CEH.V6.-.Module.20.Hacking.Wireless.Networks

CEH.V6.Module.20.Hacking.Wireless.Networks

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Next, scroll down to the {4D36E972-E325-11CE-BFC1-08002bE10318} folder and expand it This folder contains the Windows XP Registry information regarding network adapters installed on your system Scroll through each folder until you find your wireless network adapter EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Manually Changing the MAC Address in Windows XP and 2000 (cont’d) EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Manually Changing the MAC Address in Windows XP and 2000 (cont’d) Choose Edit>>New >>String Value This creates a new REG_SZ string and prompts for a value. Type NetworkAddress Right-click the NetworkAddress key that was just created and choose Modify Enter the new MAC address you want to use in the Value Data field and click OK dd fi The new MAC address is assigned as the system starts. Verify this by typing ipconfig /all ipconfig /all EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Tool to Detect MAC Address Spoofing: Spoofing: Wellenreiter Wellenreiter is a wireless network discovery and auditing tool It can discover networks (BSS/IBSS) and detect ESSID broadcasting or nonbroadcasting networks and their WEP WEP capabilities and the manufacturer automatically It also identifies traffic that is using a spoofed MAC address without relying on the MAC OUI information information Source: http://www.wellenreiter.net/ EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Tool to Detect MAC Address Spoofing: Spoofing: Wellenreiter (cont’d) DHCP and ARP traffic is decoded and displayed to give further information about the networks An WireShark/tcpdump-compatible dumpfile and an application savefile are automatically created Using a supported GPS device and the gpsd location of the discovered networks can be tracked EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Man-in-the-Middle Attack (MITM) Two types of MITM: Eavesdropping Manipulating • Eavesdropping: • Happens when an attacker receives a data communication stream • Not using security mechanisms such as Ipsec, SSH, or SSL makes data vulnerable to an unauthorized use user • Manipulation: • An extended step of eavesdropping • Can be done by ARP ARP poisoning EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Denial-of-Service Attacks Wireless Wireless LANs are susceptible to the same protocol-based attacks that plague wired LANs WLANs send information via radio waves on public frequencies, making them susceptible to inadvertent or deliberate interference from traffic using the same radio band Types of DoS attacks: • Physical Layer • Data-Link Layer • Network Layer EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited DoS Attack Tool: Fatajack Fatajack is a modified WLAN Jack that sends a deauth instead of an auth This tool highlights poor AP security and works by sending authentication requests to an AP with an inappropriate authentication algorithm and s...
View Full Document

This note was uploaded on 02/12/2013 for the course CEH v6 taught by Professor John during the Summer '13 term at West Point.

Ask a homework question - tutors are online