SlideShare una empresa de Scribd logo

WI-FI Security in Jersey 2011

Paul Dutot IEng MIET MBCS CITP OSCP CSTM
Paul Dutot IEng MIET MBCS CITP OSCP CSTM

A lecture given by Cyberkryption founder Paul Dutot to the British Computer Society on the state of WI-FI security in Jersey based on a survey of 13,168 access points during December 2011

TecnologíaNoticias y política
1 de 21
WI-FI Security Jersey 2011 Date: 23 March 2011 By: Paul Dutot
2 About Me Work at Air Traffic Engineering Incorporated Engineer Chartered IT Professional Interested in Ethical Hacking Interested in Information Security MCTS / MCSE / Solaris / Security + ‘Pentest with Backtrack’ course Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
3 WI-FI Security Agenda Surveying Equipment Surveying Process & Legal Issues Data Manipulation. WI-FI Encryption types and the risks Recent News : State of WPS Survey Results / Mapping How to be a secure Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
4 WI-FI Security Surveying Equipment GlobalSat ND100 Gps IP65 Weather Dongle Proof Housing with Alfa Networks Card Laptop PSU USB extension Cables Backtrack 5 Kismet Alfa Networks Card in Monitor 300 W 12v to 240v Inverter WI-FI Card in Monitor Mode | GPSD = location information | Kismet = Beacon Frames only !! Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
5 Surveying Process & Legal Issues Computer Misuse (Jersey) Law 1995 We survey passively so therefore we are not connectin to access points Data Protection (Jersey) Law 2005 Registered with Data Protection Law for lecture purposes Regulation of Investigatory Powers (Jersey) Law 2005 Obtained ‘Lawful Authority’ to survey with SoJP and parish connetables. SoJP control room informed when surveying taking place Paul Dutot Les Mouettes, 4 La Rue De Maupertuis IEng MIET MBCS CITP T: + (0) 7797 741 392 44
6 WI-FI Security Data Manipulation Paul Dutot Les Mouettes,4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
7 WI-FI Security No Encryption : The Risks No specialist knowledge Internet required Unauthorised Bandwidth theft Theft of digital material Identity fraud Authorised MPIA / RIAA letter Download of prohibited material Difficulty : Paul Dutot Les Mouettes, 4 La Rue De Maupertuis , J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
8 WI-FI Security WEP Encryption : The Risks Medium difficulty Internet Unauthorised YouTube videos available No client connection required Same risks as no encryption once bypassed Authorised Good chance of success Difficulty : Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IENG MIET MBCS CITP T: + (0) 7797 741 392 44
9 WI-FI Security WPA Encryption : The Risks Specialist knowledge Internet required Unauthorised Encryption secure with non dictionary word 4 way handshake capture required Authorised Client connection required Low chance of success Difficulty : Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
10 WI-FI Security WI-FI Protected Security - WPS Designed to be an easy method to connect wireless devices Key cryptography = Good 8 digit number +128 bit Nonce Protocol for key validity = Bad / 4 digits / 3 digits + checksum Identified by Stefan Viehbock Routers should go into ‘lockdown’ after 3 invalid attempts but not all do !! Reaver exploitation tool freely available Vulnerability renders WPA / WPA 2 security useless SOLUTION: disable WPS and only enable when adding new devices Paul Dutot Les Mouettes, 4 La Rue De Maupertuis , J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
11 WI-FI Security Survey Results Survey carried out 12-15th December Representative survey of 13,168 access points 13.9 % (1835) = no encryption 19.37% (2551) = WEP 33.27 % (4386) are insecure i.e. WEP or No Encryption 53.9% (7097) are made by Netgear 29.1% (2066) of Netgear routers are insecure Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
12 WI-FI Security Encryption by Type 3539 3301 2550 1835 1790 87 43 13 3 1 2 1 None WPA+AES-CCM Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
13 WI-FI Security Distribution by Channel 1% 2% 0% Channel 0 24% Channel 1 Channel 2 Channel 3 Channel 4 35% Channel 5 Channel 6 Channel 7 2% Channel 8 3% Channel 9 Channel 10 2% Channel 11 2% Channel 12 Channel 13 2% 2% 2% 2% 20% Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
14 WI-FI Security Manufacturer Top Ten 2% 2% 3% 3% Netgear 7097 4% Netgear ThomsonT 729 4% ThomsonT Cisco 700 Cisco ZygateCo 429 4% ZygateCo 3com 390 3com BelkinIn 390 BelkinIn AskeyCom 323 6% AskeyCom ZyxelCom 319 ZyxelCom Tp-LinkT 268 Tp-LinkT Cisco-Li 254 7% Cisco-Li 65% Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
15 WI-FI Security Jersey WI-FI Map Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
16 WI-FI Security Encryption = None Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IENG MIET MBCS CITP T: + (0) 7797 741 392 44
17 WI-FI Security Encryption = WEP Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
18 WI-FI Security How to be a secure home user Use WPA2 + AES encryption Internet with non dictionary password Good password on access point management interfaces Disable WI-FI Protected Setup (WPS) Authorised WPA+TKIP then WEP for legacy devices Check your WPA/WPA2 password at http://wpacracker.com Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
19 WI-FI Security How to be a secure small business – Server 2003 Internet SNMP Network Access Control Mixed Environment Implement BYOD Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
20 WI-FI Security How to be a secure business – Server 2008 Use Network Access Protection Not available before Windows Server 2008 Significant infrastructure Difficult to implement BYOD ‘Windows’ only infrastructure Mixed environments use Packet Fence or similar product Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
Secure your router guide and PDF version of survey http://w ww.cyberkryption.com Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44

