Post on 10-Jul-2016
transcript
Cyber SecurityVipul Chudasama Assistant Professor
Computer Science and EngineeringNU
Cyber Security Agenda
To understand how Wi-Fi network works To understand working of spam To understand Denial of Service Attack
Wi-Fi NetworkThis wireless technology is called Wi-Fi. It is not a single standard. It refers to an entire family
of standards based on the 802.11 networking protocol.
There are multiple 802.11 standards: the now little-used 802.11a; 802.11b; the higher-speed 802.11g; and the highest-speed (as of this writing) 802.11n.
802.11n standard had not been formally adopted, but some "pre-n" Wi-Fi equipment was being sold.
With all of Wi-Fi's convenience comes dangers. The same technology that lets you browse the Web from your back porch can let invaders hop onto your network from outside your house or apartment.
Threat of Wi – Fi network Wi-Fi is an open technology. A wireless router
broadcasts its presence to any device with a Wi-Fi adapter within its range, and if the router is unprotected, anyone who wants to can connect to it and use the network.
A common kind of intruder is called a war driver. This person drives through areas of cities and suburbs known for having Wi-Fi networks and searches for unprotected networks he can break in to.
He uses software that makes it easy to find unprotected networks. Some war drivers use high-power antennas so they can find as many networks as possible.
Software built directly in to Windows XP, for example, lets anyone easily find and connect to an unprotected network.
When war drivers target a business network, they may be looking for proprietary business information or be looking to do malicious damage. When they target a home network, they might look for personal information, such as credit card numbers, or be looking to damage computers.
Wi-Fi network Access point or
router AP is bridge
between Ethernet network or the internet
Station (PC+wifi adap)
Basic Service Set(BSS)
Working Station sends probe
request frames to AP Stations communicate
with AP using method called( CSMA/CA)
Station sends RTS to AP
AP sends CTS replay to station
Station sends Ack to AP
Exteded Service Set (ESS)
How Hacker Invade Wi Fi Network
War driving – software like NetStumbler or cain and able which detets WiFi networks
NS detects network ID,cannel ,encryption is used
Video :
Windows XP automatically finds and connects to nearby wireless networks
Some networks protected by Wi Fi encryption technologies
WEP ,WPA,WPA2 Hacker use sniffer to
capture all the data
Wi Fi Hotspot Wi Fi hotspot allows
people with laptops , PDAS or other devices
Food restaurants, hotels and airports , free
Connected to a network and vulnerable to other people ex file sharing feature
Use of sniffer to capture packets of others
Hacker at hotspot can plant spy ware and Trojans
Hacker sees username , passwords or credit card information
InXP you can design ad hoc network
Use of evil twin hack
Evil twin hack, hacker creates a twin of existing hotspot to fool the people. (SSID)
He uses special tool (hotspotter) Hotspotter passively monitors the network for
probe request frames to identify the preferred networks of Windows XP clients, and will compare it to a supplied list of common hotspot network names. If the probed network name matches a common hotspot name.
Hotspotter will act as an access point to allow the client to authenticate and associate
Wired Equivalent Privacy (WEP)
• Wired Equivalent Privacy (WEP) algorithm, which is part of the 802.11 standard.
• The 802.11 standard describes the communication that occurs in wireless local area networks (LANs).
• The Wired Equivalent Privacy (WEP) algorithm is used to protect wireless communication from eavesdropping.
• A secondary function of WEP is to prevent unauthorized access to a wireless network; this function is not an explicit goal in the 802.11 standard, but it is frequently considered to be a feature of WEP.
WEP encryption WEP uses the RC4 encryption algorithm, which
is known as a stream cipher. A stream cipher operates by expanding a short
key into an infinite pseudo-random key stream. The sender XORs the key stream with the
plaintext to produce ciphertext. The receiver has a copy of the same key, and
uses it to generate identical key stream. XORing the key stream with the ciphertext
yields the original plaintext.
Problems in WEP To ensure that a packet has not been modified
in transit, it uses an Integrity Check (IC) field in the packet.
To avoid encrypting two ciphertexts with the same key stream, an Initialization Vector (IV) is used to augment the shared secret key and produce a different RC4 key for each packet.
The IV is also included in the packet. However, both of these measures are implemented incorrectly, resulting in poor security.
Problems in WEPThe initialization vector in WEP is a 24-bit
field, which is sent in the cleartext part of a message.
Such a small space of initialization vectors guarantees the reuse of the same key stream.
A busy access point, which constantly sends 1500 byte packets at 11Mbps, will exhaust the space of IVs after 1500*8/(11*10^6)*2^24 = ~18000 seconds, or 5 hours
WEP security flaws could be summarized as follows
• RC4 encryption • IVs are too short• no proper integrity check• no built-in method of updating keys.
Wireless Protection Use Encryption methods (WPA,WPA 2) Networks can also allow only computers
whose network adapter have specific MAC addresses to connect to the Network
Use of Intrusion detection system. (Honeypot)
Position network antennas so signal does not reach outside the building
Wi Fi encryption WPA encryption can
be used in home or corporation.
Station use EAP to authenticate .
Station needs to send password , id
AP pass the id to authentication server
If id is valid the authentication server send a master TKIP key to both
When computer tries to get on the network or read any data passing across the network an it does not have valid key or its key has been rejected by authentication server