A set of experience over the air y3dips@echo.or.id ECHO I d E i C it f H k • IndonEsian Community for Hackers and Open Source •The stressing is still around the hacking stuffs. We're working on the Open Source activities • Ezines, Advisories, News, Forum, , , , , Mailing list • Founded in 2003 Has 13 staff a k aECHO STAFF • a.k.a ECHO • Has 11116 mailing lists member, and 14151 Board Discussions b member (Jan,22 2008) • http://echo.or.id || http://e‐rdc.org y3dips@echo.or.id y3dips@echo.or.id WI FI WI‐l k Wi‐Fi, is a wireless networking technology used across the globe. Wi‐Fi refers to any system that uses the 802.11 standard, which was developed by the Institute of Electrical and Electronics Engineers g (IEEE) and released in 1997. The term Wi‐Fi, which is alternatively spelled WiFi Wi‐fi Wifi or wifi was WiFi, Wi fi, Wifi, wifi, pushed by the Wi‐Fi Alliance, a trade group that pioneered commercialization of the technology. Wi‐Fi®, Wi‐Fi Alliance®, the Wi‐Fi logo, are registered trademarks of the Wi‐Fi Alliance y3dips@echo.or.id 802 11 802.11 f d d f 802.11 is a set of standards for wireless local area network (WLAN) computer communication, developed by the IEEE LAN/MAN Standards Committee (IEEE 802) in the 5 GHz and 2.4 GHz public 4 p spectrum bands. y3dips@echo.or.id Why WI FI WI‐i l bl f •Convenience: Flexibility of time and location •Mobility: Access the internet even outside their normal work environment P d i i P i ll b •Productivity: Potentially be more •Deployment: Requires little more than a single access point t a as geaccess po t •Expandability: Serve a suddenlyincrrease number of clients •Cost. y3dips@echo.or.id Keep it safe or wide openWI FI Security –Outsiders can sometimes get into your wireless networks as fast and easily Some Security Method • MAC ID filtering • Static IP Addressing • WEP encryption WPA • Wi‐Fi Protected Access • WPA2 • LEAP Lightweight Extensible Authentication Protocol • PEAP Protected Extensible Authentication Protocol • TKIP Temporal Key Integrity Protocol • RADIUS Remote Authentication Dial In User Service • WAPI WLAN Authentication and Privacy Infrastructure • Smart cards, USB tokens, and software tokens y3dips@echo.or.id 3 General Steps To Relatively Secure ll d d b d 1. All WI‐FI devices need to be secured 2. All Users need to be educated 3 Need to be actively monitored for weaknesses and breaches 3. http://en.wikipedia.org/wiki/Wireless_security y3dips@echo.or.id Specific Steps to be relatively Secure S h t k bli i f (AP) h d 1. Secure your home network: enabling security of your router , change password, restrict the 2. Protect yourself when using a public hotspot: C l h Connecting to a legitimate hotspot . Use a virtual private network or VPN, Stay away from critical action (bank transaction) 3. Configure for approved connections: simply configure your device to not automatically connect 4. Disable sharing: Your Wi‐Fi enabled devices may automatically open themselves to sharing /connecting with other devices. 5. Install anti‐virus software: makes it more important to have antivirus software installed. 6. Use a personal firewall: a personal firewall program. p p p g y3dips@echo.or.id A set of popular thingsHardware Hacking ild i id i i Build A Tin Can Waveguide WiFi Antenna • Using a Can, … and else • Increase the range of your g Wireless network •http://www.turnpoint.net/wireless/cantennahowto.html •http://wikihost.org/wikis/indonesiainternet/programm/ge bo.prg?name=sejarah_internet_indonesia:wajanbolic_egooe y3dips@echo.or.id War Driving d i i h f h Wardriving is the act of searching for Wi‐Fi wireless networks by a person in a moving vehicle using a Wi‐Fi‐equipped computer, such as a laptop or a PDA. (http //en wikipedia org/wiki/Wardriving) http://en.wikipedia.Wardrivers are only out to log and collect information about the wireless access points, they find while driving, without using the networks' Tools •Net Stumbler networks services. • Kismet • Kismac • MiniStumbler/Pocket Warior y3dips@echo.or.id y3dips@echo.or.id WarChalking Warchalking is the drawing of symbols in public places to advertise an open Wi‐Fi wireless k network. y3dips@echo.or.id PiggyBacking l l (using someone else's wireless Internet access) i b ki d f Piggybacking is a term used to refer to the illegal access of a wireless internet connection without explicit permission or knowledge from the owner. Targets : Hotspots is a venue that offers Wi‐Fi otspots s e uet ato e s access. (Café, Restaurants, Campus,Office) y3dips@echo.or.id List of Abuse & toolsAnother WI FI Abuse • DOS • Injection • Fake Access Point • Fake CaptivePortal • EavesDropes • MAC Spoofing • Man In The Middle AttackTop 5 WI FI Tools WI‐• Kismet A powerful wireless sniffer • Net Stumbler Free Windows 802.11 Sniffer • AirCrack h f l bl k l The fastest available WEP/WPA cracking tool • AirSnort 802.11 WEP Encryption Cracking Tool • Kismac A GUI passive wireless stumbler for Mac OS X Source: http://sectools.org/wireless.html y3dips@echo.or.id Maybe yes, Maybe No !Taking fun from the wifi at the Cafe • Café with a Hotspot • Not Free Wifi Access • Using Some eleet Restriction Mac Restriction Protocol Restriction (All TCP need a session auth) • Trick It • Change your mac • Tunnel your connection • Not Free Wifi Access y3dips@echo.or.id Taking fun from the wifi at the Hotel • Charge User using their room number • Using Some eleet Restriction • Room Number with all the settings through Captive Portals h h • Change the HTTP Request • Not Free Wifi Access y3dips@echo.or.id Will we see it right now in front of our eyesDEMO • War Driving • WarChalking • WI‐FI Abuse ? • WEP Cracking y3dips@echo.or.id Discussion