1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
-
Upload
emory-dixon -
Category
Documents
-
view
221 -
download
0
Transcript of 1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
1C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Computer Security
2C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
• This presentation is intended to inform the audience about the dangers associated with a computer network devices and it is not a demonstration of any Hacking .
3C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Demos
• Wireless Security
• Web Security
4C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
INDEX
• Introduction
• A Step-by-Step process of Wireless Communications
• Prevent Your Network from Getting Hacked
5C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
INTRODUCTION
6C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Wireless Internet• It is internet access without the use of wires.
• Instead it uses radio frequency bands to exchange information between your computer and the Internet within a range .
7C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Types of Wireless Security
8C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Types of Security• OPEN : No security configured
– Obviously not advised
– Data is in the air in plain text and anyone can read it
• WEP : Wired Equivalent privacy – Very week and not recommended
– Used in Open and Shared-Key Authentication
9C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Types of Security…
• WPA: Wi-Fi Protected Access – Much better than WEP– Pre shared Key concept used– Encryption Algorithm used TKIP– Easy to setup, as easy as WEP– Available in all the common wi-fi routers– A must for all home users– Will take a long time to break in
10C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Types of Security…
• WPA2: Advance Wi-Fi Protected Access – Better than WPA– Used AES as Encryption System– Takes little more pain to setup– Advised in corporate environments– Strong encryption and authentication support
11C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Wireless Security Standards
12C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Description of WEP ProtocolWEP relies on a shared secret key (40 bit/128 bit) which is shared between the sender (client) and the receiver (Access Point).
Secret Key - to encrypt packets before they are transmitted
Integrity Check - to ensure packets are not modified in transit.
The standard does not discuss how shared key is established. In practice, most installations use a single key which is shared between all mobile stations and access points.
12
13C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
How to configure WPA• Open the configuration of your wi-fi device• Go to wireless setting• Under security option, select any one
– WPA– WPA-PSK– WPA-Personal– WPA2-Personal
• Set a complex password• Change the login password of the wireless router.• Done
14C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Look for this
15C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
A Step-by-Step process of Wireless Communication
16C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
A little info…
• For Connecting with a AP user render data segment called Beacon frames.
• After connected with AP the data segment is called Packet.
17C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
More info…
• Depending on how long the computer is connected, it can generate a certain number of packets per day.
• The more users that are connected to one access point, the more packets are generated.
18C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
First…• You must locate the wireless signal
• This can be done by using your default Windows tool “View Available Wireless Network”
19C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Second…
• Once you located a wireless network you can connect to it unless it is using authentication or encryption.
• If it is using authentication or encryption then for the next step a Cracking tool can be use for WEP keys.
20C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
• Once enough packets recovered it will then captured information gathered from the packets and crack the key giving you access.
Third….
21C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Prevent Your Network from Getting Hacked
22C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Prevent Your Network from Getting Hacked
• Don’t broadcast your SSID . This is usually done during the setup of your wireless router.
• Change the default router login to something else. • If your equipment supports it, use WPA or WPA 2
because it offers better encryption which is still able to be broken but much harder.
• Always check for updates to your router.• Turn off your router or access point when not using it.
23C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Security Advised
• Change the router login password frequently– At least once a month
• Change the wireless WPA password also– At least once a month
• Avoid temptation to connect to open wireless just looking for free internet.
24C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Security Advised..
• We can configure DHCP more tightly.– Lets not keep an open pool where any one can
connect– Example
– I have 3 machines in my home (desktop/laptop/phone)
– I’ll create a IP pool of 3 IPs only
– I’ll do DHCP reservation using the MAC of these 3 IP
– Effectively I’m not allowing any outsider machine to connect
25C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Security Advised..
• We can configure MAC binding.– Allow only MY machines to connect– Many access points support MAC binding– Any other machine will not be able to connect to
my Wi-Fi
26C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Web Security
27C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
MethodsMan-in-the-Middle Attacks
Stealing Passwords
Trojan Horses
Exploiting Defaults
Wireless Attacks
28C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Man-in-the-middle(MITM) Attack
MAC(Media Access Control) duplication ARP (Address Resolution Protocol) poisoning Router table poisoning Fake routing tables
29C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Conclusion
• There is no such thing as 100% percent security when using wireless networks but at least with these few simple steps you can make it harder for the average person to break into your network.
30C-DAC/Kolkata C-DAC All Rights Reserved
ww
w.cdackolkata.in
Thank You