrets
Google Hacking for Cryptographic Secrets
 
Irregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData ProcessorsIrregularity Countermeasures in Massively Parallel BigData Processors
Irregularity Countermeasures in Massively Parallel BigData Processors
 
Owasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root CausesOwasp Top 10 And Security Flaw Root Causes
Owasp Top 10 And Security Flaw Root Causes
 
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
[CB16] Air-Gap security: State-of-the-art Attacks, Analysis, and Mitigation b...
 

Similaire à Skyjacking A Cisco Wlan Attack Analysis And Countermeasures

Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?Samir Palnitkar
 
Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?Samir Palnitkar
 
How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationWestermo Network Technologies
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11bguestd7b627
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSreekanth GS
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecuritysiDz
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level securityChetan Kumar S
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationCARMEN ALCIVAR
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesMichael Boman
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Scienceinventy
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentestingYunfei Yang
 
physical and hardware security(http://4knet.ir)
physical and hardware security(http://4knet.ir)physical and hardware security(http://4knet.ir)
physical and hardware security(http://4knet.ir)Azad Kaki
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 

Similaire à Skyjacking A Cisco Wlan Attack Analysis And Countermeasures (20)

Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?
 
Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?Skyjacking A Cisco WLAN - What it means and how to protect against it?
Skyjacking A Cisco WLAN - What it means and how to protect against it?
 
How to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregationHow to secure your industrial network using segmentation and segregation
How to secure your industrial network using segmentation and segregation
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
FIREWALL
FIREWALLFIREWALL
FIREWALL
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
 
Wireless LAN Deployment Best Practices
Wireless LAN Deployment Best PracticesWireless LAN Deployment Best Practices
Wireless LAN Deployment Best Practices
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
 
Ngfw overview
Ngfw overviewNgfw overview
Ngfw overview
 
Firewall ppt
Firewall pptFirewall ppt
Firewall ppt
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentesting
 
physical and hardware security(http://4knet.ir)
physical and hardware security(http://4knet.ir)physical and hardware security(http://4knet.ir)
physical and hardware security(http://4knet.ir)
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011AirTight Networks - Wireless Security 2011
AirTight Networks - Wireless Security 2011
 
Wlan security
Wlan securityWlan security
Wlan security
 
Firewall ppt.pptx
Firewall ppt.pptxFirewall ppt.pptx
Firewall ppt.pptx
 

Plus de AirTight Networks

Is 11ac Right for Your Network?
Is 11ac Right for Your Network?Is 11ac Right for Your Network?
Is 11ac Right for Your Network?AirTight Networks
 
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014AirTight Networks
 
Wi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfWi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfAirTight Networks
 
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight Networks
 
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration AirTight Networks
 
AirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks
 
AirTight social wifi solution brief
AirTight social wifi solution briefAirTight social wifi solution brief
AirTight social wifi solution briefAirTight Networks
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013AirTight Networks
 
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...AirTight Networks
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecurityAirTight Networks
 
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Networks
 
Non WiFi interference combat guide 1
Non WiFi interference combat guide 1Non WiFi interference combat guide 1
Non WiFi interference combat guide 1AirTight Networks
 
WPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsWPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsAirTight Networks
 
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesWPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesAirTight Networks
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseAirTight Networks
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseAirTight Networks
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
Retail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsRetail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsAirTight Networks
 

Plus de AirTight Networks (20)

Is 11ac Right for Your Network?
Is 11ac Right for Your Network?Is 11ac Right for Your Network?
Is 11ac Right for Your Network?
 
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
Air tight 11ac webinar series session 2 - 11ac feature deep dive - june 2014
 
Wi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise ThyselfWi-Fi Offload Summit - Monetise Thyself
Wi-Fi Offload Summit - Monetise Thyself
 
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
AirTight 11ac Webinar Series, Aession 1 - Intro to 802.11ac - June 10 2014
 
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
Restaurant Wi-Fi Primer: Retail Analytics and Social Integration
 
AirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSPAirTight Networks Evolution - Cloud & MSP
AirTight Networks Evolution - Cloud & MSP
 
AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6AirTight Networks WIPS at Wireless Field Day 6 WFD6
AirTight Networks WIPS at Wireless Field Day 6 WFD6
 
AirTight social wifi solution brief
AirTight social wifi solution briefAirTight social wifi solution brief
AirTight social wifi solution brief
 
Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013Considerations for a secure enterprise wlan data connectors 2013
Considerations for a secure enterprise wlan data connectors 2013
 
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
Drive Revenue, Protect Data, & Automate PCI Compliance by Dwight Agriel | @Ai...
 
Survey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise SecuritySurvey on the Impact of BYOD on Enterprise Security
Survey on the Impact of BYOD on Enterprise Security
 
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
AirTight Secure Wi-Fi™ Cloud-based Secure Wi-Fi Access with PCI Wireless Scan...
 
