Black Hat Briefings, Las Vegas 2005 [audio] Presentations From The Security Conference

At DefCon 11, a rogue access point setup utility named "Airsnarf" was presented by the Shmoo Group. Two years later, "Evil Twin" access points have made it to Slashdot and news.google.com. Who would have thought TSG could get away with the easy rogue AP attacks for so long? Note to Shmoo: Next time, put the word "evil" in the title of your presentation for mass appeal and acceptance. Oh, rock on--it WORKED! Wireless n00b? No problem0. This talk starts off with the basics. Wireless insecurity basics. Rogue AP basics. How your wireless users are basically screwed. Etc. If you read about "Evil Twin" access points earlier this year, you will actually see how easy it is to build your own. However, this talk quickly moves on to more advanced attacks and trickery with rogue APs, including: gathering intel beyond usernames / passwords, getting around WEP and WPA-PSK protected networks, integrating RADIUS with your rogue AP, abusing vulnerable EAPs, rogue AP backend bridging, and real-time abuse of two-factor authent