- Page 1: Wireless Intrusion Detection Mike K
- Page 5 and 6: Porous borders • Physical company
- Page 7 and 8: Users are wily • If you don't giv
- Page 9 and 10: Integrated WIDS • Integrated / En
- Page 11 and 12: Wi-Fi Architecture • Wi-Fi acts b
- Page 13 and 14: WIDS can be hard • Many vulnerabi
- Page 15 and 16: “oops” • Non-malicious accide
- Page 17 and 18: Indirect attacks in the wild • Lo
- Page 19 and 20: Targetted internal attacks • Empl
- Page 21 and 22: Types of attacks • Wi-Fi is vulne
- Page 23 and 24: RF Jamming • Licensed “jammers
- Page 25 and 26: Detecting jamming • Using hardwar
- Page 27 and 28: Protocol DoS • 802.11 is a very n
- Page 29 and 30: 29 In action
- Page 31 and 32: Get off my lawn: Deauth/disassoc
- Page 33 and 34: WPS Reaver • WPS meant to make it
- Page 35 and 36: What do you get • WPS is meant to
- Page 37 and 38: Impersonation attacks • What iden
- Page 39 and 40: Beacons • Network sends a beacon
- Page 41 and 42: Client connection • Client sends
- Page 43 and 44: Karma attack • Client sends probe
- Page 45 and 46: WPA-EAP • WPA-EAP methods provide
- Page 47 and 48: Impersonation impact • If you're
- Page 49 and 50: TCP hijacking ● ● ● ● TCP s
- Page 51 and 52: Detecting stream hijacking • Very
- Page 53 and 54:
Example driver attacks • Prism2/O
- Page 55 and 56:
Client spoofing • Spoofing a clie
- Page 57 and 58:
Application attacks • Ultimately
- Page 59 and 60:
How easy is it to perform attacks
- Page 61 and 62:
Pineapple • Karma, Aircrack, Kism
- Page 63 and 64:
Attack mitigation • DoS attacks a
- Page 65 and 66:
WEP is so bad... • How bad is it
- Page 67 and 68:
See no evil • If you can't see wh
- Page 69 and 70:
Active defense • Actively defend
- Page 71 and 72:
Things you CAN do • Policy enforc
- Page 73 and 74:
73 Kismet stuff!
- Page 75 and 76:
Kismet basic operation • Places o
- Page 77 and 78:
Supported Kismet platforms • Linu
- Page 79 and 80:
Selecting hardware • Nearly any w
- Page 81 and 82:
Simpler than before • Used to hav
- Page 83 and 84:
Kismet to Snort • Tuntap export a
- Page 85 and 86:
Expanding Kismet - Clients • TCP
- Page 87 and 88:
87 Kismet protocol
- Page 89 and 90:
Server plugins • Able to define n
- Page 91 and 92:
91 Wi-Fi - One of Many
- Page 93 and 94:
Kismet Phy-Neutral • Significant
- Page 95 and 96:
PHY-N Advantages • Much simpler p
- Page 97 and 98:
Writing for PHY-N • Each device r
- Page 99 and 100:
The value of data • Can you trust
- Page 101 and 102:
Loss of control • What does your
- Page 103 and 104:
Go away PIP nobody likes you • Th
- Page 105 and 106:
Other thoughts on wireless data lea
- Page 107 and 108:
Some folk'll never commit a felony
- Page 109:
Q&A Questions Anyone Bueller 109