Recomendados

Police Proposal
Police ProposalPolice Proposal
Police ProposalDaniel Feludu
 
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 edenSec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden道成資訊股份有限公司
 
Session6 Security Emidio
Session6 Security EmidioSession6 Security Emidio
Session6 Security EmidioISSGC Summer School
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
Video Conferencing and Security
Video Conferencing and SecurityVideo Conferencing and Security
Video Conferencing and SecurityVideoguy
 
2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)Fabio Pietrosanti
 
10.1.1.64.2504
10.1.1.64.250410.1.1.64.2504
10.1.1.64.2504Dan Drumm
 

Recomendados

Police Proposal
Police ProposalPolice Proposal
Police ProposalDaniel Feludu
 
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 edenSec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden道成資訊股份有限公司
 
Session6 Security Emidio
Session6 Security EmidioSession6 Security Emidio
Session6 Security EmidioISSGC Summer School
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
Voice securityprotocol review
Voice securityprotocol reviewVoice securityprotocol review
Voice securityprotocol reviewFabio Pietrosanti
 
Video Conferencing and Security
Video Conferencing and SecurityVideo Conferencing and Security
Video Conferencing and SecurityVideoguy
 
2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)2009: Voice Security And Privacy (Security Summit - Milan)
2009: Voice Security And Privacy (Security Summit - Milan)Fabio Pietrosanti
 
10.1.1.64.2504
10.1.1.64.250410.1.1.64.2504
10.1.1.64.2504Dan Drumm
 
Voice communication security
Voice communication securityVoice communication security
Voice communication securityFabio Pietrosanti
 
Cyber security assocham
Cyber security assochamCyber security assocham
Cyber security assochamnmrdkoz
 
Resources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationResources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationOregon Law Practice Management
 
Security model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreSecurity model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreAT Kishore
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AlivePositive Hack Days
 
Cyberoam Net Genie Brief Ppt 4.0
Cyberoam Net Genie Brief Ppt 4.0Cyberoam Net Genie Brief Ppt 4.0
Cyberoam Net Genie Brief Ppt 4.0ambarish_pawar
 
Private residence complex security. Technical solutions
Private residence complex security. Technical solutionsPrivate residence complex security. Technical solutions
Private residence complex security. Technical solutionsSIS Group International
 
Sec Wars Episode 3
Sec Wars Episode 3Sec Wars Episode 3
Sec Wars Episode 3Ikuo Takahashi
 
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threatLuc Beirens
 
Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle BH
 
Complete Security
Complete SecurityComplete Security
Complete SecuritySophos
 
Report on Future of Telecommunication Technologies
Report on Future of Telecommunication TechnologiesReport on Future of Telecommunication Technologies
Report on Future of Telecommunication TechnologiesYashraj Nigam
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutionshemantchaskar
 
Recent Work
Recent WorkRecent Work
Recent WorkAmberStar
 
News letter oct 11
News letter oct 11News letter oct 11
News letter oct 11captsbtyagi
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Saravana Kumar
 
Wi fi Technilogy
Wi fi TechnilogyWi fi Technilogy
Wi fi Technilogythasnim1304
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...GiantSteps Media Technology Strategies
 
Wireless security and the internet of things nick hunn
Wireless security and the internet of things nick hunnWireless security and the internet of things nick hunn
Wireless security and the internet of things nick hunn3GDR
 
IMPORTANCE OF CURING IN BUILDING CONSTRUCTION
IMPORTANCE OF CURING IN BUILDING CONSTRUCTIONIMPORTANCE OF CURING IN BUILDING CONSTRUCTION
IMPORTANCE OF CURING IN BUILDING CONSTRUCTIONBangalore Prj
 
Bringing the Science of the Laboratory to the Crime Scence Poster
Bringing the Science of the Laboratory to the Crime Scence PosterBringing the Science of the Laboratory to the Crime Scence Poster
Bringing the Science of the Laboratory to the Crime Scence Posterjwylde
 

Más contenido relacionado

La actualidad más candente

Voice communication security
Voice communication securityVoice communication security
Voice communication securityFabio Pietrosanti
 
Cyber security assocham
Cyber security assochamCyber security assocham
Cyber security assochamnmrdkoz
 
Resources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationResources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationOregon Law Practice Management
 
Security model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreSecurity model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreAT Kishore
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AlivePositive Hack Days
 
Cyberoam Net Genie Brief Ppt 4.0
Cyberoam Net Genie Brief Ppt 4.0Cyberoam Net Genie Brief Ppt 4.0
Cyberoam Net Genie Brief Ppt 4.0ambarish_pawar
 
Private residence complex security. Technical solutions
Private residence complex security. Technical solutionsPrivate residence complex security. Technical solutions
Private residence complex security. Technical solutionsSIS Group International
 
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threatLuc Beirens
 
Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle BH
 
Complete Security
Complete SecurityComplete Security
Complete SecuritySophos
 
Report on Future of Telecommunication Technologies
Report on Future of Telecommunication TechnologiesReport on Future of Telecommunication Technologies
Report on Future of Telecommunication TechnologiesYashraj Nigam
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutionshemantchaskar
 
News letter oct 11
News letter oct 11News letter oct 11
News letter oct 11captsbtyagi
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Saravana Kumar
 
Wi fi Technilogy
Wi fi TechnilogyWi fi Technilogy
Wi fi Technilogythasnim1304
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...GiantSteps Media Technology Strategies
 
Wireless security and the internet of things nick hunn
Wireless security and the internet of things nick hunnWireless security and the internet of things nick hunn
Wireless security and the internet of things nick hunn3GDR
 

La actualidad más candente (20)

Voice communication security
Voice communication securityVoice communication security
Voice communication security
 
Cyber security assocham
Cyber security assochamCyber security assocham
Cyber security assocham
 
Resources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client InformationResources for Lawyers Who Have Experienced Theft of Client Information
Resources for Lawyers Who Have Experienced Theft of Client Information
 
Security model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreSecurity model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishore
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
 
Cyberoam Net Genie Brief Ppt 4.0
Cyberoam Net Genie Brief Ppt 4.0Cyberoam Net Genie Brief Ppt 4.0
Cyberoam Net Genie Brief Ppt 4.0
 
Private residence complex security. Technical solutions
Private residence complex security. Technical solutionsPrivate residence complex security. Technical solutions
Private residence complex security. Technical solutions
 
Sec Wars Episode 3
Sec Wars Episode 3Sec Wars Episode 3
Sec Wars Episode 3
 
20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat20120208 Strategical approach to tacle cybercrime & the botnet threat
20120208 Strategical approach to tacle cybercrime & the botnet threat
 
Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010Oracle tech db-02-hacking-neum-15.04.2010
Oracle tech db-02-hacking-neum-15.04.2010
 
Complete Security
Complete SecurityComplete Security
Complete Security
 
Report on Future of Telecommunication Technologies
Report on Future of Telecommunication TechnologiesReport on Future of Telecommunication Technologies
Report on Future of Telecommunication Technologies
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Recent Work
Recent WorkRecent Work
Recent Work
 
News letter oct 11
News letter oct 11News letter oct 11
News letter oct 11
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revista
 
Ichci13 submission 104 (1)
Ichci13 submission 104 (1)Ichci13 submission 104 (1)
Ichci13 submission 104 (1)
 
Wi fi Technilogy
Wi fi TechnilogyWi fi Technilogy
Wi fi Technilogy
 
Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...Copyright and Technology London 2012: Content Identification - Werner Strydom...
Copyright and Technology London 2012: Content Identification - Werner Strydom...
 
Wireless security and the internet of things nick hunn
Wireless security and the internet of things nick hunnWireless security and the internet of things nick hunn
Wireless security and the internet of things nick hunn
 

Destacado

IMPORTANCE OF CURING IN BUILDING CONSTRUCTION
IMPORTANCE OF CURING IN BUILDING CONSTRUCTIONIMPORTANCE OF CURING IN BUILDING CONSTRUCTION
IMPORTANCE OF CURING IN BUILDING CONSTRUCTIONBangalore Prj
 
Bringing the Science of the Laboratory to the Crime Scence Poster
Bringing the Science of the Laboratory to the Crime Scence PosterBringing the Science of the Laboratory to the Crime Scence Poster
Bringing the Science of the Laboratory to the Crime Scence Posterjwylde
 
Trabajo de nayeli (1)
Trabajo de nayeli (1)Trabajo de nayeli (1)
Trabajo de nayeli (1)Liz Oscoy Ü
 
#HalosFun - Anatomy of a Tweet Chat
#HalosFun - Anatomy of a Tweet Chat#HalosFun - Anatomy of a Tweet Chat
#HalosFun - Anatomy of a Tweet ChatEric Burgess
 
Jennifer Dionne on Nanotechnology at Stanford
Jennifer Dionne on Nanotechnology at StanfordJennifer Dionne on Nanotechnology at Stanford
Jennifer Dionne on Nanotechnology at Stanfordpiero scaruffi
 
Planning du 1er au 5 février 2016
Planning du 1er au 5 février 2016Planning du 1er au 5 février 2016
Planning du 1er au 5 février 2016esidocvigan
 
1st Detect Corp - TEDW 2013 - rev 1
1st Detect Corp - TEDW 2013 - rev 11st Detect Corp - TEDW 2013 - rev 1
1st Detect Corp - TEDW 2013 - rev 1jwylde
 
01 propeller tutorial
01 propeller tutorial01 propeller tutorial
01 propeller tutorial7abidin
 
Section 3.2 linear models building linear functions from data
Section 3.2 linear models building linear functions from dataSection 3.2 linear models building linear functions from data
Section 3.2 linear models building linear functions from dataWong Hsiung
 
Top attractions in Doha
Top attractions in DohaTop attractions in Doha
Top attractions in DohaCaleb Falcon
 
Quy trình cắt lẻ nhựa pom tấm bài viết mới
Quy trình cắt lẻ nhựa pom tấm bài viết mớiQuy trình cắt lẻ nhựa pom tấm bài viết mới
Quy trình cắt lẻ nhựa pom tấm bài viết mớiEC Việt Nam
 

Destacado (16)

IMPORTANCE OF CURING IN BUILDING CONSTRUCTION
IMPORTANCE OF CURING IN BUILDING CONSTRUCTIONIMPORTANCE OF CURING IN BUILDING CONSTRUCTION
IMPORTANCE OF CURING IN BUILDING CONSTRUCTION
 
Bringing the Science of the Laboratory to the Crime Scence Poster
Bringing the Science of the Laboratory to the Crime Scence PosterBringing the Science of the Laboratory to the Crime Scence Poster
Bringing the Science of the Laboratory to the Crime Scence Poster
 
Trabajo de nayeli (1)
Trabajo de nayeli (1)Trabajo de nayeli (1)
Trabajo de nayeli (1)
 
NEG Trellis Detail
NEG Trellis DetailNEG Trellis Detail
NEG Trellis Detail
 
#HalosFun - Anatomy of a Tweet Chat
#HalosFun - Anatomy of a Tweet Chat#HalosFun - Anatomy of a Tweet Chat
#HalosFun - Anatomy of a Tweet Chat
 
