SlideShare a Scribd company logo

Wireless v2

Download as PPTX, PDF
J
Joshua Johnston

This document discusses wireless security for both home Wi-Fi networks and public wireless networks. For home networks, it recommends encrypting the Wi-Fi, using strong passwords, changing from default settings, and considering MAC address filtering or a guest network. For public networks, it warns of risks like rogue access points, man-in-the-middle attacks, and packet sniffing. It provides tips for securing devices on public networks like using a VPN and avoiding sensitive online activities.

Technology
1 of 28
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Wireless Security Hide yo kids, Hide yo Wi-Fi
Scope Home Wi-fi Public Wireless Usage
Home Wi-Fi
Wireless Threats • Exposing your home network due to low security • Unauthorized Access, Denial of Service • Packet Sniffing • Rouge AP • War Driving • Man in the Middle attacks • Stolen Information (Credentials, Bank Info, etc.)
Securing your Home Wifi • Encrypt your Wi-Fi • List of router default passwords • WEPS vs. WPS vs. WPA/2 • WEPS and WPS easily cracked • TKIP is depreciated • WPA can have handshake stolen and be brute forced (rainbow tables) • Use STRONG PASSWORDS
SSID • Always Change from the Default SSID • Do not include any identifying information • Apt #, Name, DOB, Router info etc. • Make it Hidden
MAC Filtering • A MAC address identifies the individual piece of equipment connected to your network. • You can set up to allow only certain MAC’s onto your network • *WARNING* THIS CAN BE SPOOFED
Finding Your MAC Address iOS • Settings -> • General -> • About -> • Wi-Fi Address • Android • Setting -> • Wireless and Networks-> • Wi-Fi-> • Advanced
Finding Your MAC Address (cont.) OSX • ifconfig • en0 -> ether Windows • ipconfig • Physical address Linux (Mint) • ifconfig • hwaddr
Guest Network • Creates a network separate from your normal Wi-Fi network. Removes access to file shares, network locations and devices. • Still needs to be secured. • Some router have an insecure implementation of guest networks
Firmware • Always ensure your firmware is up to date • Your router can be attacked and added to a botnet • News Article
Who’s on your network? • Monitor your home network. • How many devices are connected to it? • Wifi monitoring tools: • Xirrus • OpenNMS • Often right on your Wi-Fi router
Additional Measures • Decrease your Wi-Fi signal strength • Anti Wi-Fi Paint? • I have a feeling this will mess with cell phone reception as well, but YMMV
Public Wi-Fi
3 Common Attacks • Rouge AP • Evil Twin • Man in the middle • Pineapple • Packet Sniffing • Wireshark • Airpcap • Mobile Charging Stations
Christmas Shopping
Rouge AP • Evil Twin • Some creates a Wi-fi hotspot with the same name as the trusted public hotspot • You connect to it • You are networked with the attacker
Rouge AP • Man in the Middle • Usually starts as an evil twin attack • Rather than attack you machine directly, attacker forwards all your network traffic to wherever you wanted it to go. • Attack can intercept, decrypt or alter your packets • Stolen credentials, cc numbers etc.
Rouge AP - Pineapple • Combines Evil Twin, Man in the Middle and a whole lot more into one piece of Hardware • Karma • Your device probes for a trusted hotspot, Karma says “that’s me!” and you connect • SSL stripping (https://scotthelme.co.uk/wifi- pineapple-karma-sslstrip) • Mitigated with HSTS, but new attacks are being developed to beat this.
Beef
Packet Sniffing • Captures PCAP (packet capture) files • These can be analyzed to pull out very relevant information • MAC/IP addresses • Credentials • Websites visited • Geolocation tags • Basically anything that is passed over the network • 100% passive attack
Packet Sniffing • Wireshark example
Not really wireless, but… • Phony Mobile Charging Stations • “Juice Jacking” • Attacker sets up computer with multiple charge cables attached • When you plug in, the computer attempts to rip everything it can from inside your phone
Mitigation Techniques
Device Settings • Forget Wireless Connections • Turn off wifi when not in use • Turn off file/print share • Browser extensions to force SSL • Enable your Host-based firewall if you have one
Things you can do • Always Verify the name of your public network • Avoid logging into any websites while on public Wi-Fi (Social media, financial, etc.) • Try not avoid public networks • Use your cell phone • If you cant, be sure they are password protected or that are unencrypted/weak encryption • Always check for SSL connections! • USE A VPN! • Ensure OS is up to date.
VPN options Paid • KeepSolid • NordVPN • Hidemyass Free • AnchorFree • SpotFLux • Beware of free or ad driven VPN. Nothing is ever free. Implement your own • This does expose your network to the internet • OpenVPN
Thank you for coming! Please fill out a survey, check out the other Free Geek Courses, and feel free to give suggestions on other topics you would like to see or ways to improve current classes!

