By Raheel Ahmad Although revealing the secret is always an appealing topic...
I would like to introduce a new issue of The Best of Hakin9. This compendium is a huge load of knowledge on Hacking Wi-Fi. It is the guidebook for those who would like to know the basics, and dive into deep waters of Wi-Fi hacking techniques. The main part is focused on the well known packet analyzer “Wireshark.” We are sure you will find something interesting there. For some of you it will be a great repetition, and for the rest an occassion to learn about wireshark and other sniffing
tools. What is more, it is a compendium you will find educative and informative on various issues like; Network and Data protection, or Spyware in business. With this issue we wanted to give you a big set of information in one piece, which you can reach for whenever you want.
In this issue you will find sections as Hacking Wireless Networks, Wireshark Basics, Wireless Security, Wireshark Advanced, Cybersecurity and Extra.
HACKING WIRELESS NETWORKS
Hacking Wireless in 2013
By Terrance Stachowski, CISSP, L|PT
This article is a simple how-to guide for hacking wireless networks using BackTrack 5 R3, or Kali – Linux Penetration Testing Distributions offered by Offensive Security. The information provided in this article will aid you in testing the security of your wireless network to determine if your vulnerable to wireless intruders. The following information is for educational purposes only; never use these techniques to access any network which you do not own, unless you have the explicit written permission from the owner of the network.
Hacking Wi-Fi Networks
By Danny Wong, CISSP, CISA, CEH, PMP, ITIL, MCT, MCSE, MCITP, MCTS
In an Enterprise Infrastructure where your Wi-Fi network is breached, you might imagine a situation where monitoring alerts goes off, SMS alerts are sent to your mobile, Intrusion Detection Systems sounds off and Intrusion Prevention Systems kicks in to lock down the perpetrator. Security team activates their well-defined security framework encompassing Security Incident Response and Handling which define the processes to Identify, Contain, Eradicate and Recover from the incident.
Security Through Obscurity: How To Hack Wireless Access Point
By Bamidele Ajayi, OCP, MCTS, MCITP EA, CISA, CISM
This article is meant for legitimate use by users who have forgotten their Wireless Access Point (WAP) credentials such as recovering a misplaced network key or users who have been called by legitimate owners of WAP to help recover network keys. It will inform readers how to hack their Wireless Access Point to gain access.
Wireshark – Hacking WiFi Tool
When placed properly, Wireshark can be a great help for network administrator when it comes to network troubleshooting, such as latency issues, routing errors, buffer overflows, virus and malware infections analysis, slow network applications, broadcast and multicast storms, DNS resolution problems, interface mismatch, or security incidents.
Introduction to Wireless Hacking Methods
By Alexander Heid, Co-founder and President of HackMiami
This article is intended for those who have never forayed into the world of wireless hacking, and will assume the reader has a basic understanding of networking principles and Linux command navigation.
Wireshark – Not Just a Network Administration Tool
By Arun Chauchan, Joint Director CIRT Navy at Indian Navy
Wireshark, a powerful network analysis tool formerly known as Ethereal, captures packets in real time and displays them in human-readable format. Wireshark was developed by Gerald Combs and is free and open-source.
Wireshark – Sharks on The Wire
By Patrick Mark Preuss, Network Engineer
Capturing and analyzing network data is one of the core skills every IT professional should posses. If you have problems with your system or application, suspect a security issue, in almost every case the network is involved today.
The Network Hackeror Analyzer Wireshark
By Anand Singh
Wireshark is an open source tool for capturing and analysing network packets, from standard network protocols such as Ethernet, TCP, UDP, HTTP to GSM Protocols like LAPD. Wireshark works like a network packet X-Ray and can listen to network traffic to help identify problems related to protocols, applications, links, processing time,
latency and more.
By Nitish Mehta, Information Security & Cyber Crime Consultant
Wireshark is a very popular tool mainly used to analyze network protocols. It has many other features as well but if you are new the program and you seek somebody tocover the basics, here is a brief tutorial on how to getstarted.
“You Are Here” A Guide to Network Scanning
By Court Graham, CISSP, CEH, GCIH, GSEC, MCSE
Historically the term network scanning has been defined as a process which primarily takes place shortly after the information gathering phase of a hacking attempt or penetration test. In actuality, you never know when you will have to perform scanning activities.
WiFi Combat Zone: Wireshark Versus the Neighbors
By Bob Bosen, Founder of Secure Computing
If you’re one of the regular readers of Hakin9, then you know that there are several means by which your neighbors could have penetrated your WiFi LAN. Do you ever wonder if it’s already happened? Would you like to learn how to monitor anybody that’s abusing your network?
Wi-Fi Security Testing with Kali Linux on a Raspberry Pi
By Dan Dieterle, Security Researcher at CyberArms Computer Security
Learn how to test the security of Wi-Fi networks using a $35 Raspberry Pi and the new Kali Linux. You will also see how some common wireless network security tactics are very easily bypassed.
Using Wireshark to Analyze a Wireless Protocol
By Hai Li, Associate Professor of Beijing Institute of Technology
Wireshark is the perfect platform to troubleshoot wireless networks. In this tutorial, I will demonstrate how to support a new wireless protocol in Wireshark. A wireless protocol in the real world is very complicated, so I will use ASN.1 technology to generate the source code of a dissector.
The Revolving Door of Wi-Fi Security
By Jonathan Wigg, Data Architect at NetMotion Wireless
This isn’t a how-to guide for breaching wireless networks; there are more than enough of those floating around on the Internet. Instead, I wanted to provide some context and an overview of the Wi-Fi security space. Back to the revolving door that is Wi-Fi security and why broadly diverse security measures in random quantities make a poor barrier for entry.
