Back to All Events

Practical 802.11 WiFi (In)Security


  • secwest.net Vancouver Canada (map)

Description

802.11 wireless LAN has been widely deployed in the past few years, parallely introducing an explosion of security issues mainly due to weak default configurations and lack of users information. Despites all available information about WiFi networks vulnerabilities, open or insecure networks still represente the majority of deployed wireless networks.

This one day course will bring you up to date with WiFi security, providing detailed in-depth background informations and technics, for infrastructure and adhoc networks. Mixing both lecture and hands-on, it will offer you a very practical approach of WiFi (in)security, learning and practicing latest exploitation technics in WEP cracking, WiFi network penetration and wireless stations attacks, as well as state of the art efficicent protection schemes for secure wireless access deployent, such as WPA and 802.11i.

Topics

  • 802.11 security fundamentals

  • Complete and practical WEP cracking overview

  • Applied malicious traffic injection

  • WPA and 802.11i/WPA2 in depth

Prerequisites

  • good knowledge of TCP/IP protocol suite

  • good knowledge of Ethernet protocol suite

  • knowledge of 802.11 protocol

Prerequisite material

  • Each student must bring his own laptop wether capable of running Auditor or Whax Live CDROM, or running a recent 2.6 Linux kernel with Madwifi driver and Scapy installed/running/working. Atheros based adapters will be provided.

  • Good knowledge and understanding of Ethernet and TCP/IP protocol suite

  • Overall knowledge and understanding of 802.11 networks

 

Cédric Blancher

Cédric has spent the last 5 years working in network security field, performing audits and penetration tests. In 2004, he joined EADS Corporate Research Center in France to work on R&D; within the network security field, including a focus on wireless links. He is an active member of Rstack team and French Honeynet Project with studies on honeynet containment, honeypot farms and network traffic analysis. He also has delivered technical presentations (Eurosec, SSTIC, Cansecwest, Recon, Syscan, etc.) and written research papers and magazine articles (MISC, SSTIC, etc.) about network security. Cédric's website : http://sid.rstack.org/