Wireless detective wlan 802 11a b g n interception system
Download
1 / 46

Wireless-Detective WLAN 802.11a/b/g/n Interception System - PowerPoint PPT Presentation


  • 169 Views
  • Uploaded on

Wireless-Detective WLAN 802.11a/b/g/n Interception System. Decision Group www.edecision4u.com. Introduction to Wireless-Detective System. WLAN IEEE 802.11a/b/g/n Interception and Forensics Analysis System. Scan all WLAN 802.11a/b/g/ n 2.4 and 5.0 GHz channels for Access Points and STAs.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Wireless-Detective WLAN 802.11a/b/g/n Interception System' - zarola


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Wireless detective wlan 802 11a b g n interception system

Wireless-DetectiveWLAN 802.11a/b/g/n Interception System

Decision Group

www.edecision4u.com


Introduction to wireless detective system
Introduction to Wireless-Detective System

WLAN IEEE 802.11a/b/g/n Interception and Forensics Analysis System

  • Scan all WLAN 802.11a/b/g/n2.4 and 5.0 GHz channels for Access Points and STAs.

  • Captures/sniffs WLAN 802.11a/b/g/n packets.

  • Real-time decryption of WEP key (WPA Optional Module)

  • Real-time decoding and reconstruction of WLAN packets

  • Stores data in raw and reconstructed content

  • Displays reconstructed content in Web GUI

  • Hashed export and backup

The Smallest, Mobile, Portable and most Complete WLAN

Lawful Interception System

in the World!

All in One System!

Important Toolfor Intelligent Agencies such as Police, Military, Forensics, Legal and Lawful Interception Agencies.

Notes: Pictures and logo are property of designated source or manufacturer


Wireless detective implementation diagram 1
Wireless-Detective – Implementation Diagram (1)

Wireless-Detective Standalone System - Captures WLAN packets transmitted over the air ranging up to 100 meters or more (by using enhanced system with High Gain Antenna)

WLAN Lawful Interception –Standalone Architecture

Wireless-Detective Deployment

(Capture a single channel, a single AP or a single STA)


Wireless detective implementation diagram 2
Wireless-Detective – Implementation Diagram (2)

Wireless-Detective Distributed – Extreme Implementation

Utilizing multiple/distributed Wireless-Detective systems (Master – Slave) to conduct simultaneous capture, forbidding and location estimation functions.

WLAN Lawful Interception Distributed Architecture Wireless-Detective Deployment

(Utilizing min. of 2 systems for simultaneous (Master & Slaves) capturing/forbidding functions.

Capture a single channel, a single AP or a single STA)

Notes: For capturing multiple channels, each Wireless-Detective (WD) can reconfigure/act as standalone system. For example: Deploy 4 WD systems with each capturing on one single channel.


Wireless detective ap info capture mode 1
Wireless-Detective – AP Info – Capture Mode (1)

Displaying information of Wireless Devices (AP) in surrounding area.

Obtainable Information:

MAC of Wireless AP/Router, Channel, Mbps, Key, Signal Strength, Beacons, Packets, SSID, Number of Stations Connected.


Wireless detective sta info capture mode 2
Wireless-Detective – STA Info – Capture Mode (2)

Displaying information of Wireless Devices (STA) in surrounding area.

Obtainable Information:

Client MAC Address, Signal Strength, Packets, AP MAC Address, Key (Encrypted or Unencrypted), SSID.


Wireless detective forbidder mode
Wireless-Detective – Forbidder Mode

  • WLAN Jammer/Forbidder Implementation in Wireless-Detective system:

  • Forbid connectivity of STA

  • Forbid connectivity of AP


Wireless detective ap sta info forbidder mode
Wireless-Detective – AP/STA Info – Forbidder Mode

Forbid AP (stop any STA from connecting to the AP) or Forbid STA (stop the

STA from connecting to any AP).


Cracking decryption of wep wpa key 1
Cracking/Decryption of WEP/WPA Key (1)

WEP Key Cracking/Decryption can be done by Wireless-Detective System!

Auto Cracking (System Default)or Manual Cracking

  • WEP Key Cracking/Decryption:-- (64, 128, 256 bit key)

  • Active Crack – By utilizing ARP packet injection (possibly 5-20 minutes)

  • Passive Crack – Silently collect Wireless LAN packets

  • 64-bit key – 10 HEX (100-300MB raw data/100K-300K IVs collected)

  • 128-bit key – 26 HEX (150-500MB raw data/150K-500K IVs collected)

  • 2) WPA-PSK Key Cracking/Decryption:-- (Optional Module Available)

  • WPA-PSK cracking is an optional module. By using external server with

  • Smart Password List and GPU Acceleration Technology, WPA-PSK key

  • can be recovered/cracked.

