CMGT/441 Intro. to Information Systems Security Management
Information Technology University of Phoenix Kapolei Learning
Center Week #4 1 Hacking Wireless Networks Philip Robbins December
19, 2013
23 Tools Backtrack 5r3 Ubuntu Linux Distribution providing a
comprehensive collection of security-related tools for digital
forensics and pen testing use.
http://www.backtrack-linux.org/downloads/ 1 2 3 4
Slide 24
24 Tools
Slide 25
25 Tools
Slide 26
26 Tools
Slide 27
27 Tools
Slide 28
28 Tools AirSnort replacement.
Slide 29
29 Understanding Wireless Technology Wi-Fi Protected Access
(WPA) Touted as a step up from WEP Weak passphrases renders the
protection inadequate False sense of security Network Sniffers TKIP
v.s. AES
Slide 30
30 Cracking WPA
Slide 31
31 Cracking WPA
Slide 32
32 Cracking WPA
Slide 33
33 r Cracking WPA
Slide 34
34 r Cracking WPA
Slide 35
35 Cracking WPA
Slide 36
36 r Cracking WPA
Slide 37
37 r Cracking WPA
Slide 38
38 Cracking WPA
Slide 39
39 r Cracking WPA
Slide 40
40 r Cracking WPA
Slide 41
41 Cracking WPA
Slide 42
42 Cracking WPA
Slide 43
43 Cracking WPA Can take a few hours to go through 1+ million
keys
47 Understanding Wireless Technology Wired Equivalent Privacy
(WEP) Confidentiality Access Control Data Integrity In reality,
none of these are actually enforced!
60 Review Questions Question #1 Which IEEE standard defines
authentication and authorization in wireless networks? a.802.11
b.802.11a c.802.11b d.802.11X
Slide 61
61 Review Questions Question #1 Which IEEE standard defines
authentication and authorization in wireless networks? a.802.11
b.802.11a c.802.11b d.802.11X
Slide 62
62 Review Questions Question #2 Which IEEE standard defines
wireless technology? a.802.3 b.802.5 c.802.11 d.All 802
standards
Slide 63
63 Review Questions Question #2 Which IEEE standard defines
wireless technology? a.802.3 b.802.5 c.802.11 d.All 802
standards
Slide 64
64 Review Questions Question #3 Which wireless encryption
standard offers the best security? a.WPA2 b.WEP c.SSL d.WPA
Slide 65
65 Review Questions Question #3 Which wireless encryption
standard offers the best security? a.WPA2 b.WEP c.SSL d.WPA
Slide 66
66 Review Questions Question #4 What information can be
gathered by wardriving? a.SSIDs of wireless networks b.Whether
encryption is enabled c.Whether SSL is enabled d.Signal
strength
Slide 67
67 Review Questions Question #4 What information can be
gathered by wardriving? a.SSIDs of wireless networks b.Whether
encryption is enabled c.Whether SSL is enabled d.Signal
strength
Slide 68
68 Review Questions Question #5 What is a known weakness of
wireless SSIDs? a.Theyre broadcast in cleartext b.Theyre difficult
to configure c.They use large amounts of bandwidth d.They consume
an excessive amount of computer memory
Slide 69
69 Review Questions Question #5 What is a known weakness of
wireless SSIDs? a.Theyre broadcast in cleartext b.Theyre difficult
to configure c.They use large amounts of bandwidth d.They consume
an excessive amount of computer memory
Slide 70
70 Review Questions Question #6 Wi-Fi Protected Access (WPA)
was introduced in which IEEE 802 standard? a.802.11a b.802.11b
c.802.11i d.802.11
Slide 71
71 Review Questions Question #6 Wi-Fi Protected Access (WPA)
was introduced in which IEEE 802 standard? a.802.11a b.802.11b
c.802.11i d.802.11
Slide 72
72 Review Questions Question #7 What protocol was added to
802.11i to address WEPs encryption vulnerability? a.MIC b.TKIP
c.TTL d.EAP-TLS
Slide 73
73 Review Questions Question #7 What protocol was added to
802.11i to address WEPs encryption vulnerability? a.MIC b.TKIP
c.TTL d.EAP-TLS
Slide 74
74 Review Questions Question #8 Disabling SSID broadcasts must
be configured on the computer and the AP. True or False? a.TRUE
b.FALSE
Slide 75
75 Review Questions Question #8 Disabling SSID broadcasts must
be configured on the computer and the AP. True or False? a.TRUE
b.FALSE
Slide 76
76 Review Questions Question #9 The operating frequency range
of 802.11a is 2.4 GHZ. True or False? a.TRUE b.FALSE
Slide 77
77 Review Questions Question #9 The operating frequency range
of 802.11a is 2.4 GHZ. True or False? a.TRUE b.FALSE
Slide 78
78 Review Questions Question #10 What TKIP enhancement
addressed the WEP vulnerability of forging packets? a.Extended
Initialization Vector (IV) with sequencing rules b.Per-packet key
mixing c.Rekeying mechanism d.Message Integrity Check (MIC)
Slide 79
79 Review Questions Question #10 What TKIP enhancement
addressed the WEP vulnerability of forging packets? a.Extended
Initialization Vector (IV) with sequencing rules b.Per-packet key
mixing c.Rekeying mechanism d.Message Integrity Check (MIC)
Slide 80
80 Review Questions Question #11 Which EAP method requires
installing digital certificates on both the server and client?
a.EAP-TLS b.PEAP c.EAP-SSL d.EAP-CA
Slide 81
81 Review Questions Question #11 Which EAP method requires
installing digital certificates on both the server and client?
a.EAP-TLS b.PEAP c.EAP-SSL d.EAP-CA
Slide 82
82 Review Questions Question #12 (last one) Which spread
spectrum method divides bandwidth into a series of frequencies
called tones? a.Frequency-hopping spread spectrum (FHSS) b.Direct
sequence spread spectrum (DSSS) c.Spread spectrum frequency
tonation (SSFT) d.Orthogonal frequency division multiplexing
(OFDM)
Slide 83
83 Review Questions Question #12 (last one) Which spread
spectrum method divides bandwidth into a series of frequencies
called tones? a.Frequency-hopping spread spectrum (FHSS) b.Direct
sequence spread spectrum (DSSS) c.Spread spectrum frequency
tonation (SSFT) d.Orthogonal frequency division multiplexing
(OFDM)