SDL Episode39

From Paul's Security Weekly
Jump to: navigation, search

Secure Digital Life #39

Recorded on October 31, 2017 at G-Unit Studios in Rhode Island!

Episode Audio

Coming soon!

Hosts

  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Russell Beauchemin
    Cybersecurity & Network Security Program Advisor and Director of Instructional Support & Learning Innovation at Roger Williams University.
  • What Does WiFi Encryption Actually Mean?

    • How do signals go between your device and WIFI?
    1. RF -- Radio Frequency
    2. All of this is defined in 802.11
    3. Various 802.11 subparts (a-n) use various frequencies in the 2.4 - 5GHz
    4. Frequences can HOP or be static
    5. A WAP is used to listen for connects
    6. You must have a WIFI NIC installed
    • What is an SSID?
    1. Service Set Identifier

    - Talk about SSID Spoofing

    • What is a channel?
    1. These are different sub frequencies which are available to lower interference
    • Does it have a MAC address?
    1. Yep, a layer 2 address is required
    • So, why is there a problem?
    1. The bits are sent "in the clear"
    2. Anyone with a listening device can "snort"/"snarf" the packets using wireshark and airsnort.scmoo.com
    3. Remember, this can be illegal
    4. All these signals can be seen
    5. So, when you connect to a wifi wap that has no encryption, all traffic can be intercepted easily
    • Does this mean my password may be grabbed?
    1. Yes, also any information you are sending and receiving
    • But what about HTTPS?'
    1. Well if the data is encrypted then they will only grab encrypted information.
    • So, what to do?
    1. If the wifi is using encryptionusually a password indicates
    2. Your data in the air is encrypted
    3. Use a VPN on ALL WIFI, all the time
    • How can I tell?
    1. Use the properties on the connection to see if a type of encryption is in use
    • What types of encryption is there?
    1. WEP: Wired Equivalent Privacy
    2. Crackable
    3. Uses NONE, 64, or 128 bit encryption (RC4)
    4. May use a single shared key "bobscoffee"
    • 'WPA2: WIFI Protected Access'
    1. 256 bit shared key
    2. CCMP with AES
    • How does WPA2 work?
    1. Each packet is encrypted with a separate key
    • Can you break the passwords?
    1. Yes, aircrack suite and the SSID can be used to crack it
    • What other security problems exist?
    1. Hole 196 is a man in the middle can be used to usurp your connection and act like you
    • Foreward Secrecy Attack
    1. Get the preshared key
    2. Decrypt all the packets
    • KRACK
    1. Basically you can "learn" the pattern of the keys by "resetting the nonce" until you match the encryption
    2. That will let you learn the full chain of keys
    3. A nonce is a random number used to seed the keys
    • DUHK
    1. This is a flaw in the nonce of some systems where the same seed key is used in the hardware.
    • So, what to do?
    1. USE A VPN!