  • Notes:

  • The time taken to decrypt the WEP key by passive mode depends on amount network activity.

  • The time to crack WPA-PSK key depends on the length and complexity of the key. Besides, it is

  • compulsory to have the WPA-PSK handshakes packets captured.


Wireless detective wlan 802 11a b g n interception system

Automatic: System auto crack/decrypt WEP key (default)Manual: Capture raw data and crack/decrypt WEP key manually

Automatic Cracking

Key Obtained


Wireless detective wlan 802 11a b g n interception system

Automatic: System auto crack/decrypt WEP key (default)Manual: Capture raw data and crack/decrypt WEP key manually

Cracking Manually


Wireless detective wlan 802 11a b g n interception system

WEP Key Cracked!

Select wireless network manually for cracking. If raw data contains enough IVs, WEP key can be cracked almost instantly.


Wireless detective wpa psk cracking sol 1
Wireless-Detective – WPA-PSK Cracking Sol. (1)

WPA-PSK Cracking Solution

WPA Handshake packets need to be captured for cracking WPA key.

Utilize Single Server or Distributed Servers (multiple smart password list attack simultaneously) to crack WPA key.

Acceleration technology: GPU Acceleration

Note: WPA handshakes packet can be captured by Standalone Wireless-Detective system or Distributed Wireless-Detective systems.


Wireless detective wpa psk cracking sol 2
Wireless-Detective – WPA-PSK Cracking Sol. (2)

WPA/WPA2-PSK cracking module is optional (dedicated server).

Application: Utilizing Password List attack and GPU technology (Graphic Card Processors) to recover or crack the WPA/WPA2-PSK Key.

Supported WPA: WPA-PSK (TKIP) and WPA2-PSK (AES).

Speed: up to 30 times faster than normal CPU.

GPU supported: NVIDIA and ATI

Notes: Pictures and logo are property of designated source or manufacturer


Internet protocols supported

Email

Webmail

HTTP

(Link, Content,

Reconstruct,

Upload

Download)

IM/Chat

(Yahoo,

MSN, ICQ,

QQ, IRC,

Google Talk

Etc.)

File Transfer

FTP, P2P

Others

Online Games

Telnet etc.

Internet Protocols Supported


Reconstruction sample email pop3
Reconstruction – Sample Email – POP3

Date/Time, From, To, CC, Subject, Account, Password


Reconstruction sample email smtp
Reconstruction – Sample Email – SMTP

Date/Time, From, To, CC, BCC, Subject, Size


Reconstruction sample email imap
Reconstruction – Sample Email – IMAP

Date/Time, From, To, CC, Subject, Account, Password


Reconstruction sample web mail read
Reconstruction – Sample Web Mail (Read)

Date/Time, Content, Web Mail Type


Reconstruction sample web mail sent
Reconstruction – Sample Web Mail (Sent)

Date/Time, Form, To, CC, BCC, Subject, Webmail Type


Reconstruction sample im chat msn
Reconstruction – Sample IM/Chat – MSN

Date/Time, User Handle, Participant, Conversation, Count

Including Text Chat Messages, File Transfer and Webcam sessions reconstruction and playback.

Supports Client and Web MSN.


Reconstruction sample im chat yahoo
Reconstruction – Sample IM/Chat – Yahoo

Date/Time, Screen Name, Participant, Conversation, Count

Including Text Chat Messages, File Transfer, VOIP and Webcam sessions reconstruction and playback

Supports Client and Web Yahoo.


Reconstruction sample im chat skype log
Reconstruction – Sample IM/Chat – Skype Log

Date/Time, Screen Name, Participant, Conversation, Count

Skype Text, VoIP and Webcam sessions are encrypted.

However, Skype VoIP Call duration log can be obtained and source & destination IP can be obtained.


Reconstruction sample file transfer ftp
Reconstruction – Sample File Transfer - FTP

Date/Time, Account, Password, Action, FTP Server IP, File Name


Reconstruction sample peer to peer p2p
Reconstruction – Sample Peer to Peer – P2P

Date/Time, Tool, File Name, Last Activated, Send/Receive Throughput, Details

Including Action (Download/Upload), Peer IP, Port, Peer Port & Throughput





Reconstruction sample http upload download
Reconstruction – Sample HTTP – Upload/Download

Date/Time, Action, File Name, HTTP Download/Upload URL, Size


Reconstruction sample http video streaming
Reconstruction – Sample HTTP – Video Streaming

Date/Time, Host, File Name, HTTP Content, File Size

Play back reconstructed FLV video file


Reconstruction sample telnet
Reconstruction – Sample Telnet

Date/Time, Account, Password, Server IP, File Name

Support play back of Telnet sessions




Data search conditions free text search
Data Search – Conditions & Free Text Search

Search by Parameters/Conditions (Date-Time, IP, MAC, Account, Subject etc.)

