Wireless Intrusion Detection - Sharkfest - Wireshark
Wireless Intrusion Detection - Sharkfest - Wireshark Wireless Intrusion Detection - Sharkfest - Wireshark
Recap • If you don't know to look you can't know how bad it is • Look in unexpected places • Everything has security problems; arm yourself with more info • More wireless tech = more things to monitor 108
Q&A Questions Anyone Bueller 109
- Page 58 and 59: Application attacks • Border IDS
- Page 60 and 61: 60 Wi-Fi Pineapple
- Page 62 and 63: PwnPlug • Looks like power adapte
- Page 64 and 65: How bad is WEP, really • HORRIBLE
- Page 66 and 67: Where WIDS falls down • We can pr
- Page 68 and 69: Things we can't currently fix • O
- Page 70 and 71: Corralling clients • Can attempt
- Page 72 and 73: Things you CAN'T do • Run jammers
- Page 74 and 75: Kismet • Started as purely a netw
- Page 76 and 77: Kismet IDS • Both signature and t
- Page 78 and 79: Getting the latest version • Your
- Page 80 and 81: Host hardware ● ● ● ● Kisme
- Page 82 and 83: WIDS to Syslog • Two ways to get
- Page 84 and 85: Expanding Kismet - Distributed Capt
- Page 86 and 87: Kismet protocol • Similar to IMAP
- Page 88 and 89: Expanding Kismet - Plugins • Plug
- Page 90 and 91: Client plugins • Able to interfac
- Page 92 and 93: Going beyond Wi-Fi • What about o
- Page 94 and 95: 94 Kismet Phy-Neutral
- Page 96 and 97: PHY-N support in progress or planne
- Page 98 and 99: So what else do we care about • O
- Page 100 and 101: Heist of the century • When used
- Page 102 and 103: Ninja-level problems • Attackers
- Page 104 and 105: Different != better • Custom prot
- Page 106 and 107: Things you probably send to pagers
Recap<br />
• If you don't know to look you can't know how bad it<br />
is<br />
• Look in unexpected places<br />
• Everything has security problems; arm yourself with<br />
more info<br />
• More wireless tech = more things to monitor<br />
108