More Related Content

DOC
Remote monitoring system
Pk Doctors
 
PPTX
Demystifying Wireless Security Using Open Source Options
Michele Chubirka
 
PPTX
CSCI 1100 Group 1 project 1
Julie Young
 
PPTX
Uncommon MiTM in uncommon conditions
HeadLightSecurity
 
PPTX
Session810 ken huang
Ken Huang
 
PPTX
Google wi fi
Rohit Sinha
 
KEY
Edu camp presentation 13/4/12
Azeem Vasanwala
 
PPT
Wifi Cracking - Step by Step Using Backtracks Tool
John Henry Gaspay
 
Remote monitoring system
Pk Doctors
 
Demystifying Wireless Security Using Open Source Options
Michele Chubirka
 
CSCI 1100 Group 1 project 1
Julie Young
 
Uncommon MiTM in uncommon conditions
HeadLightSecurity
 
Session810 ken huang
Ken Huang
 
Google wi fi
Rohit Sinha
 
Edu camp presentation 13/4/12
Azeem Vasanwala
 
Wifi Cracking - Step by Step Using Backtracks Tool
John Henry Gaspay
 

What's hot (20)

PPT
Bluetooth IN OUR life
MADDY125
 
PPTX
Overview on QUBEE Pocket Wi-Fi
QUBEE
 
PDF
DataSheet-Tely
Aditya Mavlankar
 
PPTX
How to create a Wi-Fi hotspot using your?
QUBEE
 
PPT
Threats to Mobile Computing
madhurbyheart
 
PPTX
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON
 
PPTX
Hacking routers as Web Hacker
HeadLightSecurity
 
PPTX
QUBEE modems
QUBEE
 
PDF
wifi-y3dips-stmik_mdp_slides
guest1c1a9a
 
PDF
Get started with Sigfox - IoT Shifts 2015
Nicolas Lesconnec
 
PPT
How it Works
Digilink, Inc
 
PPT
Bluetooth technology by shamshad
1122334411223344
 
PDF
Datasheet EnGenius EZ Hotspot Extender
EnGenius Europe
 
PDF
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON
 
PDF
Cctv mtnl config
HOME
 
PPTX
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
Zyxel Communications Corp.
 
PDF
Logging into the Network!
AdamCurlin
 
PPTX
Near field communication
vaibhav kubadia
 
PDF
OSGi Service Platform in Home Control, Entertainment and Communications Appli...
mfrancis
 
PPTX
Wireless networks
Jlchons05
 
Bluetooth IN OUR life
MADDY125
 
Overview on QUBEE Pocket Wi-Fi
QUBEE
 
DataSheet-Tely
Aditya Mavlankar
 
How to create a Wi-Fi hotspot using your?
QUBEE
 
Threats to Mobile Computing
madhurbyheart
 
44CON @ IPexpo - You're fighting an APT with what exactly?
44CON
 
Hacking routers as Web Hacker
HeadLightSecurity
 
QUBEE modems
QUBEE
 
wifi-y3dips-stmik_mdp_slides
guest1c1a9a
 
Get started with Sigfox - IoT Shifts 2015
Nicolas Lesconnec
 
How it Works
Digilink, Inc
 
Bluetooth technology by shamshad
1122334411223344
 
Datasheet EnGenius EZ Hotspot Extender
EnGenius Europe
 
44CON London 2015 - Smart Muttering; a story and toolset for smart meter plat...
44CON
 
Cctv mtnl config
HOME
 
ZyXEL MWC 2014 Small Business Gateway (SBG) Product Scope and Features
Zyxel Communications Corp.
 
Logging into the Network!
AdamCurlin
 
Near field communication
vaibhav kubadia
 
OSGi Service Platform in Home Control, Entertainment and Communications Appli...
mfrancis
 
Wireless networks
Jlchons05
 
Ad

Similar to Wireless v2 (20)

PPTX
Wireless hacking
arushi bhatnagar
 
PPTX
DevLink - WiFu: You think your wireless is secure?
Rob Gillen
 
PPTX
Wireless hacking
Mihir Shah
 
PPTX
PACE-IT, Security+3.4: Summary of Wireless Attacks
Pace IT at Edmonds Community College
 
PPTX
WiFi security
Ihor Uzhvenko
 
PDF
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
IJNSA Journal
 
PPTX
05 wi fi network security
Ministry of Education Malaysia
 
PPTX
Wi-Fi Hacking with the help of various tools.pptx
Guna Dhondwad
 
PDF
IT infrastructure security 101
April Mardock CISSP
 
PDF
Wireless security
Aurobindo Nayak
 
PDF
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
keyalea
 
PPT
Howtohackwirelessinternetconnections 100105124156-phpapp01
Alf Tero
 
PPT
How to hack wireless internet connections
Nitin kumar Gupta
 
PDF
WiFi Intrustion Detection from WireShark SharkFest
David Sweigert
 
PPT
Hack wireless internet connections or wifi
Greater Noida Institute Of Technology
 
PPTX
Wireless Security
Vignesh Suresh
 
DOCX
Protect Your Data_ Understanding Wireless Network Attacks PEN-210.docx
Oscp Training
 
PDF
Wi-Fi Hotspot Attacks
Greg Foss
 
PPTX
Tingling wireless security
rash2kool
 
PPTX
Public Wi-Fi security 101
RapidSSLOnline.com
 
Wireless hacking
arushi bhatnagar
 
DevLink - WiFu: You think your wireless is secure?
Rob Gillen
 
Wireless hacking
Mihir Shah
 
PACE-IT, Security+3.4: Summary of Wireless Attacks
Pace IT at Edmonds Community College
 
WiFi security
Ihor Uzhvenko
 
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
IJNSA Journal
 
05 wi fi network security
Ministry of Education Malaysia
 
Wi-Fi Hacking with the help of various tools.pptx
Guna Dhondwad
 
IT infrastructure security 101
April Mardock CISSP
 
Wireless security
Aurobindo Nayak
 
Wi-Fi Denver OWASP Presentation Feb. 15, 2017
keyalea
 
Howtohackwirelessinternetconnections 100105124156-phpapp01
Alf Tero
 
How to hack wireless internet connections
Nitin kumar Gupta
 
WiFi Intrustion Detection from WireShark SharkFest
David Sweigert
 
Hack wireless internet connections or wifi
Greater Noida Institute Of Technology
 
Wireless Security
Vignesh Suresh
 
Protect Your Data_ Understanding Wireless Network Attacks PEN-210.docx
Oscp Training
 
Wi-Fi Hotspot Attacks
Greg Foss
 
Tingling wireless security
rash2kool
 
Public Wi-Fi security 101
RapidSSLOnline.com
 
Ad

More from Joshua Johnston (7)

PPTX
Free geek class on Data privacy
Joshua Johnston
 
PPTX
Holiday scams
Joshua Johnston
 
PPTX
IoT -Internet of Things
Joshua Johnston
 
PPTX
FreeGeek -Cryptocurrency and Blockchain
Joshua Johnston
 
PPTX
Holiday scams
Joshua Johnston
 
PPTX
Home computing security
Joshua Johnston
 
PDF
Intro to firewalls
Joshua Johnston
 
Free geek class on Data privacy
Joshua Johnston
 
Holiday scams
Joshua Johnston
 
IoT -Internet of Things
Joshua Johnston
 
FreeGeek -Cryptocurrency and Blockchain
Joshua Johnston
 
Holiday scams
Joshua Johnston
 
Home computing security
Joshua Johnston
 
Intro to firewalls
Joshua Johnston
 

Recently uploaded (20)

PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PDF
project resource management chapter-09.pdf
ssuser00e6e21
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PPTX
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PDF
August Patch Tuesday
Ivanti
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
PDF
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
Modernising the Digital Integration Hub
Daniel Toomey
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
The various Industrial Revolutions .pptx
bandileshozi3
 
project resource management chapter-09.pdf
ssuser00e6e21
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
O2C Customer Invoices to Receipt V15A.pptx
ssuserbfa915
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
August Patch Tuesday
Ivanti
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
What is a Computer? Input Devices /output devices
GulJan8
 
