1
00:00:00,120 --> 00:00:00,810
Hello everybody.

2
00:00:00,930 --> 00:00:05,660
And welcome back to the last video in the wireless penetration testing section.

3
00:00:05,700 --> 00:00:11,670
Now what I want to show you in this video is what security measures you can take in order to prevent

4
00:00:11,670 --> 00:00:13,350
some of the attacks.

5
00:00:13,350 --> 00:00:20,760
Now first thing that you might actually ask yourself is why is the new indication attack even possible.

6
00:00:20,880 --> 00:00:26,660
Well there is not really a measure that you can take in order to prevent it.

7
00:00:26,850 --> 00:00:36,360
But there is a certain vision which is a ATO to dot eleven W which you can switch to in order to protect

8
00:00:36,360 --> 00:00:38,710
yourself from the authentication tech.

9
00:00:38,730 --> 00:00:45,690
It basically works as it uses the protected management frames which can detect and prevent due to indication

10
00:00:45,690 --> 00:00:46,650
attack.

11
00:00:46,650 --> 00:00:53,480
There is no other known security measure that you can take in order to prevent it from the beautification

12
00:00:53,520 --> 00:00:55,360
attack now.

13
00:00:55,820 --> 00:01:04,460
Now I believe that the BPA three security measures will have some kind of protection against the indication

14
00:01:04,470 --> 00:01:11,790
attack but we will have to wait for it to come out in public before we actually see that.

15
00:01:11,820 --> 00:01:23,450
So the next thing I want to show you is basically let me just go to my to my router so when I do that

16
00:01:23,480 --> 00:01:30,930
168 that 1 one and our log into my router right here and I will show you some security measures.

17
00:01:30,980 --> 00:01:32,600
You shouldn't do.

18
00:01:32,600 --> 00:01:41,730
Now some people let me just log in some people for example think that if they put their network in hidden

19
00:01:42,200 --> 00:01:45,470
or if they hide their network name that they will be safe.

20
00:01:45,470 --> 00:01:50,270
So basically the attack that I showed you in the previous video which was discovering the hidden network

21
00:01:50,270 --> 00:01:54,370
name and connecting to the hidden network with just a name.

22
00:01:54,680 --> 00:02:01,130
Some people think that it is a security measure in and in reality it is even easier to hack that kind

23
00:02:01,130 --> 00:02:05,790
of a network than our simple network with our BPA to password.

24
00:02:05,810 --> 00:02:13,090
So as we can see right here let me just find it wireless LAN and you can see right here under the since

25
00:02:13,090 --> 00:02:18,710
I did and still changing the settings from the previous attack I have here broadcast as this idea.

26
00:02:18,770 --> 00:02:22,040
No which for me stands for the network being hidden.

27
00:02:22,040 --> 00:02:28,250
Now for you it might be something different and it might be in some other sections since this router

28
00:02:28,250 --> 00:02:30,130
is not the same as your outer.

29
00:02:30,140 --> 00:02:32,960
This is an old wrapper so it doesn't have a bunch of the options.

30
00:02:32,960 --> 00:02:34,790
It is very easy to find.

31
00:02:35,120 --> 00:02:41,080
The broadcast SCADA this idea option what you want to do is for sure click here on yes.

32
00:02:41,330 --> 00:02:46,060
And basically let me just find right here where did I change it

33
00:02:48,780 --> 00:02:50,300
the altercation type.

34
00:02:50,300 --> 00:02:50,970
Right here.

35
00:02:50,970 --> 00:02:53,690
You do not want to have an open system ever.

36
00:02:53,730 --> 00:02:57,630
You do not want to have on web 64 bits or basically anywhere.

37
00:02:58,170 --> 00:03:05,000
You most likely for now on one to have on VBA to minus B escape for private Shirky.

38
00:03:05,010 --> 00:03:10,500
So you want to have a passport for it and you want to have a strong password for it.

39
00:03:10,500 --> 00:03:14,340
So it makes the symbols numbers and letters and make it as long as you can.

40
00:03:14,340 --> 00:03:16,030
And also remember it.

41
00:03:16,110 --> 00:03:21,060
So this is the strongest at the moment.

42
00:03:21,100 --> 00:03:29,460
Security measure DPP 2 and the strong password which if you have a strong password it will take a hacker

43
00:03:29,820 --> 00:03:33,770
days or perhaps weeks in order to crack your password.

44
00:03:33,870 --> 00:03:39,720
The longer the password the harder for it the longer the password and the more symbols and letters and

45
00:03:39,720 --> 00:03:45,050
numbers it has the harder it will be for it for the hacker to crack it.

46
00:03:45,090 --> 00:03:51,030
If you have a password or for me for example numbers it will be very easy to crack it for anyone with

47
00:03:51,030 --> 00:03:56,500
a little bit of knowledge now as I said.

48
00:03:56,530 --> 00:03:58,620
So the networks will not protect you.

49
00:03:58,620 --> 00:04:01,570
So let me just submit this right here.

