1 00:00:06,840 --> 00:00:08,750 - Eavesdropping is the process 2 00:00:08,750 --> 00:00:10,890 of gathering information from a network 3 00:00:10,890 --> 00:00:14,570 by snooping or sniffing on the transmitted data. 4 00:00:14,570 --> 00:00:19,570 Right? So, and to eavesdrop is actually generally defined 5 00:00:19,800 --> 00:00:23,180 as to secretly overhearing of a private conversation 6 00:00:23,180 --> 00:00:27,690 over a confidential com communication without authorization. 7 00:00:27,690 --> 00:00:30,440 So the information actually remains intact 8 00:00:30,440 --> 00:00:33,280 but its privacy is compromise. 9 00:00:33,280 --> 00:00:34,300 So for example, here 10 00:00:34,300 --> 00:00:36,550 I actually have a kind of funny example, right? 11 00:00:36,550 --> 00:00:39,470 So I have Batman in one side trying to communicate 12 00:00:39,470 --> 00:00:41,180 with Superman on the other side. 13 00:00:41,180 --> 00:00:42,990 And then Lex Luther is 14 00:00:42,990 --> 00:00:46,340 in the middle secretly spine on the conversation, right? 15 00:00:46,340 --> 00:00:48,820 So this type of attack right 16 00:00:48,820 --> 00:00:51,580 is called a man in the middle attack. 17 00:00:51,580 --> 00:00:53,570 Right. And you can actually do this 18 00:00:53,570 --> 00:00:55,720 to eavesdropping the conversation. 19 00:00:55,720 --> 00:00:57,140 And also man in the middle of attacks 20 00:00:57,140 --> 00:01:00,240 also impersonate traffic or inject traffic 21 00:01:00,240 --> 00:01:01,960 just like we cover in the previous lesson. 22 00:01:01,960 --> 00:01:03,725 Right? So for example 23 00:01:03,725 --> 00:01:07,630 you can configure a rogue access point to 24 00:01:07,630 --> 00:01:10,150 imitate a legitimate access point. 25 00:01:10,150 --> 00:01:11,940 And then once the client is actually connected 26 00:01:11,940 --> 00:01:13,490 to the rogue access point 27 00:01:13,490 --> 00:01:16,010 you can then read any unencrypted data, right? 28 00:01:16,010 --> 00:01:19,470 So where the user is actually going emails that are sent 29 00:01:19,470 --> 00:01:22,690 in the clear and also do more sophisticated attacks, right? 30 00:01:22,690 --> 00:01:27,120 So that's what we call evil twin attacks, right? 31 00:01:27,120 --> 00:01:30,350 And you will learn how to perform evil twin attacks 32 00:01:30,350 --> 00:01:33,010 which is actually the impersonation of this access point 33 00:01:33,010 --> 00:01:36,710 and other men in the middle of attacks later in this course. 34 00:01:36,710 --> 00:01:39,780 Now you can also use war driving, right? 35 00:01:39,780 --> 00:01:43,520 And war driving is the operation of actually tracking 36 00:01:43,520 --> 00:01:47,500 and accessing wireless access point while moving. 37 00:01:47,500 --> 00:01:49,410 Right? So you actually, that's the reason 38 00:01:49,410 --> 00:01:52,210 that this is war driving and there's many other concepts 39 00:01:52,210 --> 00:01:57,080 like war walking and you know, even chalking, there's a lot 40 00:01:57,080 --> 00:02:00,070 of terms, you know, for basically the same operation, right? 41 00:02:00,070 --> 00:02:01,790 So this is actually done in order 42 00:02:01,790 --> 00:02:04,244 for you to obtain the data that is transmitted 43 00:02:04,244 --> 00:02:08,290 by these wifi signals and then only, you know 44 00:02:08,290 --> 00:02:11,090 the only available way to actually fight eavesdropping. 45 00:02:11,090 --> 00:02:13,860 And these techniques is by encryption. 46 00:02:13,860 --> 00:02:17,240 So, in the technique of war driving, a lot of people 47 00:02:17,240 --> 00:02:20,300 actually, what they have done is they have, you know 48 00:02:20,300 --> 00:02:23,630 long range antennas and literally either through their car 49 00:02:23,630 --> 00:02:26,840 or just walking by, they actually are eavesdropping or 50 00:02:26,840 --> 00:02:30,600 or capturing, you know, basically doing packet captures 51 00:02:30,600 --> 00:02:32,930 in all the communications on all the frames 52 00:02:32,930 --> 00:02:33,890 in the wireless network. 53 00:02:33,890 --> 00:02:38,500 Right? So if for some reason the communication 54 00:02:38,500 --> 00:02:41,345 was actually unencrypted, of course, you're gonna see that 55 00:02:41,345 --> 00:02:46,345 that also can be used to attack things like web 56 00:02:46,500 --> 00:02:49,550 for example, as a matter of fact, if you actually go 57 00:02:49,550 --> 00:02:52,070 to the DEFCON, you know, hacking conference, which actually 58 00:02:52,070 --> 00:02:54,930 I go every year and I invite you to, you know, probably 59 00:02:54,930 --> 00:02:57,160 you know, at least have the experience to 60 00:02:57,160 --> 00:02:58,810 actually go, you know, it's a pretty massive 61 00:02:58,810 --> 00:03:02,040 conference. And one of the things that they 62 00:03:02,040 --> 00:03:03,420 actually do there is 63 00:03:03,420 --> 00:03:06,260 that they have, you know, I will not say a competition 64 00:03:06,260 --> 00:03:07,906 but it's actually a tradition of people 65 00:03:07,906 --> 00:03:10,677 with a whole bunch of different wireless access points 66 00:03:10,677 --> 00:03:13,170 or a different, you know, wifi pineapples. 67 00:03:13,170 --> 00:03:15,480 And you're gonna learn what are pineapples later in the 68 00:03:15,480 --> 00:03:17,910 in the course, what they actually do is they 69 00:03:17,910 --> 00:03:22,210 create this massive collection of those, you know 70 00:03:22,210 --> 00:03:26,140 antennas and, you know, adapters and devices 71 00:03:26,140 --> 00:03:28,620 And they actually start sniffing all the traffic 72 00:03:28,620 --> 00:03:31,060 for all the communications that are actually happening. 73 00:03:31,060 --> 00:03:33,782 And in this case, you know, DEFCON is in, in Vegas. 74 00:03:33,782 --> 00:03:36,540 So everything that's actually going, you know 75 00:03:36,540 --> 00:03:38,330 adjacent to that venue. 76 00:03:38,330 --> 00:03:39,864 Right? So anything that's actually going 77 00:03:39,864 --> 00:03:42,090 in that Las Vegas strip. 78 00:03:42,090 --> 00:03:43,230 Now, as I mentioned before 79 00:03:43,230 --> 00:03:46,680 the only available way to fight eavesdropping 80 00:03:46,680 --> 00:03:49,350 and these techniques are, you know, with encryption 81 00:03:49,350 --> 00:03:51,120 of course, encryption, depending on the level 82 00:03:51,120 --> 00:03:53,710 of encryption that you have, it can be defeated. 83 00:03:53,710 --> 00:03:55,930 And you're gonna see some examples later 84 00:03:55,930 --> 00:03:58,840 with web and WPA, but guess what? 85 00:03:58,840 --> 00:04:01,450 Right? Even the bad guys taking encryption 86 00:04:01,450 --> 00:04:03,420 as an advantage, like for example 87 00:04:03,420 --> 00:04:07,510 they can compromise the system and then ex filtrate data 88 00:04:07,510 --> 00:04:10,400 over the wireless network using encryption. 89 00:04:10,400 --> 00:04:12,570 So that means that data loss 90 00:04:12,570 --> 00:04:16,210 preventions or DLP devices or IPS devices 91 00:04:16,210 --> 00:04:18,990 or intrusion prevention systems cannot detect it. 92 00:04:18,990 --> 00:04:21,930 Right. So they can also use this for command 93 00:04:21,930 --> 00:04:24,913 and control communications of compromised systems.