SPECIAL-OPS 1 – WIRELESS SECURITY KUNGF00

OVERVIEW

Wi-Fi has become ubiquitous in our lives today. However, the flexibility and mobility provided by Wi-Fi comes at a cost – inherent insecurity! This workshop will provide a highly technical and in-depth treatment of Wi-Fi security. The emphasis will be to provide the participants with a deep understanding of the principles behind various attacks and not just a quick how-to guide on publicly available tools. We will start our journey with the very basics by dissecting WLAN packet headers with Wireshark, then graduate to the next level by cracking WEP, WPA/WPA2 and then move on to real lifechallenges like orchestrating Man-in-the-Middle attacks, creating Wi-Fi Backdoors and solving some live CTF style challenges together!

KEY LEARNING OBJECTIVES

•     Basic to Advanced Wireless LAN security
•     Be able to audit wireless networks for security vulnerabilities
•     Demonstrate different Wi-Fi attacks as Proof of Concepts
•     Propose best practices to create a secure wireless network

LIST OF TOPICS

1. Wireless LAN Basics
2. 802.11 WLAN Packet Types and Headers
3. WLAN Authentication and Encryption
4. Wireless Lab Setup
5. Analyzing Wireless Traffic with Wireshark
6. Wireless Sniffing and War Driving

7. Bypassing WLAN Authentication
1.    Shared Key Authentication
2.    Hidden SSID
3.    Mac Address Filtering

8. Breaking WLAN Encryption
1.    WEP
2.    WPA/WPA2 Personal
3.    WPA/WPA2 Enterprise
4.    Different Scenarios for Cracking
i.     AP-less Cracking
ii.     Client-less Cracking

9. Attacking the WLAN Infrastructure
1.    Network discovery and enumeration
2.    Misconfigured Access Points
3.    Rogue Devices
4.    Evil Twins
5.    Denial of Service attacks
6.    Replay Attacks
7.    Man-in-the-middle attacks

10. Attacking the Wireless Client
1.    Mis-Association attacks
2.    Denial of Service attacks
3.    Ad-Hoc network attacks and Viral SSIDs
4.    Honeypot attacks
5.    Hotspot attacks
6.    Caffe Latte attack
7.    Fragmentation Attacks
8.    Hirte attack
9.    Viral SSIDs and Ad-Hoc network attacks
10.    Wi-Fishing
11.    Enumerating security settings

11. Hacking Enterprise Security
1.    802.1x basics
2.    Hacking 802.1x authentication
3.    RADIUS, EAP, LEAP, PEAP attacks
4.    Rogue Servers

12. Advanced Wireless Attacks
1.    Wi-Fi Malware – Windows 7, Vista, XP, OSX, Linux
2.    Breaking into the client with Metasploit and SET
3.    SSL MITM over Wireless
4.    Evading Wireless IDS/IPS

13. Scripting Wireless Tools
1.    Programming Wireless Injectors and Sniffers
2.    Automating Wi-Fi attacks
3.    Extending existing tools like Aircrack-NG for fun and profit

14. Wireless Forensics
1.    Analyzing Wi-Fi traffic
2.    Attack analysis with Wireshark and other tools
3.    Reconstructing attacks

15. Wireless best practices
1.    Access Points
2.    Clients
3.    Network Architecture
4.    Wireless Intrusion Prevention systems

16. Roadmap for further study

ABOUT THE TRAINER

Vivek Ramachandran

Vivek Ramachandran is a world renowned security researcher and evangelist. He is the discoverer of the wireless “Caffe Latte Attack” and has delivered presentations in world renowned Information Security conferences such as Defcon and Toorcon in the US. His discoveries and talks have been widely quoted by the International media including – BBC Online, Network World, The Register, Mac World, Computer Online and others.

In 2006, Microsoft declared Vivek as one of the winners of the Microsoft Security Shootout Contest held in India among an estimated 65,000 participants. In 2005, he was awarded a team achievement award by Cisco Systems for his work in the 802.1x and Port Security modules. He is well known in the hacking and security community as the founder of SecurityTube.net , a free video based computer security education portal which gets an estimated 100,000 monthly visitors. Vivek is also an accomplished trainer and travels around the world conducting workshops and training sessions for corporates and students. He holds a degree in B.Tech from IIT Guwahati and acts as an advisor to the computer science department’s Security Lab.