50
00:04:01,650 --> 00:04:08,790
Since I said back to the DPA to a security measure and with the password the next thing that I want

51
00:04:08,790 --> 00:04:12,980
to talk about is the MAC filtering which is right here.

52
00:04:12,980 --> 00:04:21,590
Now you might think that the MAC filtering will be enough to actually prevent a hacker to get into your

53
00:04:21,680 --> 00:04:22,750
wireless network.

54
00:04:22,760 --> 00:04:26,900
Now it might be enough if you also specify the password for the wireless.

55
00:04:27,320 --> 00:04:34,040
But if you only put the MAC filtering without the password basically anyone with a little bit of knowledge.

56
00:04:34,130 --> 00:04:41,240
And for now on you as well can change your mac address as assured you even before how you can do that.

57
00:04:41,330 --> 00:04:42,830
And would you change MAC address.

58
00:04:42,830 --> 00:04:45,400
You can basically bypass the MAC filtering.

59
00:04:45,860 --> 00:04:52,730
Now if you have to use a mac filtering now there is basically a black listing and white listing blacklisting

60
00:04:52,820 --> 00:04:59,630
is basically blocking a certain MAC addresses from connecting to a wireless access point and white listing

61
00:04:59,720 --> 00:05:03,630
is allowing certain MAC addresses to connect to wireless access point.

62
00:05:03,650 --> 00:05:10,970
Now it would be better to use a whitelist but both of them can be cracked very easily as we can just

63
00:05:10,970 --> 00:05:16,760
run the aero dump program and see the clients connected to the network and see their MAC addresses.

64
00:05:16,940 --> 00:05:22,910
Then we could do authenticate those clients or basically just one client and we can change our mac address

65
00:05:22,910 --> 00:05:28,790
with the Mac changer as it showed in the previous story also basically Mac changer is a simple program.

66
00:05:28,790 --> 00:05:30,630
Let me just show you right here.

67
00:05:30,710 --> 00:05:33,770
So just typing your Mac changer and it will give you a bunch of the options.

68
00:05:33,770 --> 00:05:39,100
You can type dash dash help and it'll basically give you the option to spoof a MAC address with these

69
00:05:39,160 --> 00:05:40,520
minus M option.

70
00:05:40,520 --> 00:05:45,560
You can type any mac address you want and basically you would type the MAC address of decline that is

71
00:05:45,560 --> 00:05:52,210
connected to the wireless access point that uses the list and basically then you know to authenticate

72
00:05:52,220 --> 00:05:58,360
the client and you connect with his mac address it is simple to bypass.

73
00:05:58,900 --> 00:06:06,640
Another thing which you shouldn't do or basically another thing that you should do is if you want another

74
00:06:06,640 --> 00:06:10,390
security measure you could use the enterprise virus.

75
00:06:10,390 --> 00:06:13,360
Now the enterprise you might ask why should we use that.

76
00:06:13,810 --> 00:06:21,270
Well basically every user has different passport in enterprise even if someone got the password or hacked

77
00:06:21,280 --> 00:06:24,880
the password of some user he would only be able to target one user

78
00:06:29,160 --> 00:06:38,600
so it is also a thing to reconsider using since it does provide provide a certain level of security.

79
00:06:38,710 --> 00:06:39,100
No.

80
00:06:39,110 --> 00:06:45,010
Basically as I said if you were to get a password from one user you wouldn't be able to do much.

81
00:06:45,060 --> 00:06:49,950
You wouldn't be able to run the man in the middle attacks for example.

82
00:06:49,980 --> 00:06:51,990
So it is a good security measure.

83
00:06:52,260 --> 00:06:57,960
But I believe not many of us or basically almost nobody at home has the Wireless Enterprise.

84
00:06:58,080 --> 00:07:06,430
So you can reconsider using that net debt be it fully preventing the attacks that we covered right here.

85
00:07:06,430 --> 00:07:14,660
Now hopefully DDP you will provide us with a lot more security even though the BP Two is enough.

86
00:07:15,240 --> 00:07:20,880
Basically the BP tool will provide you enough security if you use a strong password.

87
00:07:20,910 --> 00:07:28,260
If you as a weak password not even we pay three can prevent the device exploit getting exploited or

88
00:07:28,260 --> 00:07:28,910
compromised.

89
00:07:29,490 --> 00:07:37,500
So that will be about it for these security measures to be with this we finished the six point section

90
00:07:37,500 --> 00:07:40,040
or basically hacking device X point.

91
00:07:40,050 --> 00:07:45,120
We will also cover as I said the evil twin attack later on we will do it manually.

92
00:07:45,120 --> 00:07:50,170
I will show you what all the files you will need to do that but more about that later on.

93
00:07:50,370 --> 00:07:54,070
And we will continue hacking in the next lectures.

94
00:07:54,080 --> 00:07:56,960
Uh hope I see you there and take care.

95
00:07:57,030 --> 00:07:57,300
Bye.