Beholder WIDS Tool

Presented at THOTCON 0x1 (2010), April 23, 2010, 4:25 p.m. (25 minutes)

Although it's not something new, network administrators are still facing old problems. One of these problems is to be able to detect rogue and/or fake access points in their networks and surroundings.The solutions available are mostly commercial and/ or proprietary, but still no open-source tool. Now there is: Beholder. The talk will include a brief introduction on the general state of the commercial WIDS and will be mostly focused on the Beholder project. Beholder is an C language opensource tool available (for now) for linux platforms, it can be used for whatever 802.11 technology the nic card supports and it isn't driver dependent, run in all available linux wifi driver.

Presenters:

• Nelson Murilo
  Nelson Murilo has been a Network Security Analyst since 1992. He is the author of two network security books in Portuguese and a regular contributor of Brazilian Computer Emergency Response Team published papers (security guides and technical papers). Nelson is the author and co-author of open source security tools like chkrootkit and Btsearch. Regular speaker in Brazil and international conferences and is one of the organizers of a Brazilian security conference YSTS (you sh0t the sheriff).

Links:

• https://www.thotcon.org/archive/speakers-0x1.html#nelson
• https://www.thotcon.org/archive/0x1presos/10b_THOTCON_0x1-WifiMashupPart2-Murillo.pdf

Similar Presentations:

• Hackers On Planet Earth (1994) / Linux
• DEF CON 16 (2008) / Beholder: New WiFi Monitor Tool
• DerbyCon 7.0 Legacy (2017) / Love is in the Air - DFIR and IDS for WiFi Networks