1 / 30

Shark: A Wireless Internet Security Test Bed

This project aims to enhance wireless network security by providing valuable insights on attackers and methods used, primarily targeting college students and interested community members. The SHARK network serves as a learning tool and data source for security research at ISU. It offers five security levels, utilizing software like Ubuntu, Squid, Apache, MySQL, and WireShark/Ethereal. Additionally, Secure Tunneling via VPN ensures data integrity over unsecured networks with extensible security features. The project is budgeted at $150, focusing on free software applications for traffic analysis, generation, and monitoring.

ehightower
Download Presentation

Shark: A Wireless Internet Security Test Bed

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shark: A Wireless Internet Security Test Bed Senior Design Project May07-09 Stephen Eilers Jon Murphy Alex Pease Jessica Ross

  2. What is SHARK? • SHARK is a wireless security network to be used to study security related issues on wireless networks • Meant to be a tool to teach interested students about wireless security • Also meant to report statistics about attackers and methods used to researchers at ISU

  3. Intended Users • Primary • College students in computer related fields • Most likely ages 18 to 22 and male • Should already know the basics of wireless networking • Most likely uses a UNIX-based OS • Secondary • Interested community members • People around campus looking for a free access point

  4. Intended Uses • Primary • To be used as a learning tool for students • To be used as a means of gaining information about methods of attack

  5. Assumptions • Software shall be freeware • Traffic analyzer should be able to monitor connections, packet traffic, and activity inside of machines hosting WAPs • Traffic generator shall generate authentic traffic • Web server shall be secure • Web server shall log names, emails, and MAC addresses of prospective hackers • There will be five levels of difficulty

  6. Limitations • Wireless access points must be portable • Initial build of SHARK must consist of three or fewer computers • SHARK must be built within a $150 budget

  7. SHARK Node

  8. SHARK – Software • OS - Ubuntu • Linux operating system • Free/Open-source software • Latest distribution in Debian family • Excellent documentation and support • User Interface is easy to use

  9. SHARK – Software • Squid • Web proxy cache • Fairly well documented • Free, open-source software • Supports our needs and more • Allows for use as transparent proxy • Port 80 forwarding on SHARK and all 7-of-9 traffic to web • Rest of traffic on shark, tunneled to virtual Machine

  10. SHARK – Software • Apache • Free, open-source software • Well documented • Used to create local web-server login/registration • Keep track of users • Used to help analyze results • Monitor individuals and their specific techniques • Ability to determine what hardware is in use

  11. SHARK – Software • MySQL • Well documented • Free/Open Source software • Easy to use • Database • Locally used store user login/registration • Store captured data

  12. SHARK – Software • WireShark/Ethereal • Free/Open-Source Software • Well Documented • Experience using software • Network Protocol Analyzer • Uses second wireless card • Captures all traffic on SHARK Network • Attack attempts • Generated traffic

  13. Levels of Security • SHARK has five levels of security • Guppy • No security, used for basic registering on network • Clownfish • WEP security • Swordfish • Rotating WEP security • Barracuda • WPA security • SHARK • RADIUS security • Each level provides statistical data on hacking patterns

  14. 7-of-9 • Off-the-Shelf wireless access point • Provides easy installation of open wireless network • Connects to Hub to provide generic internet access for comparison • Traffic is captured and analyzed on SHARK node.

  15. TrafficGenerator– Baiting the Hook • To break WEP and WPA encryption, attackers must analyze thousands of packets • Not just any packets, but ARP packets • Void11 • Forces the generator to disconnect from the network by generating de-authentication packets • Homebrew daemon • will be running to reconnect the generator to the SHARK network when it gets disconnected • Acting as a normal user

  16. Traffic Generator – Baiting the Hook • Void11 + daemon = ARP flooding • Can produce on average of 75,000 ARP packets/hour • ARP packets contain Initialization Vectors • a block of bits that is required to allow a stream or block cipher executed in any of several streaming modes without having to go through a re-keying process. • Takes 50k – 200k IV’s to crack 64-bit WEP • Takes 200k – 700k IV’s to crack 128-bit WEP • Takes 500k – 1 Million IV’s to crack WPA-PSK

  17. Secure Tunneling VPN Virtual Private Network Provide secure communications over unsecured networks for data integrity Benefits extensible and easy to manage while providing the level of security we desire Downsides if the machine itself is compromised, they have direct access Solution using scripts we are able to “on-the-fly” configure the SHARK box

  18. Secure Tunneling – VPN • One of the only ways to provide a secure and extensible way to access the SHARK machines • Need the ability to create multiple VPN sessions, so a VPN server is required • Multiple solutions available • Point to Point Tunneling Protocol • Layer 2 Tunneling Protocol • Secure Sockets Layer

  19. Electrical View

  20. One external IP Firewall branches Lots of port forwarding Electrical View Pros/Cons

  21. External->Internal 10022(non tunnel) -> Virtualnet(ssh) 10023(non tunnel)-> Smallbox(ssh) 10024(non tunnel)-> Sharkweb(ssh) 80(non tunnel)-> Sharkweb(http) All other tunnel -> Virtualnet All other non tunnel -> dropped Port Forwarding

  22. Machine Breakdown

  23. Sharkweb • OS FreeBSD • Webserver Apache • Web Utilities MySQL, PHP

  24. SmallBox • OS SuSE LINUX • Packet Capture WireShark • Filter Snort • Webserver Apache

  25. Virtualnet • OS Ubuntu • Virtual Machine Manager Xen

  26. Virtual Machine 1(trophy) • OS FreeBSD • Remote Log on SSH • Webserver Apache • Mail Squirrelmail • Programming Gcc, G++

  27. Virtual Machine 2 • OS Debian Linux • Utilities TarPit

  28. Virtual Machine 3 • OS RedHat • Software HoneyD

  29. Design Evaluation Form

  30. Questions?

More Related