Wireless - fontysvenlo.org
Download
Report
Transcript Wireless - fontysvenlo.org
Wireless & password security
Mark Theeuwes
Wireless basics
2
Wireless basics
Radio waves
3
Wireless basics
Channels 2,4 GHz (802.11 B/G/N)
4
Wireless basics
Channels 5GHz (802.11 A/N)
5
Wireless basics
Reflection
Refraction
Absorbtion
Scattering
6
Wireless basics
Omnidirectional antenna
7
Wireless basics
Other Antenna’s
8
Wireless basics
WLAN Cell
9
Wireless basics
Range
10
Wireless basics
Roaming
11
Wireless basics
Roaming
12
Wireless basics
Cells
13
Wireless basics
Honey cone
14
Wireless basics
Building
15
Wireless basics
Autonomous Accespoint
16
CiscoWireless
LWAP
17
Cisco Wireless
WLAN controllers
CISCO AIRONET 1200
I WIRELESS ACCESS POINT
I WIRELESS ACCESS POINT
LAN
CISCO AIRONET 1200
LWAP
RADIUS
CISCO AIRONET 1200
Firewalls
I WIRELESS ACCESS POINT
CISCO AIRONET 1200
I WIRELESS ACCESS POINT
LDAP
CISCO AIRONET 1200
I WIRELESS ACCESS POINT
CISCO AIRONET 1200
I WIRELESS ACCESS POINT
4) Cisco Secure ACS
servers
WEP128
5) ADS Domain Controllers
AES
Printers with wireless
workgroup bridge
Notebook
Wireless
workstations
18
Wireless
19
Wireless basics
Association
20
Wireless basics
Security options
21
Wireless attacks
22
Wireless attacks
23
WEP cracking
24
WPA2 cracking
25
Passwords
26
Strong passwords
27
Passwords
password
2Mypassword
2MyPa$$w0rd!
1Ef$aŎX9s2!#
28
Password policy considerations
What is too simple ?
Password age ?
Password length ?
29
Passwords
30
Strong passwords
31
Myspace attack 2006 (34.000 passwords)
32
Myspace attack 2006
33
Most common passwords (America)
password1,
abc123, myspace1,
password, blink182, qwerty1,
fuckyou, 123abc, baseball1,
football1, 123456, soccer,
monkey1, liverpool1, princess1,
jordan23, slipknot1, superman1,
iloveyou1, monkey
34
Password hashes
35
Password hashes
36
Password hacking
37
Password guessing
The word "password"
The same as the user name
Name of the user
Birthdays or birth places
Relatives
Pets
Favorite colors, foods, places, etc.
38
Dictionary attacks
39
Brute force
40
Rainbow tables
NTLM hashes
41
Password database Fontys Venlo (10 years ago)
42
Future ?
43
Security is a trade off
44
Questions
45
46