Dos on 802.11 and other security issues (See the paper first )
-
Upload
shrobon-biswas -
Category
Technology
-
view
114 -
download
0
Transcript of Dos on 802.11 and other security issues (See the paper first )
![Page 1: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/1.jpg)
Security Issues in the 802.11
Created by :-SHROBON BISWAS
![Page 2: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/2.jpg)
Operating Frequencies WLans operate in 3 different frequency ranges.● 2.4 Ghz (802.11 b/g/n)● 3.6 Ghz (802.11 y)● 4.9/5.0 Ghz ( 802.11 a/h/j/n)
Each of these ranges are divided into multiple channels. ( channel 1,2, 3 ,...... 14 for 802.11 b/g/n)
Our Wifi Card can be set into one particular channel , at an instance of time.
![Page 3: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/3.jpg)
Know The Terminology BSSID - Basic Service Set IdentifierESSID - Extended Service Set Identifier STA - Station / Wireless clientAP - Access Point (Wireless Modem)Beacon- Broadcasting self existanceProbe - Hello ! anybody there ??PNL - Preferred Network List
![Page 4: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/4.jpg)
Different Modes of the NIC● Monitor mode - Receive all packets , whether the packets are destined to us
or not.
● AdHoc Mode - Peer to Peer connection with no centralised AP.
● Managed mode - Client connects to a particular AP and once connection is
made, client cannot communicate with other clients.
● Master mode - a wireless card can only communicate with with connected
clients in master mode .
** For our discussion , we will be focussing only on the monitor mode .
![Page 5: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/5.jpg)
Connection Process 1. Lonely AP keeps Broadcasting its presence.(keeps sending beacon frames out into the air)2. Client laptop sends probe requests to the AP’s available nearby . Hey brother are you there ?? ( sends probe request)3. AP Sends the client a Probe response saying. Yes bro , i am right here .4. Client now sends an Authentication Request.Can i use your internet ?5. AP sends Authentication response saying Yes you can. 6. Client now asks are you sure ? sends Association Request .7. AP says YES bro i am sure .. sends an Association Response 8. DeAuth Packets are send to close the connection .
![Page 6: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/6.jpg)
AP-STA State Machine [1]
![Page 7: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/7.jpg)
Protect Unauthorized accessMethods :1. HIDDEN SSID : LAME !! LAME !! 2. MAC FILTERING : SHAME SHAME !! [2]
3. WEP encryption : SKA 64/128 bit WEP , Blunder !4. WPA - TKIP , Moderate security 5. WPA2 - CCMP , Does little better than WPA2
** None of the Security methods mentioned are fullproof due to the lack of robustness of the 802.11.
![Page 8: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/8.jpg)
WLAN Packet Headers [3]
![Page 9: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/9.jpg)
Understanding DoS Attack[4]
![Page 10: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/10.jpg)
It’s Demo Time
What’s in the menu ? ★ Channel Hopping ★ Packets !! ( not food packets ) ★ Unhiding Hidden SSID★ Denial of Service (DoS Attack)★ Shattering MAC Filtering / Binding★ Basics of Honeypot / Evil Twin & Other Hotspot Based
Attacks + Isolated Clients + Gratituous ARP★ The Famous MITM
![Page 11: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/11.jpg)
Links and References[1] Access Point and Station state machine : cecs.wright.edu[2] Intercepting Mobile Communications: The Insecurity of 802.11 : Nikita Borisov ,Ian Goldberg ,David Wagner[3] Wlan Packet Headers : www.wildpackets.com[4] Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks : Kemal Bicakci , Bulent Tavli b (This paper just states a possibility and not the working infrastructure and proof )(Deals With MAC address Spoofing detection --- Used in WIDS and WIPS today )[5] Study of DoS Attacks on IEEE 802.11 WLAN and its Prevention/Detection Techniques Nisha Sharma, Paras Nath Barwal CDAC Noida
![Page 12: Dos on 802.11 and other security issues (See the paper first )](https://reader035.fdocuments.in/reader035/viewer/2022071911/55cf4396bb61eb302f8b471b/html5/thumbnails/12.jpg)