WSBC - Outline

RF/802.11 Technologies

In this first section, we lay down the foundation for the rest of the seminar. You will learn about Radio Frequency technologies and how they work to efficiently pass data over the airwaves. We will also look at the 802.11 standards and what they mean to you as an end user. Next we look at the various pieces of hardware needed to setup and support a WLAN. Finally, we take a look at WLAN management and the options you can control to make your wireless network more stable.

  • 2.4GHz/5.8GHz RF Fundamentals
  • FDMA/FHSS/DHSS/OFDM
  • 802.11a/b/g/i
  • Fragmentation/CTS/(I/E/B)SSID
  • WLAN Management
  • WLAN Hardware

Basic Security and WEP

Once the foundation is laid down, we will start taking a look at basic security measures available to WLAN users to help secure their networks. We start with a look at MAC filtering, RF natural jamming, and the move into a detailed explanation of WEP. To illustrate the dangers of using WEP, we will start a live WEP cracking process just to demonstrate the dangers of relying on this unsafe form of protection.

  • MAC Filtering
  • Natural Jamming
  • WEP
  • Authentication
  • ICVs

WPA

This section focuses on the internals of WPA. We look at TKIP, Michael, and MIC and how they work to help repair the holes found in WEP.

  • TKIP
  • MIC
  • Michael

WPA2 (802.11i)

Next we look at the current Wi-Fi protection standards and break them down to help you understand how they work and what they do. From the initial EAP handshake, to AES and all points in between, you will learn how WPA2 has helped to make wireless networking more secure.

  • RSN and AES-CCMP
  • PMK/PTK/GMK/GTK
  • RADIUS
  • 802.1x
  • EAP - EAP/EAP-TLS/LEAP/PEAP/etc.

Basic Attacks

Theory and concepts are a good place to start. But seeing is believing, so we devote much of the seminar to hands-on demonstrations of how wireless networks are attacked. We start with WarDriving on Windows and then shift gears and jump into Linux based tools. Using LiveCDs, we will work with you to test and examine wireless traffic using many popular Linux based tools. Our goal is to at least demo one tool/program for each major type of Wi-Fi attack.

  • WarDriving
  • Wi-Fi Mapping
  • LiveCDs
  • Linux WLAN monitoring tools
  • Bypassing MAC filtering
  • Locating 'Hidden' SSIDs
  • WEP & TKIP & LEAP cracking

Advanced Attacks

Most wireless attacks are based on simple flaws. However, some are more advanced or extremely dangerous to wireless network users. We start with a custom built rouge hotspot tool, and move into jamming, spoofing, man in the middle and injection attacks and more.

  • cheaT-Mobile
  • Rouge APs
  • Jamming/DoS Attacks
  • MiTM
  • Injection Attacks

Misceallenous Attacks

Wireless networks not only are targets, but they can help facilitate attacks. This section is devoted to the attacks that abuse or use Wi-Fi to further their cause. Mobile devices can become victims of attack, and even be used to launch attacks. Creeper devices can be install behind the company firewall. Wi-Fi routers can be attacked and used to relay attacks or capture data. Even the simple RFID tag can be abused.

  • Airborne Viruses
  • PDA Attacks
  • The ‘creeper’
  • Wi-Fi Router backdoor
  • RFID

Protections

No wireless security seminar would be complete without addressing the steps you can take to secure your network. This section looks at the tools and techniques you can use to locate and test your own network for problems. We also look at wireless intrusion detection programs, and conclude with demonstrations on how to setup PEAP for your wireless network, as well as suggested tools and products you can use to secure your own wireless network.

  • Penetration Testing
  • Intrusion Detection
  • PEAP on Windows/PEAP on FreeRADIUS
  • Network Solutions
  • Best Practices

 

Top