[PLUG] brent offers to do a presentation on wifi penetration testing WAS Re: Home wifi access point & router recommendation

[Amul Shah <amul@amulz.com>]

On Jun 24, 2015, at 9:09 PM, brent saner <brent.saner@gmail.com> wrote:

I really with Google Inbox let you properly inline-reply.

http://www.howtogeek.com/176124/wi-fi-protected-setup-wps-is-insecure-heres-why-you-should-disable-it/ is a good introduction to the evils of WPS.

Pay close attention, though- some models give you an option to disable WPS, but *it does nothing*. Nada. Zilch. Exploits against the WPS spec still work fine.

And honestly, I wouldn't even trust the button method either- if someone (aherm.) happened to have a static station and a good card with an external antenna attached (say, an alfa awus036neh, and a directional 9 or 15dB antenna pointed at your AP....), they can push auth packets at your router till the cows come home. As soon as you press that little button, guess whose auth packets get there first? Hint: not who you want.

That's why I always, always flash with OpenWRT. And why I *always* pentest new wireless kit before putting it live on my network.

On that note, would anyone want a wifi pentesting preso or anything like that?

+1 for a presentation on wifi penetration testing

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug