Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,630 --> 00:00:05,490
All right now we've seen some pretty scary stuff in this section and this lecture.
2
00:00:05,490 --> 00:00:11,400
I want to talk about how to prevent some of these attacks or securing our networks from them.
3
00:00:11,970 --> 00:00:17,580
So the first thing that we spoke about was captive portals and we see how we can gain access to these
4
00:00:17,580 --> 00:00:20,430
networks using three methods.
5
00:00:20,430 --> 00:00:26,450
And even if the first two methods didn't work then the third would rely on the users and will gain access
6
00:00:27,820 --> 00:00:33,040
as shown that proves that a captive portals are not secure at all.
7
00:00:33,040 --> 00:00:39,550
So in order to get the functionality of a captive portal but stay secure the best thing to do is to
8
00:00:39,550 --> 00:00:48,050
use WPA enterprise with a radius server and then give each user an individual username and password.
9
00:00:48,130 --> 00:00:51,340
This way you can still prevent some people from connecting.
10
00:00:51,340 --> 00:00:53,740
You can still disable some of the passwords.
11
00:00:54,480 --> 00:00:58,590
Who can control these users and see each what each one of them is doing.
12
00:00:58,830 --> 00:01:06,330
But at the same time the people authenticate using the WPA or WPA to authentication procedure.
13
00:01:06,360 --> 00:01:08,600
So it's much more secure.
14
00:01:08,670 --> 00:01:13,890
The data is going to be sent encrypted so people that are not connected to the network cannot sniff
15
00:01:13,890 --> 00:01:14,330
it.
16
00:01:14,370 --> 00:01:17,200
They can't just connect and do IRP spoofing.
17
00:01:17,380 --> 00:01:23,200
And at the same time you're getting the same functionality that you'll get from a captive portal.
18
00:01:23,400 --> 00:01:30,000
Next we've seen how easy it is to crack WEP with S-K with shared key authentication so it goes without
19
00:01:30,000 --> 00:01:31,340
saying don't use web.
20
00:01:31,440 --> 00:01:36,690
Regardless of how you implement it even if you think that you implemented it in a more secure manner
21
00:01:36,870 --> 00:01:39,870
just don't use work period.
22
00:01:39,870 --> 00:01:47,910
Next is WPX and we see how we can force some routers to have their password or their pen.
23
00:01:48,330 --> 00:01:51,240
Again there are secure ways of implementing them.
24
00:01:51,240 --> 00:01:57,360
P.s. if you disable push button authentication and lock after a number of failed attempts but again
25
00:01:57,450 --> 00:02:00,250
if you want to be secure just disable WPX.
26
00:02:00,330 --> 00:02:02,560
That'll just make griever not work at all.
27
00:02:03,680 --> 00:02:06,940
Then we see more advanced worthless attacks.
28
00:02:06,950 --> 00:02:09,860
So if WEP is not used WPA as is enabled.
29
00:02:09,920 --> 00:02:13,460
We're talking about you using the BPA or WPA too.
30
00:02:13,630 --> 00:02:20,270
And the only way to gain access to your network is use in word that I can receive advice to all these
31
00:02:20,360 --> 00:02:27,680
attacks where we can use big words lists and save and restore our programs and use the GPL for cracking
32
00:02:27,680 --> 00:02:29,200
to make it faster.
33
00:02:29,210 --> 00:02:32,730
No all of these are still worthless attacks.
34
00:02:32,810 --> 00:02:40,370
So if you use a long password say minimum of 16 characters with letters numbers and symbols then it's
35
00:02:40,370 --> 00:02:45,560
going to be very very difficult to get your password even using the methods that I showed you right
36
00:02:45,560 --> 00:02:46,050
now.
37
00:02:46,220 --> 00:02:52,600
Obviously the longer the password the harder it is to get the key for it because it's a word this attack.
38
00:02:52,610 --> 00:02:58,500
So the key has to be there in the wordlist that the hacker is using.
39
00:02:58,550 --> 00:03:04,970
Now the last method that we've seen and we said that this is the last resort is used in an evil to an
40
00:03:04,970 --> 00:03:05,620
attack.
41
00:03:05,810 --> 00:03:12,110
And we see how we can use that to gain access to WPA or WPA to networks and we also see how to use that
42
00:03:12,110 --> 00:03:15,890
to gain access to captive portals.
43
00:03:15,890 --> 00:03:22,050
Now in both of these methods we're relying on the humans on the users that use the network.
44
00:03:22,100 --> 00:03:29,460
So when it goes down to that then there is nothing you can do in terms of the software or the hardware.
45
00:03:29,510 --> 00:03:33,340
The hacker is literally exploiting the people that use the network.
46
00:03:33,470 --> 00:03:37,520
So the only thing you can do in this case is educate your users.
47
00:03:37,520 --> 00:03:44,780
So if you have a small group of users you can just have a talk and tell them here look this is an attack
48
00:03:44,780 --> 00:03:45,890
that can be used.
49
00:03:45,890 --> 00:03:50,530
Be careful from it if you get the authenticated or disconnected from your network.
50
00:03:50,540 --> 00:03:55,370
Make sure when you connect that you connect to the same network and make sure that the network you're
51
00:03:55,370 --> 00:03:58,900
connecting to is actually using encryption.
52
00:03:58,910 --> 00:04:00,680
So it's not an open network.
53
00:04:00,950 --> 00:04:07,040
Also tell them never enter the network key in a web interface because as we seen when we're running
54
00:04:07,040 --> 00:04:12,580
the evil twin attack we always ask for the password and a web interface.
55
00:04:12,980 --> 00:04:15,710
So make sure that your users know.
56
00:04:15,770 --> 00:04:19,420
They should never answer the key and a web interface.
57
00:04:19,520 --> 00:04:24,560
And if they already enter the key they'll never be asked for it again unless they clicked on Forgot
58
00:04:24,560 --> 00:04:27,010
the network which they should know.
59
00:04:27,380 --> 00:04:32,990
So to summarize if you want to secure your network from the Ganey got attacks that we've seen so far.
60
00:04:33,020 --> 00:04:39,830
First don't use captive photos implementable Dhupia enterprise if you want a similar functionality to
61
00:04:39,950 --> 00:04:49,910
never use WEP three disable W.P. as for use WPA or WPA too with a complex password of letters characters
62
00:04:49,910 --> 00:04:52,660
numbers and symbols.
63
00:04:52,700 --> 00:04:53,500
5.
64
00:04:53,600 --> 00:04:59,030
Educate your users to make sure they to be victims of a social engineering attack.
7049
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.