Jennifer Dionne on Nanotechnology at Stanford
Jennifer Dionne on Nanotechnology at StanfordJennifer Dionne on Nanotechnology at Stanford
Jennifer Dionne on Nanotechnology at Stanford
 
Respuesta a FEUSAM
Respuesta a FEUSAMRespuesta a FEUSAM
Respuesta a FEUSAM
 
Puja Navarathna
Puja NavarathnaPuja Navarathna
Puja Navarathna
 
Letter anonymous-II
Letter anonymous-IILetter anonymous-II
Letter anonymous-II
 
Planning du 1er au 5 février 2016
Planning du 1er au 5 février 2016Planning du 1er au 5 février 2016
Planning du 1er au 5 février 2016
 
1st Detect Corp - TEDW 2013 - rev 1
1st Detect Corp - TEDW 2013 - rev 11st Detect Corp - TEDW 2013 - rev 1
1st Detect Corp - TEDW 2013 - rev 1
 
01 propeller tutorial
01 propeller tutorial01 propeller tutorial
01 propeller tutorial
 
Balok lentur
Balok lenturBalok lentur
Balok lentur
 
Section 3.2 linear models building linear functions from data
Section 3.2 linear models building linear functions from dataSection 3.2 linear models building linear functions from data
Section 3.2 linear models building linear functions from data
 
Top attractions in Doha
Top attractions in DohaTop attractions in Doha
Top attractions in Doha
 
Quy trình cắt lẻ nhựa pom tấm bài viết mới
Quy trình cắt lẻ nhựa pom tấm bài viết mớiQuy trình cắt lẻ nhựa pom tấm bài viết mới
Quy trình cắt lẻ nhựa pom tấm bài viết mới
 

Similar a WI-FI Security in Jersey 2011

Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsAirTight Networks
 
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdfD2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdff2po1
 
Securing UC Borders with Acme Packet
Securing UC Borders with Acme PacketSecuring UC Borders with Acme Packet
Securing UC Borders with Acme PacketAcmePacket
 
DLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés GallegoDLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés GallegoRamsés Gallego
 
So you want to be a wireless hacker
So you want to be a wireless hackerSo you want to be a wireless hacker
So you want to be a wireless hackerCasey Dunham
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentHamilton Turner
 
Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012Infomanjjb
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentestingYunfei Yang
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Vrince Vimal
 
Don zaal a 11.15 11.45 fccu
Don zaal a 11.15 11.45 fccuDon zaal a 11.15 11.45 fccu
Don zaal a 11.15 11.45 fccuwebwinkelvakdag
 
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightMahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightParitosh Sharma
 
IT Security for the Physical Security Professional
IT Security for the Physical Security ProfessionalIT Security for the Physical Security Professional
IT Security for the Physical Security Professionalciso_insights
 
Multicore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data CentersMulticore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data Centersscarisbrick
 
Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?5 Minute Webinars
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?Zoltan Balazs
 
Cyber crimeppt1-samweg1 (1)
Cyber crimeppt1-samweg1 (1)Cyber crimeppt1-samweg1 (1)
Cyber crimeppt1-samweg1 (1)Samwed Jain
 

Similar a WI-FI Security in Jersey 2011 (20)

Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
BYOD and Your Business
BYOD and Your BusinessBYOD and Your Business
BYOD and Your Business
 
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdfD2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
D2T2 - Bye Bye IMSI Catchers - Security Enhancements in 5g - Lin Huang.pdf
 
Securing UC Borders with Acme Packet
Securing UC Borders with Acme PacketSecuring UC Borders with Acme Packet
Securing UC Borders with Acme Packet
 
Mcafee dyntek
Mcafee dyntekMcafee dyntek
Mcafee dyntek
 
DLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés GallegoDLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés Gallego
 
So you want to be a wireless hacker
So you want to be a wireless hackerSo you want to be a wireless hacker
So you want to be a wireless hacker
 
Cybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile EnvironmentCybersecurity Risks In the Mobile Environment
Cybersecurity Risks In the Mobile Environment
 
Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012Cit101 social aspects_and_issues_of_the_internet spring 2012
Cit101 social aspects_and_issues_of_the_internet spring 2012
 
