airsnarf n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Airsnarf PowerPoint Presentation
Download Presentation
Airsnarf

Loading in 2 Seconds...

play fullscreen
1 / 12

Airsnarf - PowerPoint PPT Presentation


  • 615 Views
  • Uploaded on

Airsnarf . Why 802.11b Hotspots Ain’t So Hot. Coming up. Disclaimer Example hotspot setup & weakness Rogue APs Demo of Airsnarf Defense strategies. Disclaimer.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Airsnarf' - Faraday


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
airsnarf

Airsnarf

Why 802.11b Hotspots Ain’t So Hot.

coming up
Coming up...
  • Disclaimer
  • Example hotspot setup & weakness
  • Rogue APs
  • Demo of Airsnarf
  • Defense strategies
disclaimer
Disclaimer
  • This presentation and example software are intended to demonstrate the inherent security flaws in publicly accessible wireless architectures and promote the use of safer authentication mechanisms for public 802.11b hotspots. Viewers and readers are responsible for their own actions and strongly encouraged to behave themselves.
example hotspot setup
Example HotSpot Setup
  • Visit hotspot provider website and create login
  • Visit hotspot with wireless device
  • Power on, associate, get IP, DNS, etc.
  • Open web browser and get redirected
  • Login, backend authentication & billing, welcome to the Internet
slide6

Access Point

Stronger or Closer

Access Point

SSID: “goodguy”

SSID: “badguy”

Wi-Fi Card

SSID:

“ANY”

“goodguy”

“badguy”

rogue aps
Rogue APs?
  • Rogue AP = an unauthorized access point
  • Traditional
    • corporate back-doors
    • corporate espionage
  • Hotspots
    • DoS
    • theft of user credentials
    • AP “cloning”
hotspot rogue ap mechanics
Hotspot Rogue AP Mechanics
  • “Create a competing hotspot.”
  • AP can be actual AP or HostAP
  • Create or modify captive portal behind AP
  • Redirect users to “splash” page
  • DoS or theft of user credentials
  • Bold attacker will visit ground zero.
  • Not-so-bold will drive-by with an amp.
airsnarf1
Airsnarf
  • Nothing special
  • Simplifies HostAP, httpd, dhcpd, Net::DNS, and iptables setup
  • Simple example rogue AP
  • Demonstration
defense strategies
Defense Strategies
  • Local AP awareness
  • Customer education
  • One-time authentication mechanisms
  • Don’t charge for hotspot access?
links
Links
  • Airsnarf - http://airsnarf.shmoo.com
  • HostAP - http://hostap.epitest.fi/
  • Red Hat Kernel w/ HostAP - http://www.cat.pdx.edu/~baera/redhat_hostap/
  • Looking for hotspots? - http://www.hotspotlist.com/
  • Other “wireless portal software” - http://www.personaltelco.net/index.cgi/PortalSoftware