Capturing WiFi Traffic with Wireshark
By Steve Williams, CISSP, GCIH, ACMA
For many years, Wireshark has been used to capture and decode data packets on wired networks. Wireshark can also capture IEEE 802.11 wireless traffic while running on a variety of operating systems.
An Introduction to the Rise (and Fall) of Wi-Fi Networks
By Alessio Garofalo, System Engineer at Green Man Gaming, IT Security Analyst at Hacktive Security
Wireshark is an open source network packet analyzer that offer similar functions of tcpdump and allows you to make the packet sniffing a less stressing task.
Decoding and Decrypting Network Packets with Wireshark
By Andrei Emeltchenko, Linux SW Engineer at Intel Corporation
The main idea is that well known Bluetooth protocols, profiles and security mechanisms to be used with secondary radio are already present in many devices.
State of Security in the App Economy: Mobile Apps Under Attack
By Jukka Alanen, vice president, Arxan Technologies
The proliferation of mobile devices has created an appcentric global marketplace, ushering in the App Economy that is driving innovation, new business models, and revenue streams across all industries. The app industry is growing at a staggering rate, with revenues approaching $60 billion worldwide.
Network Analysis On Storage Area Network Using Wireshark
By Massimiliano Sembiante, IT Security and Risk Specialist at UBS Bank
Wireshark can be used during a proactive analysis to identify potential network bottleneck, to monitor “live” what is happening to data flow, and to decode packets in transit, displaying information in readable format. The tool can be installed on any computer connected to the network and equipped with a NIC card. Using specific API or libraries, such as WinPcap under Windows or libpcap for Unix, it enables data capture and allow to analyze packets travelling over the carrier.
Deep Packet Inspection with Wireshark
By David J. Dodd, GIAC, IAM & IEM, Security +
This article attempts to provide some detail into how to search through packet dump files or pcap files using Wireshark. I’ll give some useful information on using wireshark & tshark to do deep packet analysis.Intrusion etection devices such as Snort use the libpcap C/C++ library for network traffic capture.
Listening to a Voice over IP (VoIP) Conversation Using Wireshark
By Luciano Ferrari, Information Security at Kimberly-Clark
Wireshark is a very powerful tool but did you know you can extract an RTP stream traffic from your VoIP packets, listen to, and even save an audio file of the conversation?In this article, you’ll find an overview and introduction to using Wireshark to analyze VoIP packets and also a step-by-step tutorial on how to extract and listen to a capturedaudio file.
Wireshark – LUA
By Jörg Kalsbach, Senior Consultant at JPrise GmbH and Information Technology and Services Consultant
This article explores an extension mechanisms offered by Wireshark. After a brief description of Wireshark itself, it shows how Wireshark can be extended using Lua as an embedded language. It shows the benefits to be gained from using the combination of Wireshark and Lua.
Tracing ContikiOs Based IoT Communications over Cooja Simulations with Wireshark
By Pedro Moreno-Sanchez, M.Sc. student at the University of Murcia, Spain
Rogelio Martinez-Perez, B.Cs. in Computer Science at the University of Murcia, Spain
Internet of Things is getting real. Billions of devices interconnected between each other retrieving data and sharing information using wireless communication protocols everywhere.
Integration of Cyberwarfare and Cyberdeterrence Strategies into the U.S. CONOPS Plan to Maximize Responsible Control and Effectiveness by the U. S. National Command Authorities
By William F. Slater, III, CISSP, SSCP, CISA, MSCE 2000: Security, ITIL Foundation v3, MCTIP, Certified Data Center Professional
This paper deals with issues related to the present situation of lack of a clearly defined national policy on the use of cyberweapons and cyberdeterrence, as well as the urgent present need to include strategies and tactics for cyberwarfare and cyberdeterrence into the national CONOPS Plan, which is the national strategic war plan for the United States.
Open Networks- Stealing the Connection
By Michael Christensen CISSP, CSSLP, CRISC, CCM ISO:22301, CPSA, ISTQB, PRINCE2
Most of you are quite aware of the fact, that using open WiFi networks processes a threat to the security of your device (Laptop, smartphone, tablet etc.). But did you know, that if you associate your device with an open network, the threat even goes beyond being actively online on the open access point?
Social Engineering: The Art of Data Mining
By Terrance J. Stachowski, CISSP, L|PT
This article explores the art of data mining, a technique utilized build a dossier and profile of a targeted individual, network, or organization.
Attempting to Solve the “Attribution Problem” – Using Wireshark and Other Tools to as an Aid in Cyberwarfare and Cybercrime for Analyzing the Nature and Characteristics of a Tactical or Strategic Offensive Cyberweapon and Hacking Attacks
By William Favre Slater III, PMP, CISSP, SSCP, CISA, MSCE 2000: Security, ITIL Foundation v3, MCTIP, Certified Data Center Professional
One of the main disadvantages of the hyper-connected world of the 21st century is the very real danger that countries, organizations, and people who use networks computer resources connected to the Internet face because they are at risk of cyber attacks that could result in anything ranging from denial service, to espionage, theft of confidential data, destruction of data, and/or destruction of systems and services.
Spyware Your Business Cannot Afford It
By Louis Corra, Owner of NEPA Computer Consulting, Net Solution Specialist at Network Solutions
Certainly, your business is important to you, your employees, your stock holders and your customers. Your computer systems, servers, and netwo,rk storage devices contain tons of vital information such as inventory, tax records, payroll and, most importantly, your customers’ credit card information.
An Interview with Cristian Critelli, L3 Escalation TAC Engineer at Riverbed Technology Ltd.
Level 3 Escalation Engineer at Riverbed Technology Inc., and part of the EMEA TAC Support Team