This section of the website provides lectures, and activities that do not involve special tools.
The current contents are:
Any questions or comments should be directed to: The creator's email
Being able to convert from Base 2 to Base 10 to Base 16 and back is a critical skill in networking because many tasks such as subnet allocation, mask calculation, and reverse mask calculation are based on this skill. These slides and videos teach students how to do this.
Decimal to binary and back:
Conversion to hexadecimal and back:
The current contents are:
Any questions or comments should be directed to: The creator's email
The exercise here introduces students to basic networking commands common to computers across operating systems. The exercise is based on the Windows operating system. Equivalent commands in other operating systems are presented in the table.
| Operating System | |||
|---|---|---|---|
| Concept | Windows 10 | MacOSX | Linux |
| IP Configuration | ipconfig |
Use Network Utility. The app exists somewhere on your Mac.
Where it is depends on the version of MacOSX you have.
Apple likes to keep it hidden. The routing table should be under netstat. |
ifconfig ip address show ip link show dhclient -v -r wlan0 (to renew the IP address on a WiFi network) |
| Ping (ICMP) | ping | ping | |
| Traceroute | tracert | traceroute | |
| Address Routing Protocol app | arp | arp | |
The current contents are:
Any questions or comments should be directed to: The creator's email
We discuss three topics here. The difference between Data Terminal Equipment (DTE), Physical Data Communication Equipment (DCE) and Internet DCE, and how this matters for cabling reasons. We also discuss the idea of IP addresses, reserved IP addresses and introduce the concept of submasks. Finally, we talk about the difference between IPv4 and IPv6 and why most of the world still uses IPv4.
The current contents are:
Any questions or comments should be directed to: The creator's email
These are some difficult topics. We discuss:
The current contents are:
Any questions or comments should be directed to: The creator's email
These slides introduce students to the concept of routing tables, interior gateway routing, i.e., routing within an organization (including providing a very brief overview of EIGRP, OSPF and IS-IS) and reverse subnet masks.
I don't discuss the Djikstra Routing Algorithm. I don't see the point. The modern router handles the routing for you and how it does it is really beyond your control. All you need to know is that the organization should have one interior gateway routing protocol, and if there is more than one that you need to redistribute the information and how to read the routing table to look for problems.
The current contents are:
Any questions or comments should be directed to: The creator's email
This module introduces the concept of the Internet and the 4 layer Internet model. It also introduces Shannon's model of communication, ASCII and Unicode.
The current contents are:
Any questions or comments should be directed to: The creator's email
The focus of this webpage is the common method for hacking a specific kind of WiFi, WPA2-PSK. This is the kind of WiFi typically found in the home, or provided by businesses to customers (e.g., at a restaurant). There are weaker forms of WiFi security like WEP and stronger forms like WPA2-Enterprise.
I am not discussing weaker forms of security, because they are trivially hackable. Wifite, the cracking software I discuss at the end of this webpage, can break WEP without problems.
The standard way of hacking WPA2-Enterprise employs a man-in-the-middle attack with a fake access point and RADIUS server. So, the standard approach to WPA2-Enterprise isn't so much about just monitoring airwaves as it is an active, planned interception.
This web page describes a technical hack of WPA2-PSK. In reality, the easiest way of obtaining access to a WPA2-PSK network is to just ask someone who already knows how to get on. By definition, WPA2-PSK networks have weak security, because they have pre-shared keys (PSK). Any secret known by more than one person is not a secret.
The key weakness of WPA2-PSK is a whole bunch of people have to send the access point the same password. As long as that password can be intercepted and reverse engineered, the attacker has access. The standard attack on WPA2-PSK therefore involves:
Cracking the password is done in the same way as just about every modern password cracking problem. One either uses a brute force attack, or dictionary attack.
In WPA2-PSK, the password is sent from the client to the access point in two ways. During the initial communication, the password is shared via an elaborate protocol called Extensible Authentication Protocol over LAN (EAPoL). There is a four-way handshake that occurs where both parties create secrets that they tell each other to encrypt the password. The key point about EAPoL is the interception of the password requires the attacker to capture the entire EAPoL 4-way handshake. If any part is not captured, the password can't be obtained.
EAPoL is an elaborate, and therefore, slow protocol. It is possible for a client to leave the WiFi range of the access point and then reconnect. When this happens, the slowness of EAPoL is undesirable. To overcome this, when the client is first authenticated, the access point issues the client with a pairwise master key (PMK) ID. The PMKID is used in all subsequent connections and contains the WPA2 password.
Accordingly, intercepting WPA2-PSK passwords involves either intercepting the EAPoL or the PMKID. One way to intercept the PMKID is to jam the client temporarily, thereby forcing the client off the network. The client reconnects to the network, and when it does so, sends the PMKID.
The easiest tool I have found to do WPA2-PSK hacking is wifite. Strictly speaking, wifite isn't in itself a hacking tool, but is a user interface on top of the actual hacking tools (e.g., aircrack-ng).
To use wifite, you need a monitor-capable WiFi network adapter. The WiFi adapters on most personal computers, including Intel, AMD, ARM..., i.e., those running Windows, MacOS or a flavor of Linux have monitor mode disabled, and so you need to buy a special adapter. I personally use network adapters sold by Alfa. These are inexpensive- less than USD 50. You can splurge and buy more sophisticated tools like the pineapple.
Wifite will first detect networks in your vicinity. You then select which network to attack. Wifite then checks which devices are connected and monitors the network. It attempts to intercept EAPoL communications from new devices and attempts to kick out old devices to get the PMKID.
Once the password is intercepted, Wifite then attempts to break the password using a dictionary attack. The password can also be exported to be used by another password hacking tool like hashcat.
Any questions or comments should be directed to: The creator's email