Free Text Search –

Search by Key Words (Supports Boolean Search)


Data export backup reconstructed data
Data Export – Backup Reconstructed Data

Backup the reconstructed content (various application) to ISO file report format.


Data backup captured raw data backup
Data Backup – Captured Raw Data Backup

Backup captured raw data (known) and raw data (unknown – unclassified).

Export to external PC or backup through CD/DVD Burner.


Conditional alert alert through email
Conditional Alert – Alert through Email

Alert Administrator by Parameters/Conditions


Online ip list ip information
Online IP List – IP Information

Status, IP, PC Name, Last Seen Time, ISP, Categorized Group


Location estimation wireless equipment locator
Location Estimation - Wireless Equipment Locator

Utilizes Wireless Sensors and Triangulation Calculation/Training methodology to estimate

the location of the targeted wireless devices (AP or STA). [Plane Regression]

1 WD as Master system + min. 3 WD as Slave systems (sensors)

Allow finding of approximate location of targeted wireless device in X-Y plane.

Estimation error depending on surrounding environment (ex: blockage etc.). Normally a few meters.

Decision Computer Group


Exporting raw data captured for further analysis 1
Exporting Raw Data Captured for Further Analysis (1)

Raw data captured can be hashed exported out from WD system for further analysis.

Known Raw Data

Raw data that can be classified and reconstructed.

Unknown Raw Data

Raw data that cannot be classified and reconstructed.


Exporting raw data captured for further analysis 2
Exporting Raw Data Captured for Further Analysis (2)

Analyze the raw data files using packet analyzer tool such as Packet Browser, Wireshark and Ethereal etc.


Exporting raw data captured for further analysis 3
Exporting Raw Data Captured for Further Analysis (3)

Analyze the raw data files using packet analyzer tool such as Packet Browser, Wireshark and Ethereal etc.


Exporting raw data captured for further analysis 4
Exporting Raw Data Captured for Further Analysis (4)

Analyze the raw data files by using offline parsing and reconstruction tool, EDDC (product of Decision Computer Group)


Wireless detective unique advantages benefits
Wireless-Detective – Unique Advantages/Benefits

  • Smallest, portable, mobile and light weight WLAN legal interception system. This allows easy tracking and capturing of suspect’s Internet activities especially suspect moves from one place to another. Suspect won’t notice WD existence as it looks like normal laptop.

  • Detectsunauthorized WLAN access/intruders (IDS).

  • Providesdetailed information of AP, Wireless Routers and Wireless Stations (such as channel, Mbps, security (encryption), IP, signal strength, manufacturer, MAC)

  • Provides capturing of WLAN packets from single channel, AP, STA or multiple channels by deploying distributed/multiple systems. That also means flexibility and scalability of deployment solution.

  • Provides decryption of Wireless key, WEP key (WPA cracking is optional module)

  • Providesdecoding and reconstruction of different Internet services/protocols on the fly, reconstructed data is displayed in original content format on local system Web GUI.

  • Supports reserving of raw data captured (for further analysis if required) and archiving of reconstructed at with hashed export functions.

  • Supportscondition/parameter search and free text search.

  • Supportsalert by condition/parameter.

  • Provides Wireless forbidding/jamming function

  • Provides Wireless Equipment Locator function.

  • The All-in-One Mobile WLAN Interception System


References implementation sites and customers
References – Implementation Sites and Customers

  • Criminal Investigation Bureau

  • The Bureau of Investigation Ministry of Justice

  • National Security Agency (Bureau) in various countries

  • Intelligence Agency in various countries

  • Ministry of Defense in various countries

  • Counter/Anti Terrorism Department

  • National Police, Royal Police in various countries

  • Government Ministries in various countries

  • Federal Investigation Bureau in various countries

  • Telco/Internet Service Provider in various countries

  • Banking and Finance organizations in various countries

  • Others

    Notes: Due to confidentiality of this information, the exact name and countries of the various organizations cannot be revealed.


Wireless detective wlan 802 11a b g n interception system

Thank You !

Decision Group

decision@decision.com.tw

www.edecision4u.com