Shifting the Focus of WiFi Security: Beyond Cracking your neighbor's WEP key

Presented at DEF CON 16 (2008), Aug. 9, 2008, 11 a.m. (50 minutes)

In this talk we will discuss the paradigm shift of WiFi attacks away from the Access Points and focusing toward the clients. We will cover in depth how simple tricks such as HoneyPot Access Points or even hotspotter simply are not enough anymore and more flexible and powerful methods are being developed and used. The older, dated technologies built into Access Points for ensuring network security have failed the test of time paving way for new overlay security vendors to begin selling "Wireless Intrusion Detection and Prevention Systems" to fill the gap left by the Access Point manufacturers and the ieee802.11 committee. We will explore a variety of feature of these devices, and see what claims stack up and which ones do not. Finally, we will explore a new frontier for WiFi networks, licensed frequencies. Many vendors currently ship ieee 802.11 compliant devices that operate on non-public bands. We will explore what types of things you can find with some simple driver modifications and why the current generation of tools needs to improve to play by these new rules. If you want to learn about what wireless hacking will look like in the coming year, instead of just cracking wep, you can't afford to miss this talk.

Presenters:

  • Rick Farina / Zero_Chaos as Rick Farina "Zero_Chaos"
    Rick Farina is a member of the aircrack-ng team and has been working with wireless security for 8 years. In the past Rick has been involved in low-level network hacking such as ettercap and generally enjoys hanging out at layer 2.
  • Thomas d'Otreppe de Bouvette "Mister_X"
    Thomas d'Otreppe is the creator of Aircrack-ng and also designed the WiFu course (Offensive-security) with Mati Aharoni.

Links:

Similar Presentations: