Ethical Hacker Community Forums

Ethical Hacking Discussions and Related Certifications => CEH - Official Course Modules v5 => Topic started by: don on November 15, 2006, 02:10:49 PM


Title: CEH v5 Module 15: Hacking Wireless Networks
Post by: don on November 15, 2006, 02:10:49 PM
 Introduction to Wireless Networking
 Wired Network vs. Wireless Network
 Effects of  Wireless Attacks on Business
 Types of Wireless Networks
 Advantages and Disadvantages of a Wireless Network
 Wireless Standards
    o 802.11a
    o 802.11b – “WiFi”
    o 802.11g
    o 802.11i
    o 802.11n
 Related Technology and Carrier Networks
 Antennas
 Cantenna
 Wireless Access Points
 SSID
 Beacon Frames
 Is the SSID a Secret?
 Setting Up a WLAN
 Detecting a Wireless Network
 How to Access a WLAN
 Terminologies
 Authentication and Association
 Authentication Modes
 Authentication and (Dis)Association Attacks
 Rogue Access Points
 Tools to Generate Rogue Access Points: Fake AP
 Tools to Detect Rogue Access Points:  Netstumbler
 Tools to Detect Rogue Access Points: MiniStumbler
 Wired Equivalent Privacy (WEP)
 What is WPA?
 WPA Vulnerabilities 
 WEP, WPA, and WPA2
 Steps for Hacking Wireless Networks
    o Step 1: Find networks to attack
    o Step 2: Choose the network to attack
    o Step 3: Analyze the network
    o Step 4: Crack the WEP key
    o Step 5: Sniff the network
 Cracking WEP
 Weak Keys (a.k.a. Weak IVs)
 Problems with WEP’s Key Stream and Reuse
 Automated WEP Crackers
 Pad-Collection Attacks
 XOR Encryption
 Stream Cipher
 WEP Tools
    o Aircrack
    o AirSnort
    o WEPCrack
    o WepLab
 Temporal Key Integrity Protocol (TKIP)
 LEAP:  The Lightweight Extensible Authentication Protocol
 LEAP Attacks
 MAC Sniffing and AP Spoofing
 Tool to Detect MAC Address Spoofing:  Wellenreiter V2
 Man-in-the-Middle Attack (MITM)
 Denial-of-Service Attacks
 Dos Attack Tool: Fatajack
 Phone Jammers
 Scanning Tools
    o Redfang 2.5
    o Kismet
    o THC-WarDrive
    o PrismStumbler
    o MacStumbler
    o Mognet
    o WaveStumbler
    o StumbVerter
    o Netchaser V1.0  for Palm Tops
    o AP Scanner
    o SSID Sniff
    o Wavemon
    o Wireless Security Auditor (WSA)
    o AirTraf
    o Wifi Finder
    o AirMagnet
 Sniffing Tools
    o AiroPeek
    o NAI Wireless Sniffer
    o Ethereal
    o Aerosol v0.65
    o vxSniffer
    o EtherPEG
    o DriftNet
    o AirMagnet
    o WinDump
    o ssidsniff
 Multiuse Tool: THC-RUT
 PCR-PRO-1k Hardware Scanner
 Tools
    o WinPcap
    o AirPcap
 Securing Wireless Networks
 Auditing Tool: BSD-Airtools
 AirDefense Guard 
 WIDZ: Wireless Intrusion Detection System
 Radius: Used as Additional Layer in Security
 Google Secure Access

Source:
http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htm

Don


Powered by SMF 1.1.7 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com