SIT732 7.2P.pptx
SIT732 7.2P.pptxSIT732 7.2P.pptx
SIT732 7.2P.pptx
 
Advanced Wi-Fi pentesting
Advanced Wi-Fi pentestingAdvanced Wi-Fi pentesting
Advanced Wi-Fi pentesting
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture
 
IoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangaloreIoT security zigbee -- Null Meet bangalore
IoT security zigbee -- Null Meet bangalore
 
Don zaal a 11.15 11.45 fccu
Don zaal a 11.15 11.45 fccuDon zaal a 11.15 11.45 fccu
Don zaal a 11.15 11.45 fccu
 
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightMahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
 
IT Security for the Physical Security Professional
IT Security for the Physical Security ProfessionalIT Security for the Physical Security Professional
IT Security for the Physical Security Professional
 
Multicore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data CentersMulticore I/O Processors In Virtual Data Centers
Multicore I/O Processors In Virtual Data Centers
 
Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?Cyber Espionage: Are You Being Hunted?
Cyber Espionage: Are You Being Hunted?
 
IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?IoT security is a nightmare. But what is the real risk?
IoT security is a nightmare. But what is the real risk?
 
Cyber crimeppt1-samweg1 (1)
Cyber crimeppt1-samweg1 (1)Cyber crimeppt1-samweg1 (1)
Cyber crimeppt1-samweg1 (1)
 

Más de Paul Dutot IEng MIET MBCS CITP OSCP CSTM

Más de Paul Dutot IEng MIET MBCS CITP OSCP CSTM (9)

Welcome to the #WannaCry Wine Club
Welcome to the #WannaCry Wine ClubWelcome to the #WannaCry Wine Club
Welcome to the #WannaCry Wine Club
 
Scanning Channel Islands Cyberspace
Scanning Channel Islands Cyberspace Scanning Channel Islands Cyberspace
Scanning Channel Islands Cyberspace
 
Incident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEOIncident Response in the wake of Dear CEO
Incident Response in the wake of Dear CEO
 
Logicalis Security Conference
Logicalis Security ConferenceLogicalis Security Conference
Logicalis Security Conference
 
Exploiting buffer overflows
Exploiting buffer overflowsExploiting buffer overflows
Exploiting buffer overflows
 
Practical Cyber Defense
Practical Cyber DefensePractical Cyber Defense
Practical Cyber Defense
 
A Letter from Anonymous to the Jersey Finance Industry
A Letter from Anonymous to the Jersey Finance IndustryA Letter from Anonymous to the Jersey Finance Industry
A Letter from Anonymous to the Jersey Finance Industry
 
Infosec lecture-final
Infosec lecture-finalInfosec lecture-final
Infosec lecture-final
 
Path to Surfdroid
Path to SurfdroidPath to Surfdroid
Path to Surfdroid
 

Último

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Último (20)

