Description
Wireless LANs are now widely deployed and have often introduced an explosion of security issues and unique vulnerabilities. Despite nowadays security means, it still appears a lot of available wireless networks not being properly secured. This dojo training will bring you up to date with most advanced Wi-Fi security technologies, providing detailed, up to date, in-depth knowledge. Mixing both lecture and hands-on, it offers a practical approach of Wi-Fi security, learning and practising security assessment and deployment for wireless networks. At the end of this course, you will be able to integrate secure wireless environments in your existing infrastructure and assess Wi-Fi networks security.
Topics
Quick Wi-Fi basics wrapup
Assessing Wi-Fi networks security
Wi-Fi networks enumeration technics and tools
Security features analysis
Weaknesses
Intrinsic weaknesses, basic tricks
WEP cracking fundamentals and technics
Applied malicious traffic injection
Targeting Wi-Fi clients
Wireless networks pentesting methodology
Building secure Wi-Fi networks
Wi-Fi security features
802.1x authentication
Wi-Fi Protected Access
IEEE 802.11i/WPA2
Wi-Fi Protected Setup
Wi-Fi network integration w/ network architectures
Roadmap and key points
Network security experience (Ethernet, TCP/IP)
802.11 experience will help
Understanding Python programming would be a bonus
Prerequisite material Practical exercices will require Backtrack v2 Stable Release live CDROM[1]. Therefore, each student must bring his own laptop running this live distribution properly[2] and be equipped with an injection capable wireless adapter[3] (Atheros based adapter strongly advised).
[1] http://www.remote-exploit.org/backtrack.html
[2] http://backtrack.offensive-security.com/index.php?title=HCL:Laptops
[3] http://backtrack.offensive-security.com/index.php?title=HCL:Wireless
This one day course will bring you up to date with most advanced Wi-Fi security technologies, far beyond what you could expect from a Wi-Fi security 101 or workshop, providing detailed, up to date, in-depth informations and technics. Mixing both lecture and hands-on, it offers a practical approach of Wi-Fi (in)security, learning and practicing very latest Wi-Fi exploitation and penetration technics, as well as state of the art protection protocols and best practices for secure wireless networks deployement.
Topics
Wi-Fi insecurity
802.11 intrinsec weaknesses and basic tricks
WEP cracking fundamentals and technics (inc. fragmentation attack)
Applied malicious traffic injection
Pentesting a Wi-Fi network
Wi-Fi security
802.1x authentication
Wi-Fi Protected Access
IEEE 802.11i/WPA2
Wi-Fi Protected Setup
Secure 802.11 features and network architectures
Prerequisites
Ethernet and TCP/IP
802.11 network experience
Prerequisite material
Each student must bring his own laptop running his own Backtrack v1.0 Final CDROM with wireless traffic raw injection compatible adapter (Atheros based adapter strongly recommanded).
Instructor: Cédric Blancher
Cédric Blancher has spent the last 7 years working in netwo security field, performing audits and penetration tests. In 2004, he joined EADS Innovation Works and now runs the Computer Security Research Lab in Suresnes, France. His research focuses on network security, especially wireless links. He is an active member of Rstack team and French Honeynet Project with studies on honeynet containment, honeypot farms and network traffic analysis. He delivered technical presentations and trainings worldwide, and written papers and articles on network security. Cédric's website: href="http://sid.rstack.org/">http://sid.rstack.org/