« earlier    

Warning: Encrypted WPA2 Wi-Fi Networks Are Still Vulnerable to Snooping
It’s quite easy for someone to monitor this encrypted traffic. All they need is:

The passphrase: Everyone with permission to connect to the Wi-Fi network will have this.
The association traffic for a new client: If someone is capturing the packets sent between the router and a device when it connects, they have everything they need to decrypt the traffic (assuming they also have the passphrase, of course). It’s also trivial to get this traffic via “deauth” attacks that forcibly disconnect a device from a Wi_Fi network and force it to reconnect, causing the association process to happen again.
Really, we can’t stress how simple this is. Wireshark has a built-in option to automatically decrypt WPA2-PSK traffic as long as you have the pre-shared key and have captured the traffic for the association process.
wpa2  cybersecurity  crypto 
yesterday by bwiese
Decrypt WPA2-PSK using Wireshark | mrn-cciew
Now you have to go to “Edit -> Preferences -> Protocol -> IEEE 802.11” & need to “Enable Decryption” checkbox. Then click on Edit “Decryption Keys” section & add your PSK by click “New“.  You have to select Key-type as “wpa-pwd” when you enter the PSK in plaintext.

If you enter the 256bit encrypted key then you have to select Key-type as “wpa-psk“.If you want to get the 256bit key (PSK) from your passphrase, you can use this page. It use the following formula to do this conversion
wireshark  cybersecurity  wpa2  crypto 
yesterday by bwiese
man in the middle - Why crack WEP or WPA/WPA2 PSK when it can be sniffed through monitor mode capture? - Information Security Stack Exchange
Your point 2 is a bit inaccurate. The PTK is never sent over the air in WPA; it is computed from the PMK, an AP nonce, a client nonce, the AP MAC address, and the client MAC address (this is "key exchange", but the PTK never gets transmitted). Without the PMK, an attacker who sniffs the data can't discover the PTK without doing a brute-force attack (essentially, the client sends a MAC with their nonce, using a key which is part of the PTK; the attacker tries various passphrases, computes PMK and PTK using those passphrases, and then verifies the MAC). So the attacker can sniff the handshake, but it doesn't really help them with things that aren't brute-force.
wpa2  cybersecurity 
yesterday by bwiese
Outages show the need to think clearly about national security | PolicyTracker: Dec 2018
"On Thursday, millions of smartphone users in the UK lost their data services after the O2 network suffered technical problems. While the problem only lasted a day, it was one of the biggest mobile network outages because it hit the many external services that rely on the operator’s data network."

"The blackout raises questions over the future of mission-critical applications. What will happen when 5G networks underpin a country’s water supply, electricity grid, emergency services and even self-driving cars?"

"Isn’t it time for an evidence-based approach to the security of networks, based on independent testing of equipment from companies which are prepared to cooperate? Anything else looks suspiciously like a backdoor way of damaging potential competitors."
PolicyTracker  cyber-spectrum  cybersecurity  cellular 
yesterday by pierredv
Your USB Serial Adapter Just Became a SDR | Hackaday, Dec 2018
"With a Python script, a length of wire attached to the TX pin, and a mastery of the electron that we mere mortals can only hope to achieve, [Ted] has demonstrated using a common USB to serial adapter as an SDR transmitter."
hacking  SDR  cybersecurity  USB  RF 
5 days ago by pierredv
Teaching Cybersecurity Law and Policy: My Revised 62-Page Syllabus/Primer - Lawfare
Cybersecurity law and policy is a fun subject to teach. There is vast room for creativity in selecting topics, readings and learning objectives. But that same quality makes it difficult to decide what to cover, what learning objectives to set, and which reading assignments to use. 

With support from the Hewlett Foundation, I’ve spent a lot of time in recent years wrestling with this challenge, and last spring I posted the initial fruits of that effort in the form of a massive “syllabus” document.  Now, I’m back with version 2.0.
policy  cybersecurity  syllabus 
6 days ago by wck
SSL/TLS inspection (MITM proxy) : networking
Chrome does not perform pin validation when the certificate chain chains up to a private trust anchor. A key result of this policy is that private trust anchors can be used to proxy (or MITM) connections, even to pinned sites. “Data loss prevention” appliances, firewalls, content filters, and malware can use this feature to defeat the protections of key pinning.

We deem this acceptable because the proxy or MITM can only be effective if the client machine has already been configured to trust the proxy’s issuing certificate — that is, the client is already under the control of the person who controls the proxy (e.g. the enterprise’s IT administrator). If the client does not trust the private trust anchor, the proxy’s attempt to mediate the connection will fail as it should.
chrome  cybersecurity  tls  mitm  ssl  network  monitoring 
6 days ago by bwiese

« earlier    

related tags

2011  2013  a  advice  ai  alphabet  analysis  analytics  anecdote  apt  artificialintelligence  atlantic  attack  australia  automotive  behavioraleconomics  bgp  blog  bloomfilter  botnet  bots  bro  business  c++  c  car  cats  cell  cellular  cgap  challenge  cheatsheet  chess  chief:  china  chrome  chronicle  cis3360  ckc  cloud  communication  compromise  computer  comsec  conference  crypto  csirt  cyber-spectrum  cyber  cyberlaw  cyberpeace  cybersec  cybersecurity  cyberthreatintel  cypto  databreach  definition  dfir  dhs  dns  doc  dod  dogs  edr  education  election2018  encryption  eventlogs  exploit  f35  facebook  fbi  fingerprint  first  framework  fuzzing  g20  gartner  gif  github  gmail  google  gop  government  govtech  hack  hacker  hacking  have  heckawi  history  hjd  house  howto  http  humor  identity-theft  in  infosec  instagram  intelligence  internet  ioc  iot  isis  it  ja3  japan  japan’s  justice  kevinmccarthy  knowledge_base  language  leadership  life”  location  lockheedmartin  mandala  manipulation  marriott  military  mitm  mitre  mobile  monitoring  my  netflow  netneutrality  network  netyak  never  news  npm  nrcc  nsa  ntia  nyt  paris  passport  password  paulryan  pentest  phones  playground  policy  policytracker  politico  politics  presentation  printer  privacy  programming  python  rail  reference  republican  resilience  rf  routers  russia  safety  sans  scrm  sdr  security  siliconvalley  smtp  software  spam  spectrum  splunk  ssh  ssl  starwood  stevescalise  strategy  supplychain  suricata  sydney  sydneytrains  syllabus  symantec  synopsys  techliteracy  terrorism  threathunting  tls  tokyo  training  trains  twitter  ueba  upnp  usa  usb  usecasae  used  video  vulnerability  web  windows  wireshark  wordpress  wpa2  ww2  “i 

Copy this bookmark: