SlideShare une entreprise Scribd logo

wifi

Ammar WK
Ammar WK

y3dips's Wifi [in]security presentation at STMIK MDP Palembang

Technologie
1  sur  25
Télécharger pour lire hors ligne
A set of experience over the air y3dips@echo.or.id 
ECHO •I d E i C IndonEsian Community for Hackers  it  f  H k   and Open Source  • The stressing is still around the  hacking stuffs. We're working on the  Open Source activities • Ezines, Advisories, News, Forum,  , , , , Mailing list • Founded in 2003 • Has 13 staff a k a ECHO STAFF staff a.k.a • Has 11116 mailing lists member,  and 14151 Board Discussions  member (Jan,22 2008) b • http://echo.or.id  || http://e‐rdc.org  y3dips@echo.or.id 
y3dips@echo.or.id 
WI‐FI WI‐ Wi‐Fi, is a wireless networking  l k technology used across the globe.  Wi‐Fi refers to any system that uses  the 802.11 standard, which was  developed by the Institute of  Electrical and Electronics Engineers  g (IEEE) and released in 1997. The  term Wi‐Fi, which is alternatively  spelled WiFi, Wi fi, Wifi, or wifi, was  spelled WiFi  Wi‐fi  Wifi  or wifi  was  pushed by the Wi‐Fi Alliance, a  trade group that pioneered  commercialization of the  technology. Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance y3dips@echo.or.id 
802 11 802.11 802.11 is a set of standards for  f d d f wireless local area network (WLAN)  computer communication,  developed by the IEEE LAN/MAN  Standards Committee (IEEE 802) in  the 5 GHz and 2.4 GHz public  5 4 p spectrum bands. y3dips@echo.or.id 
Why WI‐FI Why WI‐ •Convenience:  Flexibility of time  i l bl f and location •Mobility:  Access the internet even  outside their normal work  environment •P d i i  P Productivity: Potentially be more i ll  b   •Deployment: Requires little more  t a a s g e access po t than a single access point •Expandability: Serve a suddenly‐ increased number of clients  •Cost. y3dips@echo.or.id 
Keep it safe or wide open
WI – WI –FI  Security Outsiders can sometimes get into your wireless networks as fast and easily Some Security Method • MAC ID filtering  • Static IP Addressing  • WEP encryption  • WPA  Wi‐Fi Protected Access • WPA2  • LEAP  Lightweight Extensible Authentication Protocol • PEAP  Protected Extensible Authentication Protocol • TKIP  Temporal Key Integrity Protocol • RADIUS  Remote Authentication Dial In User Service • WAPI  WLAN Authentication and Privacy Infrastructure • Smart cards, USB tokens, and  software tokens y3dips@echo.or.id 
3  General Steps To  Relatively Secure 1. All WI‐FI devices need to be secured ll d d b d 2. All Users need to be educated 3. 3 Need to be actively monitored for weaknesses and breaches http://en.wikipedia.org/wiki/Wireless_security y3dips@echo.or.id 
Specific  Steps  to be relatively Secure Specific  Steps  to be relatively Secure 1. S    h   t k  bli   Secure your home network: enabling security  of your router (AP) , change password,  i    f     (AP)    h   d  restrict the 2. Protect yourself when using a public hotspot: Connecting to a legitimate hotspot . C l h Use a virtual private network or VPN, Stay away from critical action (bank transaction) 3. Configure for approved connections:  simply configure your device to not automatically  connect  4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to  sharing / connecting with other devices.  5. Install anti‐virus software:  makes it more important to have antivirus software installed. 6. Use a personal firewall: a personal firewall program. p p p g y3dips@echo.or.id 
A set of popular things
Hardware Hacking Build A Tin Can Waveguide WiFi ild i id i i Antenna • Using a Can, … and else • Increase the range of your  g Wireless network •http://www.turnpoint.net/wireless/cantennahowto.html •http://wikihost.org/wikis/indonesiainternet/programm/ge bo.prg?name=sejarah_internet_indonesia:wajanbolic_e‐ goen y3dips@echo.or.id 
War Driving Wardriving is the act of searching di i h f h for Wi‐Fi wireless networks by a person in a moving vehicle using a Wi‐Fi‐equipped computer, such as a laptop or a PDA. (http //en wikipedia org/wiki/Wardriving) http://en.wikipedia.org/wiki/Wardriving Wardrivers are only out to log and collect Tools information about the wireless access points, they find while driving, without using the networks' networks •Net Stumbler services. • Kismet • Kismac • MiniStumbler/Pocket Warior y3dips@echo.or.id 
y3dips@echo.or.id 
WarChalking Warchalking is the drawing of symbols in public places to advertise an open Wi‐Fi wireless network. k y3dips@echo.or.id 
PiggyBacking (using someone else's wireless Internet access) l l Piggybacking is a term used to refer i b ki d f to the illegal access of a wireless internet connection without explicit permission or knowledge from the owner. Targets : Hotspots is a venue that offers Wi‐Fi otspots s e ue t at o e s access. (Café, Restaurants, Campus, Office) y3dips@echo.or.id 
List of Abuse & tools
Another WI  FI Abuse • DOS • Injection • Fake Access Point • Fake CaptivePortal • EavesDropes • MAC Spoofing • Man In The Middle Attack
Top 5 WI‐FI  Tools Top 5 WI WI‐ • Kismet A powerful wireless sniffer • Net Stumbler Free Windows 802.11 Sniffer • AirCrack The fastest available WEP/WPA cracking tooll h f l bl k • AirSnort 802.11 WEP Encryption Cracking Tool • Kismac A GUI passive wireless stumbler for Mac OS X Source: http://sectools.org/wireless.html y3dips@echo.or.id 
Maybe yes, Maybe No !
Taking fun from the wifi at the Cafe Taking fun from the wifi • Café with a Hotspot • Not Free Wifi Access  • Using Some  eleet Restriction Mac Restriction Protocol Restriction (All  TCP need a session auth) • Trick It • Change your mac • Tunnel your connection • Not Free Wifi Access y3dips@echo.or.id 
Taking fun from the wifi at the Hotel Taking fun from the wifi at the Hotel • Charge User using their  room number • Using Some  eleet Restriction • Room Number with all  the settings through  Captive Portals • Change the HTTP Request  h h • Not Free Wifi Access y3dips@echo.or.id 
Will we see it right now in front of our eyes
DEMO • War Driving • WarChalking • WI‐FI Abuse ? • WEP Cracking y3dips@echo.or.id 
Discussion

Recommandé

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Windows server
Windows serverWindows server
Windows serverHideo Amezawa
 
Storage Area Network(SAN)
Storage Area Network(SAN)Storage Area Network(SAN)
Storage Area Network(SAN)Krishna Kahar
 
checkpoint
checkpointcheckpoint
checkpointMayank Dhingra
 
Virtualization
VirtualizationVirtualization
VirtualizationSrisailam Reddy Kanapuram
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxGenericName6
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto NetworksLaurent Daudré-Vignier
 
Virtualization presentation
Virtualization presentationVirtualization presentation
Virtualization presentationMangesh Gunjal
 

Recommandé

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Windows server
Windows serverWindows server
Windows serverHideo Amezawa
 
Storage Area Network(SAN)
Storage Area Network(SAN)Storage Area Network(SAN)
Storage Area Network(SAN)Krishna Kahar
 
checkpoint
checkpointcheckpoint
checkpointMayank Dhingra
 
Virtualization
VirtualizationVirtualization
VirtualizationSrisailam Reddy Kanapuram
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxGenericName6
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto NetworksLaurent Daudré-Vignier
 
Virtualization presentation
Virtualization presentationVirtualization presentation
Virtualization presentationMangesh Gunjal
 
Advanced security in Barracuda WAF
Advanced security in Barracuda WAFAdvanced security in Barracuda WAF
Advanced security in Barracuda WAFAravindan A
 
Server virtualization
Server virtualizationServer virtualization
Server virtualizationofsorganizer
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAPPhannarith Ou, G-CISO
 
Windows Server 2019.pptx
Windows Server 2019.pptxWindows Server 2019.pptx
Windows Server 2019.pptxmasbulosoke
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.pptImXaib
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Storage Area Network (San)
Storage Area Network (San)Storage Area Network (San)
Storage Area Network (San)sankcomp
 
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationMTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationLaurentiu Meirosu
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless HackingVIKAS SINGH BHADOURIA
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Edureka!
 
Secured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSSecured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSAppin Delhi
 
1 introduction to windows server 2016
1 introduction to windows server 20161 introduction to windows server 2016
1 introduction to windows server 2016Hameda Hurmat
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyMostafa El Lathy
 
Network Virtualization
Network Virtualization Network Virtualization
Network Virtualization InterVision Systems
 
Browser Security
Browser SecurityBrowser Security
Browser SecurityRoberto Suggi Liverani
 
Firewall
FirewallFirewall
Firewallreddivarihareesh
 
(ISC)2 CCSP - Certified Cloud Security Professional
(ISC)2 CCSP - Certified Cloud Security Professional(ISC)2 CCSP - Certified Cloud Security Professional
(ISC)2 CCSP - Certified Cloud Security ProfessionalHatem ElSahhar
 
Storage area network
Storage area networkStorage area network
Storage area networkNeha Agarwal
 
eGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaeGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaMukund Nadgowda
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guideMatt Ford
 

Contenu connexe

Tendances

Advanced security in Barracuda WAF
Advanced security in Barracuda WAFAdvanced security in Barracuda WAF
Advanced security in Barracuda WAFAravindan A
 
Server virtualization
Server virtualizationServer virtualization
Server virtualizationofsorganizer
 
Windows Server 2019.pptx
Windows Server 2019.pptxWindows Server 2019.pptx
Windows Server 2019.pptxmasbulosoke
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.pptImXaib
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Storage Area Network (San)
Storage Area Network (San)Storage Area Network (San)
Storage Area Network (San)sankcomp
 
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationMTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationLaurentiu Meirosu
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall美兰 曾
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Edureka!
 
Secured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSSecured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSAppin Delhi
 
1 introduction to windows server 2016
1 introduction to windows server 20161 introduction to windows server 2016
1 introduction to windows server 2016Hameda Hurmat
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyMostafa El Lathy
 
(ISC)2 CCSP - Certified Cloud Security Professional
(ISC)2 CCSP - Certified Cloud Security Professional(ISC)2 CCSP - Certified Cloud Security Professional
(ISC)2 CCSP - Certified Cloud Security ProfessionalHatem ElSahhar
 
Storage area network
Storage area networkStorage area network
Storage area networkNeha Agarwal
 

Tendances (20)

Advanced security in Barracuda WAF
Advanced security in Barracuda WAFAdvanced security in Barracuda WAF
Advanced security in Barracuda WAF
 
Server virtualization
Server virtualizationServer virtualization
Server virtualization
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Windows Server 2019.pptx
Windows Server 2019.pptxWindows Server 2019.pptx
Windows Server 2019.pptx
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.ppt
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 
Storage Area Network (San)
Storage Area Network (San)Storage Area Network (San)
Storage Area Network (San)
 
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS AuthenticationMTLS - Securing Microservice Architecture with Mutual TLS Authentication
MTLS - Securing Microservice Architecture with Mutual TLS Authentication
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Traditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation FirewallTraditional Firewall vs. Next Generation Firewall
Traditional Firewall vs. Next Generation Firewall
 
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
Cloud Computing Service Models | IaaS PaaS SaaS Explained | Cloud Masters Pro...
 
Secured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOSSecured Mobile Application Development in Android, Blackberry & iOS
Secured Mobile Application Development in Android, Blackberry & iOS
 
1 introduction to windows server 2016
1 introduction to windows server 20161 introduction to windows server 2016
1 introduction to windows server 2016
 
What is malware
What is malwareWhat is malware
What is malware
 
Palo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El LathyPalo alto outline course | Mostafa El Lathy
Palo alto outline course | Mostafa El Lathy
 
Network Virtualization
Network Virtualization Network Virtualization
Network Virtualization
 
Browser Security
Browser SecurityBrowser Security
Browser Security
 
Firewall
FirewallFirewall
Firewall
 
(ISC)2 CCSP - Certified Cloud Security Professional
(ISC)2 CCSP - Certified Cloud Security Professional(ISC)2 CCSP - Certified Cloud Security Professional
(ISC)2 CCSP - Certified Cloud Security Professional
 
Storage area network
Storage area networkStorage area network
Storage area network
 

En vedette

eGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaeGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaMukund Nadgowda
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guideMatt Ford
 
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training CourseOTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training CourseOsman Suliman
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingMihir Shah
 
Hacking and its types
Hacking and its typesHacking and its types
Hacking and its typeshamza javed
 
Evil Twin Demonstration
Evil Twin DemonstrationEvil Twin Demonstration
Evil Twin DemonstrationEric Goldman
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Sumit Satam
 
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014TGodfrey
 
hacking and its types
hacking and its typeshacking and its types
hacking and its typesBharath Reddy
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hackingSainath Volam
 
Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)Michael Asres
 

En vedette (20)

eGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund NadgowdaeGovernance Explained - Mukund Nadgowda
eGovernance Explained - Mukund Nadgowda
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guide
 
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training CourseOTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
OTechs Hacking and Penetration Testing (BackTrack/Kali) Training Course
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Hacking and its types
Hacking and its typesHacking and its types
Hacking and its types
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking
HackingHacking
Hacking
 
Windows Hacking
Windows HackingWindows Hacking
Windows Hacking
 
Evil Twin
Evil TwinEvil Twin
Evil Twin
 
Evil Twin Demonstration
Evil Twin DemonstrationEvil Twin Demonstration
Evil Twin Demonstration
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)
 
Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014Kali Linux - Falconer - ISS 2014
Kali Linux - Falconer - ISS 2014
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
 
hacking and its types
hacking and its typeshacking and its types
hacking and its types
 
Hacking 1
Hacking 1Hacking 1
Hacking 1
 
Basic Introduction to hacking
Basic Introduction to hackingBasic Introduction to hacking
Basic Introduction to hacking
 
Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)Cybercrime (Computer Hacking)
Cybercrime (Computer Hacking)
 
Hacking
HackingHacking
Hacking
 

Similaire à wifi

AP Takeover Attacks
AP Takeover AttacksAP Takeover Attacks
AP Takeover AttacksEric Goldman
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanZaibi Gondal
 
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017keyalea
 
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networksCeh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networksMehrdad Jingoism
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPJoe McCray
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2DrayTek
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentestingYunfei Yang
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationCARMEN ALCIVAR
 
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Setia Juli Irzal Ismail
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAirTight Networks
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisSavvius, Inc
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksAsep Sopyan
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Mohammad Fareed
 
Wi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxWi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxMairajuddeen
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AlivePositive Hack Days
 

Similaire à wifi (20)

AP Takeover Attacks
AP Takeover AttacksAP Takeover Attacks
AP Takeover Attacks
 
Wirless Security By Zohaib Zeeshan
Wirless Security By Zohaib ZeeshanWirless Security By Zohaib Zeeshan
Wirless Security By Zohaib Zeeshan
 
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017Wi-Fi Denver OWASP Presentation Feb. 15, 2017
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
 
Wireless security
Wireless securityWireless security
Wireless security
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wardriving 101
Wardriving 101Wardriving 101
Wardriving 101
 
Wireless security
Wireless securityWireless security
Wireless security
 
Ceh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networksCeh v8 labs module 15 hacking wireless networks
Ceh v8 labs module 15 hacking wireless networks
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
 
Databook 2018 ver2
Databook 2018 ver2Databook 2018 ver2
Databook 2018 ver2
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentesting
 
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN ImplementationAuditing a Wireless Network and Planning for a Secure WLAN Implementation
Auditing a Wireless Network and Planning for a Secure WLAN Implementation
 
Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]Chapter 10 wireless hacking [compatibility mode]
Chapter 10 wireless hacking [compatibility mode]
 
Air Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan AnalysisAir Tight Airport Wi Fi Scan Analysis
Air Tight Airport Wi Fi Scan Analysis
 
Gigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN AnalysisGigabit WLANs Need Gigabit WLAN Analysis
Gigabit WLANs Need Gigabit WLAN Analysis
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networks
 
Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018Wifi cracking Step by Step Using CMD and Kali Linux 2018
Wifi cracking Step by Step Using CMD and Kali Linux 2018
 
Wi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxWi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptx
 
Wifi- technology_moni
Wifi- technology_moniWifi- technology_moni
Wifi- technology_moni
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
 

Plus de Ammar WK

Vvdp-fgd-bssn
Vvdp-fgd-bssnVvdp-fgd-bssn
Vvdp-fgd-bssnAmmar WK
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?Ammar WK
 
How To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsHow To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsAmmar WK
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryAmmar WK
 
Bugbounty vs-0day
Bugbounty vs-0dayBugbounty vs-0day
Bugbounty vs-0dayAmmar WK
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent ThreatAmmar WK
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareAmmar WK
 
Hacker? : it's not about Black or White
Hacker? : it's not about Black or WhiteHacker? : it's not about Black or White
Hacker? : it's not about Black or WhiteAmmar WK
 
Introduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration TestingIntroduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration TestingAmmar WK
 
Burp suite
Burp suiteBurp suite
Burp suiteAmmar WK
 
Web Hacking (basic)
Web Hacking (basic)Web Hacking (basic)
Web Hacking (basic)Ammar WK
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet AnalysisAmmar WK
 
Packet analysis (Basic)
Packet analysis (Basic)Packet analysis (Basic)
Packet analysis (Basic)Ammar WK
 
Network security
Network securityNetwork security
Network securityAmmar WK
 
Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Information Security Professional
Information Security ProfessionalInformation Security Professional
Information Security ProfessionalAmmar WK
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsAmmar WK
 
Layer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigationLayer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigationAmmar WK
 
How To Become A Hacker
How To Become A HackerHow To Become A Hacker
How To Become A HackerAmmar WK
 

Plus de Ammar WK (20)

Vvdp-fgd-bssn
Vvdp-fgd-bssnVvdp-fgd-bssn
Vvdp-fgd-bssn
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?
 
How To [relatively] Secure your Web Applications
How To [relatively] Secure your Web ApplicationsHow To [relatively] Secure your Web Applications
How To [relatively] Secure your Web Applications
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industry
 
Bugbounty vs-0day
Bugbounty vs-0dayBugbounty vs-0day
Bugbounty vs-0day
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent Threat
 
Mobile hacking, pentest, and malware
Mobile hacking, pentest, and malwareMobile hacking, pentest, and malware
Mobile hacking, pentest, and malware
 
Hacker? : it's not about Black or White
Hacker? : it's not about Black or WhiteHacker? : it's not about Black or White
Hacker? : it's not about Black or White
 
Introduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration TestingIntroduction to IOS Application Penetration Testing
Introduction to IOS Application Penetration Testing
 
Burp suite
Burp suiteBurp suite
Burp suite
 
Web Hacking (basic)
Web Hacking (basic)Web Hacking (basic)
Web Hacking (basic)
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet Analysis
 
Packet analysis (Basic)
Packet analysis (Basic)Packet analysis (Basic)
Packet analysis (Basic)
 
Network security
Network securityNetwork security
Network security
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Information Security Professional
Information Security ProfessionalInformation Security Professional
Information Security Professional
 
Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dips
 
Layer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigationLayer 7 denial of services attack mitigation
Layer 7 denial of services attack mitigation
 
How To Become A Hacker
How To Become A HackerHow To Become A Hacker
How To Become A Hacker
 

Dernier

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 

Dernier (20)

Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 

wifi

  • 2. ECHO •I d E i C IndonEsian Community for Hackers  it  f  H k   and Open Source  • The stressing is still around the  hacking stuffs. We're working on the  Open Source activities • Ezines, Advisories, News, Forum,  , , , , Mailing list • Founded in 2003 • Has 13 staff a k a ECHO STAFF staff a.k.a • Has 11116 mailing lists member,  and 14151 Board Discussions  member (Jan,22 2008) b • http://echo.or.id  || http://e‐rdc.org  y3dips@echo.or.id 
  • 4. WI‐FI WI‐ Wi‐Fi, is a wireless networking  l k technology used across the globe.  Wi‐Fi refers to any system that uses  the 802.11 standard, which was  developed by the Institute of  Electrical and Electronics Engineers  g (IEEE) and released in 1997. The  term Wi‐Fi, which is alternatively  spelled WiFi, Wi fi, Wifi, or wifi, was  spelled WiFi  Wi‐fi  Wifi  or wifi  was  pushed by the Wi‐Fi Alliance, a  trade group that pioneered  commercialization of the  technology. Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance y3dips@echo.or.id 
  • 5. 802 11 802.11 802.11 is a set of standards for  f d d f wireless local area network (WLAN)  computer communication,  developed by the IEEE LAN/MAN  Standards Committee (IEEE 802) in  the 5 GHz and 2.4 GHz public  5 4 p spectrum bands. y3dips@echo.or.id 
  • 6. Why WI‐FI Why WI‐ •Convenience:  Flexibility of time  i l bl f and location •Mobility:  Access the internet even  outside their normal work  environment •P d i i  P Productivity: Potentially be more i ll  b   •Deployment: Requires little more  t a a s g e access po t than a single access point •Expandability: Serve a suddenly‐ increased number of clients  •Cost. y3dips@echo.or.id 
  • 8. WI – WI –FI  Security Outsiders can sometimes get into your wireless networks as fast and easily Some Security Method • MAC ID filtering  • Static IP Addressing  • WEP encryption  • WPA  Wi‐Fi Protected Access • WPA2  • LEAP  Lightweight Extensible Authentication Protocol • PEAP  Protected Extensible Authentication Protocol • TKIP  Temporal Key Integrity Protocol • RADIUS  Remote Authentication Dial In User Service • WAPI  WLAN Authentication and Privacy Infrastructure • Smart cards, USB tokens, and  software tokens y3dips@echo.or.id 
  • 9. 3  General Steps To  Relatively Secure 1. All WI‐FI devices need to be secured ll d d b d 2. All Users need to be educated 3. 3 Need to be actively monitored for weaknesses and breaches http://en.wikipedia.org/wiki/Wireless_security y3dips@echo.or.id 
  • 10. Specific  Steps  to be relatively Secure Specific  Steps  to be relatively Secure 1. S    h   t k  bli   Secure your home network: enabling security  of your router (AP) , change password,  i    f     (AP)    h   d  restrict the 2. Protect yourself when using a public hotspot: Connecting to a legitimate hotspot . C l h Use a virtual private network or VPN, Stay away from critical action (bank transaction) 3. Configure for approved connections:  simply configure your device to not automatically  connect  4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to  sharing / connecting with other devices.  5. Install anti‐virus software:  makes it more important to have antivirus software installed. 6. Use a personal firewall: a personal firewall program. p p p g y3dips@echo.or.id 
  • 12. Hardware Hacking Build A Tin Can Waveguide WiFi ild i id i i Antenna • Using a Can, … and else • Increase the range of your  g Wireless network •http://www.turnpoint.net/wireless/cantennahowto.html •http://wikihost.org/wikis/indonesiainternet/programm/ge bo.prg?name=sejarah_internet_indonesia:wajanbolic_e‐ goen y3dips@echo.or.id 
  • 13. War Driving Wardriving is the act of searching di i h f h for Wi‐Fi wireless networks by a person in a moving vehicle using a Wi‐Fi‐equipped computer, such as a laptop or a PDA. (http //en wikipedia org/wiki/Wardriving) http://en.wikipedia.org/wiki/Wardriving Wardrivers are only out to log and collect Tools information about the wireless access points, they find while driving, without using the networks' networks •Net Stumbler services. • Kismet • Kismac • MiniStumbler/Pocket Warior y3dips@echo.or.id 
  • 15. WarChalking Warchalking is the drawing of symbols in public places to advertise an open Wi‐Fi wireless network. k y3dips@echo.or.id 
  • 16. PiggyBacking (using someone else's wireless Internet access) l l Piggybacking is a term used to refer i b ki d f to the illegal access of a wireless internet connection without explicit permission or knowledge from the owner. Targets : Hotspots is a venue that offers Wi‐Fi otspots s e ue t at o e s access. (Café, Restaurants, Campus, Office) y3dips@echo.or.id 
  • 18. Another WI  FI Abuse • DOS • Injection • Fake Access Point • Fake CaptivePortal • EavesDropes • MAC Spoofing • Man In The Middle Attack
  • 19. Top 5 WI‐FI  Tools Top 5 WI WI‐ • Kismet A powerful wireless sniffer • Net Stumbler Free Windows 802.11 Sniffer • AirCrack The fastest available WEP/WPA cracking tooll h f l bl k • AirSnort 802.11 WEP Encryption Cracking Tool • Kismac A GUI passive wireless stumbler for Mac OS X Source: http://sectools.org/wireless.html y3dips@echo.or.id 
  • 21. Taking fun from the wifi at the Cafe Taking fun from the wifi • Café with a Hotspot • Not Free Wifi Access  • Using Some  eleet Restriction Mac Restriction Protocol Restriction (All  TCP need a session auth) • Trick It • Change your mac • Tunnel your connection • Not Free Wifi Access y3dips@echo.or.id 
  • 22. Taking fun from the wifi at the Hotel Taking fun from the wifi at the Hotel • Charge User using their  room number • Using Some  eleet Restriction • Room Number with all  the settings through  Captive Portals • Change the HTTP Request  h h • Not Free Wifi Access y3dips@echo.or.id 
  • 24. DEMO • War Driving • WarChalking • WI‐FI Abuse ? • WEP Cracking y3dips@echo.or.id