1
00:00:00,630 --> 00:00:05,490
All right now we've seen some pretty scary stuff in this section and this lecture.

2
00:00:05,490 --> 00:00:11,400
I want to talk about how to prevent some of these attacks or securing our networks from them.

3
00:00:11,970 --> 00:00:17,580
So the first thing that we spoke about was captive portals and we see how we can gain access to these

4
00:00:17,580 --> 00:00:20,430
networks using three methods.

5
00:00:20,430 --> 00:00:26,450
And even if the first two methods didn't work then the third would rely on the users and will gain access

6
00:00:27,820 --> 00:00:33,040
as shown that proves that a captive portals are not secure at all.

7
00:00:33,040 --> 00:00:39,550
So in order to get the functionality of a captive portal but stay secure the best thing to do is to

8
00:00:39,550 --> 00:00:48,050
use WPA enterprise with a radius server and then give each user an individual username and password.

9
00:00:48,130 --> 00:00:51,340
This way you can still prevent some people from connecting.

10
00:00:51,340 --> 00:00:53,740
You can still disable some of the passwords.

11
00:00:54,480 --> 00:00:58,590
Who can control these users and see each what each one of them is doing.

12
00:00:58,830 --> 00:01:06,330
But at the same time the people authenticate using the WPA or WPA to authentication procedure.

13
00:01:06,360 --> 00:01:08,600
So it's much more secure.

14
00:01:08,670 --> 00:01:13,890
The data is going to be sent encrypted so people that are not connected to the network cannot sniff

15
00:01:13,890 --> 00:01:14,330
it.

16
00:01:14,370 --> 00:01:17,200
They can't just connect and do IRP spoofing.

17
00:01:17,380 --> 00:01:23,200
And at the same time you're getting the same functionality that you'll get from a captive portal.

18
00:01:23,400 --> 00:01:30,000
Next we've seen how easy it is to crack WEP with S-K with shared key authentication so it goes without

19
00:01:30,000 --> 00:01:31,340
saying don't use web.

20
00:01:31,440 --> 00:01:36,690
Regardless of how you implement it even if you think that you implemented it in a more secure manner

21
00:01:36,870 --> 00:01:39,870
just don't use work period.

22
00:01:39,870 --> 00:01:47,910
Next is WPX and we see how we can force some routers to have their password or their pen.

23
00:01:48,330 --> 00:01:51,240
Again there are secure ways of implementing them.

24
00:01:51,240 --> 00:01:57,360
P.s. if you disable push button authentication and lock after a number of failed attempts but again

25
00:01:57,450 --> 00:02:00,250
if you want to be secure just disable WPX.

26
00:02:00,330 --> 00:02:02,560
That'll just make griever not work at all.

27
00:02:03,680 --> 00:02:06,940
Then we see more advanced worthless attacks.

28
00:02:06,950 --> 00:02:09,860
So if WEP is not used WPA as is enabled.

29
00:02:09,920 --> 00:02:13,460
We're talking about you using the BPA or WPA too.

30
00:02:13,630 --> 00:02:20,270
And the only way to gain access to your network is use in word that I can receive advice to all these

31
00:02:20,360 --> 00:02:27,680
attacks where we can use big words lists and save and restore our programs and use the GPL for cracking

32
00:02:27,680 --> 00:02:29,200
to make it faster.

33
00:02:29,210 --> 00:02:32,730
No all of these are still worthless attacks.

34
00:02:32,810 --> 00:02:40,370
So if you use a long password say minimum of 16 characters with letters numbers and symbols then it's

35
00:02:40,370 --> 00:02:45,560
going to be very very difficult to get your password even using the methods that I showed you right

36
00:02:45,560 --> 00:02:46,050
now.

37
00:02:46,220 --> 00:02:52,600
Obviously the longer the password the harder it is to get the key for it because it's a word this attack.

38
00:02:52,610 --> 00:02:58,500
So the key has to be there in the wordlist that the hacker is using.

39
00:02:58,550 --> 00:03:04,970
Now the last method that we've seen and we said that this is the last resort is used in an evil to an

40
00:03:04,970 --> 00:03:05,620
attack.

41
00:03:05,810 --> 00:03:12,110
And we see how we can use that to gain access to WPA or WPA to networks and we also see how to use that

42
00:03:12,110 --> 00:03:15,890
to gain access to captive portals.

43
00:03:15,890 --> 00:03:22,050
Now in both of these methods we're relying on the humans on the users that use the network.

44
00:03:22,100 --> 00:03:29,460
So when it goes down to that then there is nothing you can do in terms of the software or the hardware.

45
00:03:29,510 --> 00:03:33,340
The hacker is literally exploiting the people that use the network.

46
00:03:33,470 --> 00:03:37,520
So the only thing you can do in this case is educate your users.

47
00:03:37,520 --> 00:03:44,780
So if you have a small group of users you can just have a talk and tell them here look this is an attack

48
00:03:44,780 --> 00:03:45,890
that can be used.

49
00:03:45,890 --> 00:03:50,530
Be careful from it if you get the authenticated or disconnected from your network.

50
00:03:50,540 --> 00:03:55,370
Make sure when you connect that you connect to the same network and make sure that the network you're

51
00:03:55,370 --> 00:03:58,900
connecting to is actually using encryption.

52
00:03:58,910 --> 00:04:00,680
So it's not an open network.

53
00:04:00,950 --> 00:04:07,040
Also tell them never enter the network key in a web interface because as we seen when we're running

54
00:04:07,040 --> 00:04:12,580
the evil twin attack we always ask for the password and a web interface.

55
00:04:12,980 --> 00:04:15,710
So make sure that your users know.

56
00:04:15,770 --> 00:04:19,420
They should never answer the key and a web interface.

57
00:04:19,520 --> 00:04:24,560
And if they already enter the key they'll never be asked for it again unless they clicked on Forgot

58
00:04:24,560 --> 00:04:27,010
the network which they should know.

59
00:04:27,380 --> 00:04:32,990
So to summarize if you want to secure your network from the Ganey got attacks that we've seen so far.

60
00:04:33,020 --> 00:04:39,830
First don't use captive photos implementable Dhupia enterprise if you want a similar functionality to

61
00:04:39,950 --> 00:04:49,910
never use WEP three disable W.P. as for use WPA or WPA too with a complex password of letters characters

62
00:04:49,910 --> 00:04:52,660
numbers and symbols.

63
00:04:52,700 --> 00:04:53,500
5.

64
00:04:53,600 --> 00:04:59,030
Educate your users to make sure they to be victims of a social engineering attack.