1
00:00:00,910 --> 00:00:01,460
Excellent.

2
00:00:01,990 --> 00:00:08,260
So a wireless network is a computer network that uses wireless data connections between network nodes.

3
00:00:09,170 --> 00:00:15,440
Wireless networks are generally implemented and administered using radio communication and with this

4
00:00:15,440 --> 00:00:22,000
method, the costly process of introducing cables into a building can well obviously be avoided.

5
00:00:23,420 --> 00:00:27,110
A wireless local area network, LAN.

6
00:00:28,020 --> 00:00:34,290
Links two or more devices over a short distance using a wireless distribution method, usually providing

7
00:00:34,290 --> 00:00:37,580
a connection through an access point for Internet access.

8
00:00:39,630 --> 00:00:46,890
I Tripoli Aido two point one one is a set of Mac and physical layer specifications for implementing

9
00:00:46,890 --> 00:00:49,060
wireless LAN computer communication.

10
00:00:49,860 --> 00:00:56,130
Now they're the world's most widely used wireless computer networking standards used in most home and

11
00:00:56,130 --> 00:01:02,610
office networks to allow laptops, printers, smartphones to talk to each other and access the Internet

12
00:01:02,880 --> 00:01:04,740
without being connected to any wires.

13
00:01:05,640 --> 00:01:12,120
So for this, I'm just trying to keep it simple so I won't talk about the entire eight to 11 family

14
00:01:12,120 --> 00:01:14,700
or the technical details beneath them.

15
00:01:15,000 --> 00:01:22,890
I just want to let you know that the most popular are those defined by the ATO to live BE and the ATO

16
00:01:22,890 --> 00:01:27,660
to 11 G protocols, which are amendments to the original standard.

17
00:01:29,340 --> 00:01:36,180
So Aido to not one one dash one nine nine seven was the first wireless networking standard.

18
00:01:36,970 --> 00:01:45,100
But eight to 11 B was the first widely accepted one, followed by eight to 11 G and then to 11 in.

19
00:01:46,230 --> 00:01:53,820
Know 211 is an amendment that improves upon the previous eight to 11 standards by adding multiple input,

20
00:01:53,820 --> 00:01:56,730
multiple output, antenna's mendte.

21
00:01:57,650 --> 00:02:05,180
So Mendte, it's basically a method for multiplying the capacity of a radio link using multiple transmit

22
00:02:05,180 --> 00:02:06,500
and receive antennas.

23
00:02:08,740 --> 00:02:18,730
Nowadays, eight to 11 A is popular, so it builds on the ATO to 11 and includes wider channels and

24
00:02:18,730 --> 00:02:20,320
the five gigahertz band.

25
00:02:23,150 --> 00:02:26,870
The segment of the radio frequency spectrum used by to 11.

26
00:02:28,740 --> 00:02:36,240
Varies pretty much between countries, for example, in the U.S., Aido two one one A and a two one

27
00:02:36,260 --> 00:02:41,700
one G devices may be operated without a license is allowed in the regulations.

28
00:02:43,170 --> 00:02:52,380
Wireless networks are identified using a service set identifier or SS ID or I'll call it a sit.

29
00:02:53,520 --> 00:03:00,300
Unless it is the primary name associated with a NATO 211 wireless LAN, including home networks and

30
00:03:00,300 --> 00:03:01,260
public hotspots.

31
00:03:02,190 --> 00:03:06,330
Client devices use this name to identify and join wireless networks.

32
00:03:07,410 --> 00:03:09,330
Now, there are multiple kinds of acids.

33
00:03:10,230 --> 00:03:16,320
Used by itself, the term Essid refers to the name of a wireless network, whether it be a point to

34
00:03:16,320 --> 00:03:24,180
point network made of only individual wireless clients into communicating or an infrastructure network

35
00:03:24,180 --> 00:03:26,900
with clients relying on access points.