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

WI-FI Security in Jersey 2011

  • 1. WI-FI Security Jersey 2011 Date: 23 March 2011 By: Paul Dutot
  • 2. 2 About Me Work at Air Traffic Engineering Incorporated Engineer Chartered IT Professional Interested in Ethical Hacking Interested in Information Security MCTS / MCSE / Solaris / Security + ‘Pentest with Backtrack’ course Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 3. 3 WI-FI Security Agenda Surveying Equipment Surveying Process & Legal Issues Data Manipulation. WI-FI Encryption types and the risks Recent News : State of WPS Survey Results / Mapping How to be a secure Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 4. 4 WI-FI Security Surveying Equipment GlobalSat ND100 Gps IP65 Weather Dongle Proof Housing with Alfa Networks Card Laptop PSU USB extension Cables Backtrack 5 Kismet Alfa Networks Card in Monitor 300 W 12v to 240v Inverter WI-FI Card in Monitor Mode | GPSD = location information | Kismet = Beacon Frames only !! Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 5. 5 Surveying Process & Legal Issues Computer Misuse (Jersey) Law 1995 We survey passively so therefore we are not connectin to access points Data Protection (Jersey) Law 2005 Registered with Data Protection Law for lecture purposes Regulation of Investigatory Powers (Jersey) Law 2005 Obtained ‘Lawful Authority’ to survey with SoJP and parish connetables. SoJP control room informed when surveying taking place Paul Dutot Les Mouettes, 4 La Rue De Maupertuis IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 6. 6 WI-FI Security Data Manipulation Paul Dutot Les Mouettes,4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 7. 7 WI-FI Security No Encryption : The Risks No specialist knowledge Internet required Unauthorised Bandwidth theft Theft of digital material Identity fraud Authorised MPIA / RIAA letter Download of prohibited material Difficulty : Paul Dutot Les Mouettes, 4 La Rue De Maupertuis , J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 8. 8 WI-FI Security WEP Encryption : The Risks Medium difficulty Internet Unauthorised YouTube videos available No client connection required Same risks as no encryption once bypassed Authorised Good chance of success Difficulty : Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IENG MIET MBCS CITP T: + (0) 7797 741 392 44
  • 9. 9 WI-FI Security WPA Encryption : The Risks Specialist knowledge Internet required Unauthorised Encryption secure with non dictionary word 4 way handshake capture required Authorised Client connection required Low chance of success Difficulty : Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
  • 10. 10 WI-FI Security WI-FI Protected Security - WPS Designed to be an easy method to connect wireless devices Key cryptography = Good 8 digit number +128 bit Nonce Protocol for key validity = Bad / 4 digits / 3 digits + checksum Identified by Stefan Viehbock Routers should go into ‘lockdown’ after 3 invalid attempts but not all do !! Reaver exploitation tool freely available Vulnerability renders WPA / WPA 2 security useless SOLUTION: disable WPS and only enable when adding new devices Paul Dutot Les Mouettes, 4 La Rue De Maupertuis , J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 11. 11 WI-FI Security Survey Results Survey carried out 12-15th December Representative survey of 13,168 access points 13.9 % (1835) = no encryption 19.37% (2551) = WEP 33.27 % (4386) are insecure i.e. WEP or No Encryption 53.9% (7097) are made by Netgear 29.1% (2066) of Netgear routers are insecure Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 12. 12 WI-FI Security Encryption by Type 3539 3301 2550 1835 1790 87 43 13 3 1 2 1 None WPA+AES-CCM Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 13. 13 WI-FI Security Distribution by Channel 1% 2% 0% Channel 0 24% Channel 1 Channel 2 Channel 3 Channel 4 35% Channel 5 Channel 6 Channel 7 2% Channel 8 3% Channel 9 Channel 10 2% Channel 11 2% Channel 12 Channel 13 2% 2% 2% 2% 20% Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 14. 14 WI-FI Security Manufacturer Top Ten 2% 2% 3% 3% Netgear 7097 4% Netgear ThomsonT 729 4% ThomsonT Cisco 700 Cisco ZygateCo 429 4% ZygateCo 3com 390 3com BelkinIn 390 BelkinIn AskeyCom 323 6% AskeyCom ZyxelCom 319 ZyxelCom Tp-LinkT 268 Tp-LinkT Cisco-Li 254 7% Cisco-Li 65% Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 15. 15 WI-FI Security Jersey WI-FI Map Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 16. 16 WI-FI Security Encryption = None Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IENG MIET MBCS CITP T: + (0) 7797 741 392 44
  • 17. 17 WI-FI Security Encryption = WEP Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741 392 44
  • 18. 18 WI-FI Security How to be a secure home user Use WPA2 + AES encryption Internet with non dictionary password Good password on access point management interfaces Disable WI-FI Protected Setup (WPS) Authorised WPA+TKIP then WEP for legacy devices Check your WPA/WPA2 password at http://wpacracker.com Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
  • 19. 19 WI-FI Security How to be a secure small business – Server 2003 Internet SNMP Network Access Control Mixed Environment Implement BYOD Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
  • 20. 20 WI-FI Security How to be a secure business – Server 2008 Use Network Access Protection Not available before Windows Server 2008 Significant infrastructure Difficult to implement BYOD ‘Windows’ only infrastructure Mixed environments use Packet Fence or similar product Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44
  • 21. Secure your router guide and PDF version of survey http://w ww.cyberkryption.com Paul Dutot Les Mouettes, 4 La Rue De Maupertuis, J ersey IEng MIET MBCS CITP T: + (0) 7797 741392 44