1. Home
  2. Training Library
  3. Security issues [CISMP]

Wireless (WLAN)

Start course
Overview
Difficulty
Beginner
Duration
30m
Students
15
Description

In this next course you will be taking a closer look at network security issues. These include old technologies like PSTN as well as more recent ones like VoIP, as well as staples like email and mobile.

Transcript

Welcome to the session on WLAN, or Wireless Local Area Network. You might also know it as wireless fidelity, or Wi-Fi. This is-, I'm going to be demonstrating a couple of tools with you on this site here, but first of all I wanna quickly talk about Wi-Fi. Now Wi-Fi itself, often people will use Wi-Fi at home and there are tools that can scan your Wi-Fi to identify what's being connected to it, what's not being connected to it. Trend Micro provide a nice little tool for that if you want to see what's being connected to your Wi-Fi. So, I'm going to demonstrate to you a couple of network analysing tools, the first one I'm going to demonstrate to you is called Wireshark, and the second will be Fiddler. Now Wireshark is a network analysing tool, it's free to download and use, and normally people use Wireshark for analysing their traffic to see if there's any issues on the traffic, you might suddenly your network has gone very slow and it could be that you've accidentally downloaded a cryptocurrency miner which is slowing your machine down. Other people also look at it to make sure the traffic is getting delivered to the correct locations, and this is like a postman delivering mail. Now if I was going to be a supervisor, I'd want to sit and make sure that the postman are delivering the post to the correct locations and not throwing them over the fence as I've seen happen before. And this is what Wireshark does, it sees that-, a data, or postman, is going to a location and putting the data through the letterbox correctly and the data's being delivered effectively. But often it's used for problem checking to see if there's any issues in relation to that, but also hackers could use that technique to capture your credentials, your passwords, your PINs, those type of information. So, it's something that we need to be mindful of.  

Now in this little capture I've got put on here is-, I'm connected to a site called HTTP, Hypertext Transfer Protocol. That's port 80, you do need to remember that for the exam. That means it's unsecure, it's unsecured connection to the site. So, Mark's connecting to an insecure website, which is what Mark is going to demonstrate to you. Now this is Wireshark to capture, and I'm just going to put a filter in to capture the information. So, I'm gonna post in-, I'm gonna put a capture in here, and this will put the code in to filter the information I want to see, so I'm going to put the filter in. And this will bring up the index folder for the web application I was using, and I was connecting to a site called HTTP - AVV Train is a site. And I'm gonna follow the data to look at the data inside it, and I'm going to use something called TCP stream, don't get too worried about transmission control protocol, you don't need to know it for your exam. But as you can see, comes up-, you've got some information come up red. Red is myself, blue is the system itself. Now the red itself is showing me that I'm connecting to a site called AVV Train, which is a insecure website. It tells me a little bit about my user agent, so if I just select to show you, this is the user agent, it was basically telling me how updated my software is on the site itself. It also tells me how I got to the site, which was AVV Train, and also tells me what the cookies are. So, it tells me what my cookies are, and it also tells me what language potentially I'm using, and you can see here it thinks I'm either American or probably British. Obviously further information about that for analysing it we can look at in a different session. But as you can see here, I've logged into the site here AVV Train, no originality from me because Mark's put in the name James Bond, and James Bond's come up, you could have got from that shoulder surfing. And then password, password123, now you wouldn't get that from necessarily shoulder surfing unless you're watching me type things in or you're listening to the sound of me typing things using different keystrokes. Laptops and mobile phones can also use that to track just from a sound what you're typing in. Obviously this one, because the fact I successfully connect to the website, and because it's using an insecure protocol, all the information I'm doing is in plain text, so everything is in plain text. Whatever I do in the site, everything is in plain text, so if I continue and maybe it's a shopping application which is using HTTP, that will be all in plain text and anyone will be able to see that information, which obviously is a major vulnerability.  

Underneath this, there's another capture I've done which is-, which is Fiddler. Now Fiddler is very similar, it's a network analysing tool, free to download, and this can also analyse traffic as well. So, if I just minus this one done, bring up Fiddler just to demonstrate it for you. So, this is Fiddler itself from a company called Telerik, and I did a capture of me connecting to Wi-Fi, or WLAN. Now the Wi-Fi I'm connecting to, I thought I was connecting to Starbucks and it wasn't, I was actually connecting to what is known as a rogue access point. You might’ve also known it as a Wi-Fi pineapple, and basically I think I'm connecting to the correct Wi-Fi but I'm not. I think I've connected because I've got connection to the websites I wanna go to but because I've connected to this rogue access point, they're able to decrypt my traffic. So instead of my traffic being HTTPS, Hypertext Transfer Protocol Secure, which is port 443 if you need to remember that for the exam, basically my data's encrypted, people should not be able to see that information. I'm using a transport mechanism to access the information.  

Now I've connected to quite a few sites on this application here, and I've connected to one called Internet Archives. So, this one's in yellow, you can see here, the internet archive or the Wayback Machine as people use it, it's a really good site actually, you get some quite detailed information about things. The Wayback Machine is HTTPS, so it's a secure website, it requires you to login and when I double-click on it, and I have to provide a username and password. You can see because I've accessed a rogue access point my username comes up, same again, you probably get that from shoulder surfing. But interesting enough, my datas' also come up from my password, so my passwords' also come up as well, you can see there, under the Tuscan sun, my passwords' come up. Obviously that's a concern, I'm connecting a secure website and suddenly my datas' come up, let me go down to show you another demonstration of me actually connecting to another site, actually connecting to Twitter, social media platform Twitter. So,  on the same session I'm connecting to Twitter, and you can see again my usernames come up and my passwords' come up, so I've been compromised. If I continue on these sites here, more and more of my credentials, information will get decrypted.  

So, this is a vulnerability we need to be aware of, and obviously this is why it's important to be careful about what sites you actually login to, what sites you go to, and obviously trust the Wi-Fi you're using. Hopefully this has been a useful, sort of, quick demonstration for you. Thank you very much for your attention. 

 

About the Author
Students
23520
Labs
113
Courses
884
Learning Paths
43

A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.