1
00:00:00,940 --> 00:00:01,450
‫Excellent.

2
00:00:01,990 --> 00:00:08,230
‫So a wireless network is a computer network that uses wireless data connections between network note.

3
00:00:09,140 --> 00:00:14,120
‫Wireless networks are generally implemented and administered using radio communication.

4
00:00:14,900 --> 00:00:21,380
‫And with this method, the costly process of introducing cables into a building can well, obviously

5
00:00:21,380 --> 00:00:21,980
‫be avoided.

6
00:00:23,450 --> 00:00:27,080
‫A wireless local area network, W Lin.

7
00:00:28,020 --> 00:00:34,260
‫Links two or more devices over a short distance using a wireless distribution method, usually providing

8
00:00:34,260 --> 00:00:37,560
‫a connection through an access point for internet access.

9
00:00:39,660 --> 00:00:47,760
‫I Tripoli 8.2.1 one is a set of Mack and physical layer specifications for implementing wireless LAN

10
00:00:47,760 --> 00:00:49,050
‫computer communication.

11
00:00:49,890 --> 00:00:56,130
‫Now they're the world's most widely used wireless computer networking standards used in most home and

12
00:00:56,130 --> 00:01:02,550
‫office networks to allow laptops, printers, smartphones to talk to each other and access the internet

13
00:01:02,880 --> 00:01:04,710
‫without being connected to any wires.

14
00:01:05,670 --> 00:01:07,650
‫So for this, I'm just trying.

15
00:01:07,680 --> 00:01:13,830
‫Keep it simple, so I won't talk about the entire, you know, two 11 family or the technical details

16
00:01:13,830 --> 00:01:14,670
‫beneath them.

17
00:01:15,030 --> 00:01:23,070
‫I just want to let you know that the most popular are those defined by the ATO to 11 B and the ATO to

18
00:01:23,070 --> 00:01:27,630
‫11g protocols, which are amendments to the original standard.

19
00:01:29,340 --> 00:01:36,150
‫So, 8.2.1 one Dash one nine nine seven was the first wireless networking standard.

20
00:01:37,000 --> 00:01:44,590
‫But eight 02, 11 B was the first widely accepted one, followed by eight to 11 g and then eight to

21
00:01:44,590 --> 00:01:45,070
‫11 in.

22
00:01:46,050 --> 00:01:52,560
‫Eight 00 to 11 in is an amendment that improves upon the previous eight 00 to 11 standards by adding

23
00:01:52,560 --> 00:01:56,730
‫multiple input, multiple output antennas M.T.

24
00:01:57,650 --> 00:02:05,180
‫So minty, it's basically a method for multiplying the capacity of a radio link using multiple transmit

25
00:02:05,180 --> 00:02:06,470
‫and receive antennas.

26
00:02:08,710 --> 00:02:17,500
‫Nowadays, eight 00 to 11 AC is popular, so it builds on the eight 00 to 11 end and includes wider

27
00:02:17,500 --> 00:02:20,290
‫channels in the five gigahertz band.

28
00:02:23,180 --> 00:02:26,840
‫The segment of the radio frequency spectrum used by eight 00 to 11.

29
00:02:28,740 --> 00:02:30,570
‫Varies pretty much between countries.

30
00:02:30,990 --> 00:02:40,740
‫For example, in the U.S., 8.2.1 1a and 8.2.1 one G devices may be operated without a license as allowed

31
00:02:40,740 --> 00:02:41,670
‫in the regulations.

32
00:02:43,140 --> 00:02:52,350
‫Wireless networks are identified using a service set identifier or SSA ID, or I'll call it a sit.

33
00:02:53,550 --> 00:03:00,150
‫An acid is the primary name associated with an eight 00 to 11 wireless LAN, including home networks

34
00:03:00,150 --> 00:03:01,230
‫and public hotspots.

35
00:03:02,160 --> 00:03:06,300
‫Client devices use this name to identify and join wireless networks.

36
00:03:07,370 --> 00:03:09,300
‫Now there are multiple kinds of acids.

37
00:03:10,230 --> 00:03:16,320
‫Used by itself, the term Essid refers to the name of a wireless network, whether it be a point to

38
00:03:16,320 --> 00:03:24,150
‫point network made of only individual wireless clients into communicating or an infrastructure network

39
00:03:24,150 --> 00:03:26,850
‫with clients relying on access points.

