Hello. My name is Dustin and welcome to wireless networks in this module. We're going to learn about some basic wireless protocols, including Bluetooth and one of my favorite tools for wireless network re kon
Air Crack N G. Let's go ahead and jump right in.
First, we're going to go over a few basic wireless protocol types and then dig into each one a little bit further.
Some of the most widely used wireless protocols include lt eat or cellular networks, WiFi, Bluetooth and Z Wave and Zig B. If you remember from Module three, protocols are defined rules and conventions for network communication.
Lt. Technology or long term evolution was designed to significantly significantly improve the low data rates and roaming issues with older phone protocols.
This protocol can carry more than 100 megabits of data per second, although the network bandwidth is normally regulated two levels below 10 megabits per second for individual users. Due to the significant cost of the equipment, plus some government regulatory challenges,
phone carriers have not yet deployed lt in
every location. You'll see it in a lot of your big cities and stuff, but a lot of the rural areas aren't fully covered yet.
Lt is also not suitable for home and other local area networking because it's designed to support a larger number of customers across much longer distances. And of course, because of that, it has have a much higher corresponding cost.
Lt does have its vulnerabilities, though, and they're hoping to address that with the newest iteration, which is five G.
Most attacks against lt networks require pretty expensive equipment, and you must be within the range of the targeted user. So most a taxi instead. Lt Network work as a man in the middle attack, and I'm gonna quick demo here showing one of these attacks. Um, this altar attack was de mode in a lab environment
and may or may not be feasible in an actual lt E environment. As there are many
fraud detection functions in place in many mobile APS, Um, and service's require https connections.
So I've got a link here, Um, and they diagram that kind of shows how it works. The demo was performed by David Ruprecht in a team and his team in a lab environment.
He has ah lt relate, which you can see right here on the right there and once the first. So he powers that up and boots it up. And then he also has a d n a server and an http server running on his machine.
So once he starts the lt relay, the target phone comes in range automatically connects to that lt relay because it's got the strongest signal.
So first the phone attempts to connect to hotmail dot com
and the phone sends out a d. M s request for hot metal dot com because David has intercepted this request, he com'on spoof the I P address and direct the victim to his malicious log in page.
So let's go ahead and let me see if I can pull that demo up.
All right? We're in a full screen this.
You can see exactly how it works. So on the left is tthe e lt relay, and so you can see he is getting that initialized.
And once that comes up, he does have his DNA server and, um
http server already running. So the phone he's turning off airplane mode so it will connect to a network.
And because this lt really is in range, the phone automatically connects to it.
As you can see, he's just opening the Web browser now. Goingto hotmail dot com. His d n a server gets the dean's request for that website and redirects
to his malicious hotmail dot com.
And you could see there that it did spoof the request for hotmail dot com and directed to his server.
All right, and then so now that the user thinks they're actually entering their information into hotmail dot com, But it is actually going directly to David Server,
and you can see there that he did gather the credentials for that.
And so again, it works as a, um,
a man in the middle attack.
Now that we've seen how a man in the middle attack can work against an Lt environment, there is a There are protections in place against that, and one of things I always recommend is to use ah VPN on your phone. This will help keep your information private on any network, whether it's lt or WiFi
and would help
prevent these types of man in the middle attacks.