Wireless Intrusion Detection - Sharkfest - Wireshark

More documents

Recommendations

Info

Wi-Fi & Security • Everything uses Wi-Fi now • EVERYTHING • “How do I get my IV pump on WEP” • Set up properly, there's nothing wrong with Wi-Fi security • Doing it right is HARD and complicated 3
Page 1: Wireless Intrusion Detection Mike K
Page 5 and 6: Porous borders • Physical company
Page 7 and 8: Users are wily • If you don't giv
Page 9 and 10: Integrated WIDS • Integrated / En
Page 11 and 12: Wi-Fi Architecture • Wi-Fi acts b
Page 13 and 14: WIDS can be hard • Many vulnerabi
Page 15 and 16: “oops” • Non-malicious accide
Page 17 and 18: Indirect attacks in the wild • Lo
Page 19 and 20: Targetted internal attacks • Empl
Page 21 and 22: Types of attacks • Wi-Fi is vulne
Page 23 and 24: RF Jamming • Licensed “jammers
Page 25 and 26: Detecting jamming • Using hardwar
Page 27 and 28: Protocol DoS • 802.11 is a very n
Page 29 and 30: 29 In action
Page 31 and 32: Get off my lawn: Deauth/disassoc
Page 33 and 34: WPS Reaver • WPS meant to make it
Page 35 and 36: What do you get • WPS is meant to
Page 37 and 38: Impersonation attacks • What iden
Page 39 and 40: Beacons • Network sends a beacon
Page 41 and 42: Client connection • Client sends
Page 43 and 44: Karma attack • Client sends probe
Page 45 and 46: WPA-EAP • WPA-EAP methods provide
Page 47 and 48: Impersonation impact • If you're
Page 49 and 50: TCP hijacking ● ● ● ● TCP s
Page 51 and 52: Detecting stream hijacking • Very
Page 53 and 54:
Example driver attacks • Prism2/O
Page 55 and 56:
Client spoofing • Spoofing a clie
Page 57 and 58:
Application attacks • Ultimately
Page 59 and 60:
How easy is it to perform attacks
Page 61 and 62:
Pineapple • Karma, Aircrack, Kism
Page 63 and 64:
Attack mitigation • DoS attacks a
Page 65 and 66:
WEP is so bad... • How bad is it
Page 67 and 68:
See no evil • If you can't see wh
Page 69 and 70:
Active defense • Actively defend
Page 71 and 72:
Things you CAN do • Policy enforc
Page 73 and 74:
73 Kismet stuff!
Page 75 and 76:
Kismet basic operation • Places o
Page 77 and 78:
Supported Kismet platforms • Linu
Page 79 and 80:
Selecting hardware • Nearly any w
Page 81 and 82:
Simpler than before • Used to hav
Page 83 and 84:
Kismet to Snort • Tuntap export a
Page 85 and 86:
Expanding Kismet - Clients • TCP
Page 87 and 88:
87 Kismet protocol
Page 89 and 90:
Server plugins • Able to define n
Page 91 and 92:
91 Wi-Fi - One of Many
Page 93 and 94:
Kismet Phy-Neutral • Significant
Page 95 and 96:
PHY-N Advantages • Much simpler p
Page 97 and 98:
Writing for PHY-N • Each device r
Page 99 and 100:
The value of data • Can you trust
Page 101 and 102:
Loss of control • What does your
Page 103 and 104:
Go away PIP nobody likes you • Th
Page 105 and 106:
Other thoughts on wireless data lea
Page 107 and 108:
Some folk'll never commit a felony
Page 109:
Q&A Questions Anyone Bueller 109
show all

Wireless Intrusion Detection - Sharkfest - Wireshark

Create successful ePaper yourself

Delete template?

Save as template?