Back to All Events

Practical 802.11 WiFi (In)Security


  • secwest.net Vancouver Canada (map)

Description

Wireless LANs have been widely deployed in the past few years, simultaneously introducing an explosion of security issues and unique vulnerabilities. Despite nowadays security means, it still appears a lot of available wireless networks are not being properly secured.

This dojo training will bring you up to date with most advanced Wi-Fi security technologies, providing detailed, up to date, in-depth knowledge. Mixing both lecture and hands-on, it offers a practical approach of Wi-Fi security, learning and practising security assessment and deployment for wireless networks.

At the end of this course, you will be able to integrate secure wireless environments in your existing infrastructure and assess Wi-Fi networks security.

Topics

  • Quick Wi-Fi basics wrapup

  • Assessing Wi-Fi networks security

    • Wi-Fi networks enumeration technics and tools

    • Security features analysis

    • Weaknesses

      • Intrinsic weaknesses, basic tricks

      • WEP cracking fundamentals and technics

      • Applied malicious traffic injection

    • Targeting Wi-Fi clients

    • Wireless networks pentesting methodology

  • Building secure Wi-Fi networks

    • Wi-Fi security features

      • 802.1x authentication

      • Wi-Fi Protected Access

      • IEEE 802.11i/WPA2

      • Wi-Fi Protected Setup

    • Wi-Fi network integration w/ network architectures

    • Roadmap and key points

Prerequisites

  • Network security experience (Ethernet, TCP/IP)

  • 802.11 experience will help

  • Understanding Python programming would be a bonus

Prerequisite material

Practical exercices will require Backtrack v2 Stable Release live CDROM. Therefore, each student must bring his own laptop running this live distribution properly and be equipped with an injection capable wireless adapter (Atheros based adapter  strongly advised).

 

Instructor: Cédric Blancher

Cédric has been working in network security field for 6 years. In 2004, he joined EADS Corporate Research Center in France and now runs the IT Security Research Lab. As network security expert, he is focusing on wireless networks.

He is one of Rstack team core members and is part of French Honeynet Project with studies on honeynet containment, honeypot farms and network traffic analysis. He's been delivering technical presentations, workshops, trainings (Recon, Syscan, Pacsec/core05, Bellua), papers and articles on wireless networks security, and authored Wifitap, a Wi-Fi traffic injection based tool.

Cédric's website: http://sid.rstack.org/