Monday, August 23, 2010

Do u think you are really secured ? part 1

Hai people. This time am going little geeky. Nothing but useful materials. I used to spend a lot of time investigating on these stuffs. Just for the sake interest..okay. Lets cut the bate.

Hotspots are very popular and widely available in all places. And most of us do make use of it while we are on move. And no one is really concerned about the potential vulnerability of these facilities. Ofcourse its very convinient and handy to make use of internet access from each and every nuke and corner of the world. But do u think that you are secured your datas and passwords all never been gonna loose.? If your answer is yes please read on. U might wanna reconsider your answer.

What is wifi?

def: A Wireless Local Area Network (WLAN) links two or more devices using some wireless distribution method (typically spread-spectrum or OFDM radio), and usually providing a connection through an access point to the wider internet. This gives users the mobility to move around within a local coverage area and still be connected to the network.

 blah blah blah...cut it.

This Wireless Distribution System is a system that enables the wireless interconnection of access points in an IEEE 802.11 network. Which is nothing but the so called protocol. For noobs : a set of rules and regulations or standards.

Here plays 2 cases. case 1: Most of the hotspots are open and does not use any encryption standards and keys to secure its authentication. Case 2: on the other side if it is a secrued it will have to use a encryption standard and key, which is probably not applicable in the case of hotspots. That means in both cases the data is transmitted through air. But in the open hotspots any one can capture these radio signals and read it. In the second case, even though anyone can capture it. They wont be able to read this without encryption key.

Now let me introduce an Application that has been used as a tools for professionals who deal with the deployment, maintenance, and security of WLANs.WireShark is free software that sniffs packets on wireless networks. Learn tips on configuring and using this tool when analyzing and troubleshooting 802.11 wireless networks. - Its the defenition given by the developers. Wireshark, a powerful wireless packet sniffer, network monitor, and protocol analyzer designed for WLAN administrators, security professionals, network programmers. Its a wonderful tool if we look at the good side. And ofcourse who cares.. "hot sushi" for like minded people ;)

Fortunately,Wireshark has sophisticated wireless protocol analysis support to help administrators troubleshoot wireless networks.With the appropriate driver support, Wireshark can capture traffic “from the air” and decode it into a format that helps administrators track down issues that are causing poor performance, intermittent connectivity, and other common problems. Possibly there is always a big chance to replace the term administrator by some one else. Remember this is a free tool. Any one can use it.

Using Wireshark’s display filtering and protocol decoders, you can easily sift through large amounts of wireless traffic to identify security vulnerabilities in the wireless network, including weak encryption or authentication mechanisms, and information disclosure risks. Yes, your commonly using email services like Gmail, yahoo, hotmail etc uses standard encryption and tranfer methods like GET and POST. You what what i mean by standard? "its already defined" every one knows it..

Let me give an over all idea how to do it.

1. Identifying open channel and selecting one.

Today most AP uses multiple channels. Even if two wireless users are sitting side-by-side, their computers may be operating on different wireless channels. If the attacke aim a particular user. he have to find which channel the victim is using. BIG TASK :) but not necesserly for random trap.

2. Set the filers up .

This is a techinque that is dont to reduce the junk of data that is being trapped while sniffing. The attacker can filter whathe need ny making using a varity of paramaters like Protocol, Port address, IP , mac etc.

3. Start snifing :)

The packet capture will display the details of each packet as they were transmitted over the wireless LAN. This is a screenshot of a sample packet capture window. The top panel of the window identifies each packet’s source and destination nodes, protocol implemented, and information about each packet. You can select a specific packet to display more details. The one selected in Figure 1, packet 3, is an 802.11 beacon frame. The middle panel displays information about this packet, and you can choose a specific field of the packet (such as Duration field shown in the figure), and the contents of that field are displayed in hex and ASCII format in the bottom panel. As a result, you’re able to analyze the flow and view each field (including data field payloads) of all packets.

In short with the help of HTTP filter in wireshark can capture any web data that is being transmitted over air. :) including your username and password, credit card numbers, etc. :P

1 comment:

Anonymous said...

I am reading this post and after will watch The Dark Knight
Thanks for this post Thanks
I have some movies with Christian Bale - Terminator Salvation and I'm Not There best actor )
Does some else agree with me?

You might like this.

Related Posts Plugin for WordPress, Blogger...

My Blog List