40
00:03:28,220 --> 00:03:35,780
‫So getting more specific, we have basic acids or B acids, which are the Mac address of the access

41
00:03:35,780 --> 00:03:36,110
‫point.

42
00:03:36,770 --> 00:03:44,990
‫The 48 bit number that uniquely identifies every wireless and every wire line, for that matter, network

43
00:03:44,990 --> 00:03:45,500
‫interface.

44
00:03:47,150 --> 00:03:55,130
‫The extended acid, or Essid, is a unique name applied to one or more access points offering the same

45
00:03:55,130 --> 00:03:59,090
‫service, such as access to a single wire line network.

46
00:04:00,290 --> 00:04:06,170
‫Now, in some deployments, unique pieces are applied to each individual access point.

47
00:04:06,590 --> 00:04:13,400
‫In others, all access points should offer access to the same wireline network are given identical E-Z

48
00:04:13,400 --> 00:04:17,720
‫values to help foster roaming between the various access points.

49
00:04:19,460 --> 00:04:25,160
‫But generally speaking, when analyzing wireless LANs, we want to discover the BSP, said the Mac address.

50
00:04:25,400 --> 00:04:31,940
‫And they said the name applied to the wireless network as a whole, with a unique value typically applied

51
00:04:31,940 --> 00:04:34,010
‫to each individual access point.

52
00:04:35,630 --> 00:04:42,410
‫Now, since this is a cause for penetration testers, we really need to talk about the weaknesses of

53
00:04:42,410 --> 00:04:44,180
‫the wireless network infrastructure.

54
00:04:45,440 --> 00:04:50,450
‫So here are some of the most significant vectors for wireless attacks.

55
00:04:51,630 --> 00:04:52,740
‫Denial of service.

56
00:04:53,810 --> 00:04:58,610
‫Blocking legitimate users on a wireless LAN is trivially easy.

57
00:04:59,390 --> 00:05:01,730
‫Even if the network is carefully constructed.

58
00:05:03,180 --> 00:05:10,380
‫Rogue access points employees sometimes set up unauthorized access points in an enterprise environment

59
00:05:10,770 --> 00:05:18,960
‫to bypass the legitimate wireless infrastructure or to gain wireless access when such an infrastructure

60
00:05:18,990 --> 00:05:20,760
‫isn't provided by the enterprise.

61
00:05:21,760 --> 00:05:28,260
‫No penetration testers and ethical hackers alike are sometimes required to sweep an organization's physical

62
00:05:28,260 --> 00:05:31,590
‫infrastructure to find these unauthorized access points.

63
00:05:33,120 --> 00:05:37,470
‫Lack of or improper configuration of wireless access points.

64
00:05:38,660 --> 00:05:44,360
‫Right, so if access points are not configured appropriately, attackers can have a much easier time

65
00:05:44,360 --> 00:05:47,600
‫of employing any of the rest of these attack vectors.

66
00:05:49,630 --> 00:05:51,250
‫Traffic captured intercept.

67
00:05:52,160 --> 00:05:58,820
‫In a wireless LAN, the hacker can get access to the data link layer layer two communications as long

68
00:05:58,820 --> 00:06:04,310
‫as he or she is in physical proximity of the device for merely capturing packets.

69
00:06:04,580 --> 00:06:08,510
‫That proximity for a wireless LAN could be a mile or more.

70
00:06:09,510 --> 00:06:12,920
‫Numerous wireless sniffing tools can be used in such attacks.

71
00:06:13,990 --> 00:06:21,160
‫Crypto attacks, some wireless encryption protocols suffer from significant security weaknesses, such

72
00:06:21,160 --> 00:06:24,550
‫as the wired equivalent privacy web protocol.

73
00:06:25,860 --> 00:06:31,890
‫Attackers can gather Web traffic and by exploiting flaws in the way cryptographic initialization vectors

74
00:06:31,890 --> 00:06:32,760
‫are exchanged.

75
00:06:33,360 --> 00:06:36,990
‫Crack the keys to gain access to the data and the network.

76
00:06:39,110 --> 00:06:40,100
‫Client duping.

77
00:06:41,050 --> 00:06:48,790
‫Some tests call for penetration tester or ethical hacker to set up a bogus access point to see if clients

78
00:06:48,790 --> 00:06:52,720
‫will trust it and then use it to access the rest of the network.

79
00:06:53,590 --> 00:06:58,810
‫The attacker can then sit in the middle of all the communications, harvesting them or changing the

80
00:06:58,810 --> 00:07:00,400
‫data as it passes by.