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 

Wireless v2

  • 1. Wireless Security Hide yo kids, Hide yo Wi-Fi
  • 4. Wireless Threats • Exposing your home network due to low security • Unauthorized Access, Denial of Service • Packet Sniffing • Rouge AP • War Driving • Man in the Middle attacks • Stolen Information (Credentials, Bank Info, etc.)
  • 5. Securing your Home Wifi • Encrypt your Wi-Fi • List of router default passwords • WEPS vs. WPS vs. WPA/2 • WEPS and WPS easily cracked • TKIP is depreciated • WPA can have handshake stolen and be brute forced (rainbow tables) • Use STRONG PASSWORDS
  • 6. SSID • Always Change from the Default SSID • Do not include any identifying information • Apt #, Name, DOB, Router info etc. • Make it Hidden
  • 7. MAC Filtering • A MAC address identifies the individual piece of equipment connected to your network. • You can set up to allow only certain MAC’s onto your network • *WARNING* THIS CAN BE SPOOFED
  • 8. Finding Your MAC Address iOS • Settings -> • General -> • About -> • Wi-Fi Address • Android • Setting -> • Wireless and Networks-> • Wi-Fi-> • Advanced
  • 9. Finding Your MAC Address (cont.) OSX • ifconfig • en0 -> ether Windows • ipconfig • Physical address Linux (Mint) • ifconfig • hwaddr
  • 10. Guest Network • Creates a network separate from your normal Wi-Fi network. Removes access to file shares, network locations and devices. • Still needs to be secured. • Some router have an insecure implementation of guest networks
  • 11. Firmware • Always ensure your firmware is up to date • Your router can be attacked and added to a botnet • News Article
  • 12. Who’s on your network? • Monitor your home network. • How many devices are connected to it? • Wifi monitoring tools: • Xirrus • OpenNMS • Often right on your Wi-Fi router
  • 13. Additional Measures • Decrease your Wi-Fi signal strength • Anti Wi-Fi Paint? • I have a feeling this will mess with cell phone reception as well, but YMMV
  • 15. 3 Common Attacks • Rouge AP • Evil Twin • Man in the middle • Pineapple • Packet Sniffing • Wireshark • Airpcap • Mobile Charging Stations
  • 17. Rouge AP • Evil Twin • Some creates a Wi-fi hotspot with the same name as the trusted public hotspot • You connect to it • You are networked with the attacker
  • 18. Rouge AP • Man in the Middle • Usually starts as an evil twin attack • Rather than attack you machine directly, attacker forwards all your network traffic to wherever you wanted it to go. • Attack can intercept, decrypt or alter your packets • Stolen credentials, cc numbers etc.
  • 19. Rouge AP - Pineapple • Combines Evil Twin, Man in the Middle and a whole lot more into one piece of Hardware • Karma • Your device probes for a trusted hotspot, Karma says “that’s me!” and you connect • SSL stripping (https://scotthelme.co.uk/wifi- pineapple-karma-sslstrip) • Mitigated with HSTS, but new attacks are being developed to beat this.
  • 20. Beef
  • 21. Packet Sniffing • Captures PCAP (packet capture) files • These can be analyzed to pull out very relevant information • MAC/IP addresses • Credentials • Websites visited • Geolocation tags • Basically anything that is passed over the network • 100% passive attack
  • 23. Not really wireless, but… • Phony Mobile Charging Stations • “Juice Jacking” • Attacker sets up computer with multiple charge cables attached • When you plug in, the computer attempts to rip everything it can from inside your phone
  • 25. Device Settings • Forget Wireless Connections • Turn off wifi when not in use • Turn off file/print share • Browser extensions to force SSL • Enable your Host-based firewall if you have one
  • 26. Things you can do • Always Verify the name of your public network • Avoid logging into any websites while on public Wi-Fi (Social media, financial, etc.) • Try not avoid public networks • Use your cell phone • If you cant, be sure they are password protected or that are unencrypted/weak encryption • Always check for SSL connections! • USE A VPN! • Ensure OS is up to date.
  • 27. VPN options Paid • KeepSolid • NordVPN • Hidemyass Free • AnchorFree • SpotFLux • Beware of free or ad driven VPN. Nothing is ever free. Implement your own • This does expose your network to the internet • OpenVPN
  • 28. Thank you for coming! Please fill out a survey, check out the other Free Geek Courses, and feel free to give suggestions on other topics you would like to see or ways to improve current classes!