A. K. Nath

abdomendebonairΑσφάλεια

2 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

132 εμφανίσεις

1

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Computer Security

2

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in


This

presentation

is

intended

to

inform

the

audience

about

the

dangers

associated

with

a

computer

network

devices

and

it

is

not

a

demonstration

of

any

Hacking

.

3

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Demos


Wireless

Security




Web

Security

4

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

INDEX





Introduction


A

Step
-
by
-
Step

process

of

Wireless

Communications



Prevent

Your

Network

from

Getting

Hacked

5

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in


INTRODUCTION




6

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Wireless Internet



It

is

internet

access

without

the

use

of

wires
.




Instead

it

uses

radio

frequency

bands

to

exchange

information

between

your

computer

and

the

Internet

within

a

range

.

7

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Types of Wireless Security

8

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in



Types of Security


OPEN

:

No

security

configured



Obviously

not

advised


Data

is

in

the

air

in

plain

text

and

anyone

can

read

it



WEP

:

Wired

Equivalent

privacy



Very

week

and

not

recommended



Used

in

Open

and

Shared
-
Key

Authentication

9

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Types of Security…


WPA
:

Wi
-
Fi

Protected

Access



Much

better

than

WEP


Pre

shared

Key

concept

used



Encryption

Algorithm

used

TKIP


Easy

to

setup,

as

easy

as

WEP


Available

in

all

the

common

wi
-
fi

routers


A

must

for

all

home

users


Will

take

a

long

time

to

break

in

10

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Types of Security…


WPA
2
:

Advance

Wi
-
Fi

Protected

Access



Better

than

WPA



Used

AES

as

Encryption

System


Takes

little

more

pain

to

setup


Advised

in

corporate

environments


Strong

encryption

and

authentication

support



11

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Wireless Security Standards

12

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Description of WEP Protocol


WEP

relies

on

a

shared

secret

key

(
40

bit/
128

bit)

which

is

shared

between

the

sender

(client)

and

the

receiver

(Access

Point)
.



Secret

Key

-

to

encrypt

packets

before

they

are

transmitted



Integrity

Check

-

to

ensure

packets

are

not

modified

in

transit
.


The

standard

does

not

discuss

how

shared

key

is

established
.

In

practice,

most

installations

use

a

single

key

which

is

shared

between

all

mobile

stations

and

access

points
.

12

13

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

How to configure WPA


Open

the

configuration

of

your

wi
-
fi

device


Go

to

wireless

setting


Under

security

option,

select

any

one


WPA


WPA
-
PSK


WPA
-
Personal


WPA
2
-
Personal


Set

a

complex

password


Change

the

login

password

of

the

wireless

router
.


Done

14

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Look for this

15

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in


A Step
-
by
-
Step process of
Wireless Communication


16

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

A little info…



For

Connecting

with

a

AP

user

render

data

segment

called

Beacon

frames
.



After

connected

with

AP

the

data

segment

is

called

Packet
.

17

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

More info…


Depending

on

how

long

the

computer

is

connected,

it

can

generate

a

certain

number

of

packets

per

day
.




The

more

users

that

are

connected

to

one

access

point,

the

more

packets

are

generated
.


18

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

First…


You

must

locate

the

wireless

signal



This

can

be

done

by

using

your

default

Windows

tool

“View

Available

Wireless

Network”

19

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Second…


Once

you

located

a

wireless

network

you

can

connect

to

it

unless

it

is

using

authentication

or

encryption
.




If

it

is

using

authentication

or

encryption

then

for

the

next

step

a

Cracking

tool

can

be

use

for

WEP

keys
.


20

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in



Once

enough

packets

recovered

it

will

then

captured

information

gathered

from

the

packets

and

crack

the

key

giving

you

access
.


Third….

21

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Prevent Your Network from
Getting Hacked

22

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Prevent Your Network from Getting
Hacked


Don’t

broadcast

your

SSID

.

This

is

usually

done

during

the

setup

of

your

wireless

router
.


Change

the

default

router

login

to

something

else
.



If

your

equipment

supports

it,

use

WPA

or

WPA

2

because

it

offers

better

encryption

which

is

still

able

to

be

broken

but

much

harder
.


Always

check

for

updates

to

your

router
.


Turn

off

your

router

or

access

point

when

not

using

it
.


23

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Security Advised


Change

the

router

login

password

frequently


At

least

once

a

month


Change

the

wireless

WPA

password

also


At

least

once

a

month


Avoid

temptation

to

connect

to

open

wireless

just

looking

for

free

internet
.

24

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Security Advised..


We

can

configure

DHCP

more

tightly
.


Lets

not

keep

an

open

pool

where

any

one

can

connect


Example



I

have

3

machines

in

my

home

(desktop/laptop/phone)



I’ll

create

a

IP

pool

of

3

IPs

only



I’ll

do

DHCP

reservation

using

the

MAC

of

these

3

IP



Effectively

I’m

not

allowing

any

outsider

machine

to

connect

25

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Security Advised..


We

can

configure

MAC

binding
.


Allow

only

MY

machines

to

connect


Many

access

points

support

MAC

binding


Any

other

machine

will

not

be

able

to

connect

to

my

Wi
-
Fi



26

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Web Security

27

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Methods

Man
-
in
-
the
-
Middle Attacks


Stealing Passwords


Trojan Horses


Exploiting Defaults


Wireless Attacks

28

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Man
-
in
-
the
-
middle(MITM) Attack


MAC(Media Access Control) duplication


ARP (Address Resolution Protocol) poisoning


Router table poisoning


Fake routing tables



29

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Conclusion


There

is

no

such

thing

as

100
%

percent

security

when

using

wireless

networks

but

at

least

with

these

few

simple

steps

you

can

make

it

harder

for

the

average

person

to

break

into

your

network
.


30

C
-
DAC/Kolkata

C
-
DAC All Rights Reserved

www.cdackolkata.in

Thank You