Trainers: Anthony Zboralski (Founder, Bellua Asia Pacific / HERT)
Capacity: 25 pax
Seats left: 14
Duration: 2 days
Cost: (per pax) USD1499 (early bird) / USD1899 (non early-bird)
Overview
The purpose of this course is to give a full understanding of what wireless networks are, how they work, how they are found and exploited, and how they can be secured. Students will learn how to attack wireless networks and how to secure them from both management and technical perspectives. There will be a discussion and case studies on actual wireless security penetration test.
Who Should Attend?
• IT Operation Professionals
• Information Security Managers and Officers
• Existing security auditors who wish to expand their auditing skills.
• Consultants who wish to provide advice on wireless technology and security
Prerequisites
• Participants are required to bring their own laptops
Key Objectives
• Hands-on “War Driving”, performing a Wireless Security Survey
• Technical Awareness of Wireless Hacking and Security Techniques
• Future development in Wireless Security
• Awareness on management control and policy to enhance shortcomings in wireless technologies
Course Materials
* Student manual
* Bellua T-Shirt
* Kismet & Aircrack Compatible USB Wireless Card (can be used under VMWare)
* Backtrack Live CD
* Backtrack VMWare Imag
Course Overview
Module 1 : Introduction
* Course introduction
* Backtrack setup & Mini-interview
Module 2 : Learning to War Drive
* 802.11 Primer/Refresher
* The Rig: 802.11 Hardware (Laptops, embedded devices, PDAs, GPS, antennas…)
* Case Study : War Driving Jakarta
* Limitations
* Hands-on : Using Kismet & Airodump
Module 3 : Hacking public hotspots
* Hacking captive portals
* Rogue AP “Evil Twin”
* DNS Tunneling
* By-passing MAC, IP and MAC+IP Authorization
* Attacking clients using Blancher’s Wifitap
* Hands-on: DNS tunneling
Module 4 : Cracking WEP & WPA
* WEP Primer
* What’s Wrong with WEP
* Cracking WEP
* Hacking WEP without cracking
* Hands-on: Cracking demo WEP AP using aircrack-ng
* Cracking WPA
* Building rainbow tables using CUDA PFU, Nvidia GPU
* Hands-on: Cracking demo WPA AP using cowpatty rainbow tables
Module 5 : Analysis and Mapping
* Case study: War Driving & Wireless hacking phase of an actual penetration test
* Data analysis
* Hands-on: Extracting useful information (passwords, cookies, WPA handshakes, e-mails, etc.)
* Hands-on: Generating a map
Module 6 : Rogue Access Points
* Invisible Access Point using illegal frequencies (kugutsumen & zero chaos Ath5k driver patch)
* Man-in-the-Middle Attacks using karma
* Social Engineering Attack
Module 7 : Wireless Security
* Best practices and pitfalls
* Case study: Using WPA2 Personal and expiring keys using OpenWRT
* Case study: Using WPA2 Enterprise in practice
* Protecting the users
* Planning for failure
Module 8 : Hacking Bluetooth, VSAT and others…
* Bluetooth hacking
* Demo: Sniffing Bluetooth using frontline comprobe
* Video demo: hacking satellite network by Bellua consultants, Jim Geovedi & Raditya Iryandi
Module 9 : Conclusion
* Future developments
* Completion of course appraisal forms
* Summary and end of course
About Anthony Zboralski
Anthony Zboralski is the founder and CTO of Bellua Asia Pacific, an Information Security consulting firm. Anthony has over thirteen years of experience performing penetration tests, assessments, forensics and security related services for some of the largest Asian banks and telcos as well as a dozen Fortune 500 companies.
He is also known as Gaius or Kugutsumen, one of the Hacker Emergency Response Team (HERT) cofounders; he has been involved in the security and hacking community since 1989. (in)famous for social engineering the FBI back in the 90s: “In 1994, a french hacker named Anthony Zboralski called the FBI office in Washington, pretending to be an FBI representative working at the U.S. embassy in Paris. He persuaded the person at the other end of the phone to explain how to connect to the FBI’s phone conferencing system. Then he ran up a $250,000 phone bill in seven months.”, Bruce Schneier, Beyond Fear.