Non WiFi interference combat guide 1
Non WiFi interference combat guide 1Non WiFi interference combat guide 1
Non WiFi interference combat guide 1
 
WPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQsWPA2 Hole196 Vulnerability FAQs
WPA2 Hole196 Vulnerability FAQs
 
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation StrategiesWPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
WPA2 Hole196 Vulnerability: Exploits and Remediation Strategies
 
Conquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the EnterpriseConquering the Minefield of Soft Rogue APs in the Enterprise
Conquering the Minefield of Soft Rogue APs in the Enterprise
 
Windows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the EnterpriseWindows 7 - A New Wireless Risk to the Enterprise
Windows 7 - A New Wireless Risk to the Enterprise
 
802.11w Tutorial
802.11w Tutorial802.11w Tutorial
802.11w Tutorial
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Retail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—RecommendationsRetail Stores and Wireless Security—Recommendations
Retail Stores and Wireless Security—Recommendations
 

Dernier

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Dernier (20)

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Skyjacking A Cisco Wlan Attack Analysis And Countermeasures

  • 1. Skyjacking a Cisco WLAN: Attack Analysis and Countermeasures Presenters: Dr. Pravin Bhagwat, CTO Dr. Hemant Chaskar, Director of Technology Moderator: Sri Sundaralingam, VP of Product Management
  • 2. In the News Cisco wireless LAN vulnerability could open ‘back door’ Cisco wireless LANs at risk of attack, ‘skyjacking’ Newly discovered vulnerability could threaten Cisco wireless LANs
  • 3. What Cisco says “ No risk of data loss or interception” “ Could allow an attacker to cause a denial of service (DoS) condition” It’s not a big deal! Severity = Mild
  • 4. Hmm… ? ? ? What exactly is skyjacking? Do I need to worry about it? How severe is the exploit?
  • 5. What you will learn today The risk from skyjacking vulnerability is much bigger than stated How to assess if you are vulnerable Countermeasures for skyjacking and other zero-day attacks
  • 6. Five ways a LAP can discover WLCs Subnet-level broadcast Configured DNS DHCP Over-the-air provisioning (OTAP)
  • 7. Three criteria a LAP uses to select a WLC Primary, Secondary, Tertiary Master mode Maximum excess capacity Step 1 Step 2 Step 3
  • 9. OTAP exploited for “skyjacking”
  • 10. Skyjacked LAP denies service to wireless users
  • 11. Is this just tip of the iceberg?
  • 12. Secure WLAN enterprise access Before Internal to corporate network 20 WPA2 Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
  • 13. Authorized LAP skyjacked – DoS Before DoS Internal to corporate network 20 WPA2 Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
  • 14. Authorized LAP turned into Open Rogue AP Before Rogue on Network Internal to corporate network 30 OPEN Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
  • 15. Camouflaged Rogue LAP: a backdoor to your enterprise network!
  • 16. Wolf in Sheep Clothing Before Rogue on Network Internal to corporate network 30 WPA2 Corp Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To
  • 17. Wolf in Sheep Clothing – Scenario 2 Before Rogue on Network Internal to corporate network 20 WPA2 Corp Internal to corporate network 30 OPEN Guest Comment VLAN Security SSID Internal to corporate network 30 AP Physically Connected To DoS
  • 18. SpectraGuard ® Enterprise WLAN policy set-up Guest WLAN SSID Allowed Subnet (VLAN) for Guest SSID
  • 19. Normal WLAN operation Authorized SSIDs are seen in “Green” color and are detected with VLAN identifier to which they connect Device list displayed on SpectraGuard Enterprise console
  • 20. Skyjacking on guest access 1 Change in the VLAN is detected 2 SSID marked as “misconfigured” (Background changes to amber) 3 Automatic Prevention started ( Shield icon appears )
  • 21. Summary Open rogue WPA2 rogue Open guest rogue Guest access as Open Rogue AP (Wolf in Sheep clothing – scenario 2) Authorized SSID as “Privileged” Rogue AP (Wolf in Sheep clothing) Authorized SSID as Open Rogue AP Type of Skyjacking attack  X  X   AirTight’s unique wireless-wired correlation based threat detection Only over-air threat detection
  • 22. AirTight’s SpectraGuard Enterprise Thanks to patented marker packet technology for accurate wired connectivity detection and unique VLAN Policy Mapping ™ architecture The only WIPS that can provide zero-day protection against the most potent form of skyjacking attack
  • 23. Which LAPs can be skyjacked? ? Vulnerable? Type of Cisco LAP No Configured with locally significant certificates (LSC) Mostly No Configured with “preferred” WLCs (primary, secondary, tertiary) Yes LAPs using auto discovery
  • 24. Countermeasures Manually configure LAPs with preferred WLCs (primary, secondary, tertiary) Manually configure LAPs with LSCs Primarily HA and load balancing feature Impractical Block outgoing traffic from UDP ports 12222 and 12223 on your firewall Not a common practice Turn off OTAP on WLC Ineffective!
  • 25.
  • 26. One mistake and you could be exposed!
  • 27. Adding second, independent layer of WIPS protection Misconfigurations Zero-day attacks Designed for security Designed for WLAN access Undesirable connections Misconfigurations Zero-day attacks Undesirable connections
  • 28. AirTight’s SpectraGuard product family SpectraGuard SAFE Wireless Security for Mobile Users SpectraGuard Online Industry’s Only Wireless Security Service SpectraGuard Enterprise Complete Wireless Intrusion Prevention WLAN Coverage & Security Planning SpectraGuard Planner
  • 29. About AirTight Networks The Global Leader in Wireless Security and Compliance For more information on wireless security risks, best practices, and solutions, visit: www.airtightnetworks.com Visit our blog to read the root cause analysis of “ Skyjacking: What Went Wrong?” blog.airtightnetworks.com

Notes de l'éditeur

  1. 09/23/09