36
00:03:28,220 --> 00:03:35,780
So getting more specific, we have basic CID's or be acids, which are the Mac address of the access

37
00:03:35,780 --> 00:03:44,240
point, the 48 bit number that uniquely identifies every wireless and every wire line, for that matter,

38
00:03:44,390 --> 00:03:45,530
network interface.

39
00:03:47,150 --> 00:03:54,800
The extended Essid, or Essid, is a unique name applied to one or more access points, offering the

40
00:03:54,800 --> 00:03:59,120
same service such as access to a single wireline network.

41
00:04:00,290 --> 00:04:08,000
Now, in some deployment's, unique pieces are applied to each individual access point in others, all

42
00:04:08,000 --> 00:04:14,390
access points that offer access to the same wireline network are given identical Essid values to help

43
00:04:14,390 --> 00:04:17,740
foster roaming between the various access points.

44
00:04:19,390 --> 00:04:24,830
But generally speaking, when analyzing wireless LANs, we want to discover the best, said the Mac

45
00:04:24,830 --> 00:04:31,550
address and the E said the name apply to the wireless network as a whole with a unique value typically

46
00:04:31,550 --> 00:04:34,040
applied to each individual access point.

47
00:04:35,630 --> 00:04:42,440
Now, since this is a cause for penetration testers, we really need to talk about the weaknesses of

48
00:04:42,440 --> 00:04:44,180
the wireless network infrastructure.

49
00:04:45,440 --> 00:04:50,470
So here are some of the most significant vectors for wireless attacks.

50
00:04:51,660 --> 00:04:52,800
Denial of service.

51
00:04:53,810 --> 00:05:01,760
Blocking legitimate users on a wireless lan is trivially easy, even if the network is carefully constructed.

52
00:05:03,210 --> 00:05:10,410
Rogue access points, employees sometimes set up unauthorized access points in an enterprise environment

53
00:05:10,770 --> 00:05:18,990
to bypass the legitimate wireless infrastructure or to gain wireless access when such an infrastructure

54
00:05:18,990 --> 00:05:26,250
isn't provided by the enterprise a penetration, testers and ethical hackers alike are sometimes required

55
00:05:26,250 --> 00:05:31,590
to sweep an organization's physical infrastructure to find these unauthorized access points.

56
00:05:33,120 --> 00:05:37,530
Lack of or improper configuration of wireless access points.

57
00:05:38,660 --> 00:05:44,390
Right, so if access points are not configured appropriately, attackers can have a much easier time

58
00:05:44,390 --> 00:05:47,630
of employing any of the rest of these attack vectors.

59
00:05:49,630 --> 00:05:51,280
Traffic capture, intercept.

60
00:05:52,130 --> 00:05:58,850
In a wireless lan, the hacker can get access to the data link layer layer to communications as long

61
00:05:58,850 --> 00:06:04,340
as he or she is in physical proximity of the device for merely capturing packets.

62
00:06:04,580 --> 00:06:08,480
That proximity for a wireless lan could be a mile or more.

63
00:06:09,510 --> 00:06:12,930
Numerous wireless sniffing tools can be used in such attacks.

64
00:06:13,990 --> 00:06:21,190
Crypto attacks, some wireless encryption protocols suffer from significant security weaknesses, such

65
00:06:21,190 --> 00:06:24,580
as the wired equivalent privacy web protocol.

66
00:06:25,800 --> 00:06:31,920
Attackers can gather Web traffic and by exploiting flaws in the way cryptographic initialization vectors

67
00:06:31,920 --> 00:06:36,990
are exchanged, correct the keys to gain access to the data and the network.

68
00:06:39,110 --> 00:06:40,100
Client duping.

69
00:06:41,050 --> 00:06:48,790
Some tests call for a penetration test or ethical hacker to set up a bogus access point to see if clients

70
00:06:48,790 --> 00:06:52,750
will trust it and then use it to access the rest of the network.

71
00:06:53,560 --> 00:06:58,840
The attacker can then sit in the middle of all the communications, harvesting them or changing the

72
00:06:58,840 --> 00:07:00,400
data as it passes by.