DEFCON 17: Wi-Fish Finder: Who Will Bite the Bait
Speakers:
MD Sohail Ahmad Senior Wireless Security Researcher, AirTight Networks
Prabhash Dhyani Wireless Security Researcher
Threat of Evil Twin and Honeypots lurking at office parking lots and public hotspots are well known yet awareness level among WiFi users about exposure to such threats remains quite low. Security conscious WiFi users and IT administrators too don't have any simple tools to assess security posture of WiFi clients active in their airspace.
Wi-Fish Finder is a tool for assessing whether WiFi devices active in the air are vulnerable to "phishing" attacks. Assessment is performed through a combination of passive traffic sniffing and active probing techniques. Most WiFi clients keep a memory of networks (SSIDs) they have connected to in the past. Wi-Fish Finder first builds a list of probed networks and then using a set of clever techniques also determines security setting of each probed network. A client is a fishing target if it is actively seeking to connect to an OPEN or a WEP network. Clients only willing to connect to WPA or WPA2 networks are not completely safe either! To find out why , come and attend this talk and witness some live action. There is 50% chance that your laptop will bite the bait!
For more information visit: http://bit.ly/defcon17_information
To download the video visit: http://bit.ly/defcon17_videos
Slide https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-md_sohail_ahmad-wi-fish.pdf
Lưu trữ tại đây
MD Sohail Ahmad Senior Wireless Security Researcher, AirTight Networks
Prabhash Dhyani Wireless Security Researcher
Threat of Evil Twin and Honeypots lurking at office parking lots and public hotspots are well known yet awareness level among WiFi users about exposure to such threats remains quite low. Security conscious WiFi users and IT administrators too don't have any simple tools to assess security posture of WiFi clients active in their airspace.
Wi-Fish Finder is a tool for assessing whether WiFi devices active in the air are vulnerable to "phishing" attacks. Assessment is performed through a combination of passive traffic sniffing and active probing techniques. Most WiFi clients keep a memory of networks (SSIDs) they have connected to in the past. Wi-Fish Finder first builds a list of probed networks and then using a set of clever techniques also determines security setting of each probed network. A client is a fishing target if it is actively seeking to connect to an OPEN or a WEP network. Clients only willing to connect to WPA or WPA2 networks are not completely safe either! To find out why , come and attend this talk and witness some live action. There is 50% chance that your laptop will bite the bait!
For more information visit: http://bit.ly/defcon17_information
To download the video visit: http://bit.ly/defcon17_videos
Slide https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-md_sohail_ahmad-wi-fish.pdf
Lưu trữ tại đây
Comments
Post a Comment