EAGLE EYE Wi-Fi. 1. Introduction



Similar documents
EAGLE EYE IP TAP. 1. Introduction

Introduction on Low level Network tools

Wireless Security: Secure and Public Networks Kory Kirk

Computer Networks CCNA Module 1

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection

Wireless Encryption Protection

CT LANforge WiFIRE Chromebook a/b/g/n WiFi Traffic Generator with 128 Virtual STA Interfaces

Cyber solutions for the fight against crime

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

PC Surveillance. Hacking. Information Exploitation. Information Interception

See Criminal Internet Communication as it Happens.

A Model-based Methodology for Developing Secure VoIP Systems

WiFi Security Assessments

The Benefits of SSL Content Inspection ABSTRACT

Utimaco LIMS Access Points. Realtime Network Monitoring for Lawful Interception and Data Retention

Retrieving Internet chat history with the same ease as a squirrel cracks nuts

Own your LAN with Arp Poison Routing

Wireless Networks. Welcome to Wireless

Computer Networks. Secure Systems

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

SCADA SYSTEMS AND SECURITY WHITEPAPER

WHITE PAPER. The Need for Wireless Intrusion Prevention in Retail Networks

WHITE PAPER. Gaining Total Visibility for Lawful Interception

Wireless LANs vs. Wireless WANs

REPORT & ENFORCE POLICY

Observer Analysis Advantages

Government of Canada Managed Security Service (GCMSS) Annex A-6: Statement of Work - Data Loss Prevention (DLP)

Using MIS 3e Chapter 6A Appendix

Lucent VPN Firewall Security in x Wireless Networks

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Security and privacy in public WLAN networks

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

How To Understand The Internet Of S (Netware)

Cape Girardeau Career Center CISCO Networking Academy Bill Link, Instructor. 2.,,,, and are key services that ISPs can provide to all customers.

Cisco IOS Firewall. Scenarios

Attacking Automatic Wireless Network Selection. Dino A. Dai Zovi and Shane A. Macaulay

Connecting to and Setting Up a Network

Non-intrusive, complete network protocol decoding with plain mnemonics in English

Lab Organizing CCENT Objectives by OSI Layer

Troubleshooting LANs with Wirespeed Packet Capture and Expert Analysis

Proxies. Chapter 4. Network & Security Gildas Avoine

WISE-4000 Series. WISE IoT Wireless I/O Modules

B database Security - A Case Study

Network Security. Network Packet Analysis

Building A Secure Microsoft Exchange Continuity Appliance

Lesson 1 Quiz Certification Partners, LLC. All Rights Reserved. Version 2.0

Lab Module 3 Network Protocol Analysis with Wireshark

CompTIA Network+ (Exam N10-005)

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

Observer Probe Family

Chapter 7: Computer Networks, the Internet, and the World Wide Web. Invitation to Computer Science, C++ Version, Third Edition

EKT 332/4 COMPUTER NETWORK

Observer Analyzer Provides In-Depth Management

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

SearchInform Information Security Perimeter. Contents 1. SENSITIVE DATA PROTECTION: SEARCHINFORM INFORMATION SECURITY PERIMETER...

INTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM

Higher Computing Networking 1

Security Awareness. Wireless Network Security

MN-700 Base Station Configuration Guide

Cover. White Paper. (nchronos 4.1)

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

Network Security. Protective and Dependable. Pioneer of IP Innovation

Chapter 5. Data Communication And Internet Technology

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

Intrusion Detection, Packet Sniffing

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Detecting Threats in Network Security by Analyzing Network Packets using Wireshark

RADIUS. Brief brochure. Product Purpose

Security. TestOut Modules

Networking: EC Council Network Security Administrator NSA

A Protocol Based Packet Sniffer

Topics in Network Security

Cisco IOS Advanced Firewall

Legal Framework to Combat Cyber Crimes in the Region: Qatar as a Model. Judge Dr. Ehab Elsonbaty Cyber Crime expert ehabelsonbaty@hotmail.

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Wireless Day / Night Cloud Camera TV-IP751WIC (v1.0r)

CT LANforge-FIRE VoIP Call Generator

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Key Management (Distribution and Certification) (1)

Wireless PTZ Cloud Camera TV-IP851WC (v1.0r)

Developing Network Security Strategies

Wireless Network Security

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Connecting with Computer Science, 2e. Chapter 5 The Internet

Lab Developing ACLs to Implement Firewall Rule Sets

Section 1 Wireless Packet Captures & Connection Analysis- A Review

Internet Public Network

Huawei WLAN Authentication and Encryption

Figure 41-1 IP Filter Rules

Output Power (without antenna) 5GHz 2.4GHz

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Transcription:

1. Introduction Internet access has become very popular by the emergence of broadband services, and busy yet unregulated Internet traffic causes challenges to administration and management. When it comes to gathering intelligence from public Internet networks the ISP monitoring solution is a time consuming process which may result in loss of critical and vital clues. Tactical Packet Sniffing is one of important ways to preserve evidence. Besides, when ISP side monitoring fails to track the suspect's identity especially if the target is operating from a Cyber Cafe, University campus or Free Wi-Fi zones, tactical sniffing supports a number of monitoring scenarios encountered in public internet networks like Cafes, Restaurants, Airports, Shopping Malls, hotels, airports, etc. EAGLE EYE Wi-Fi The Eagle Eye - Wi-Fi system is intended for intercepting information from Wi-Fi wireless networks, real-time analysis, classification, and storing of the intercepted information. Packet sniffing technology used by the Eagle Eye- Wi-Fi enables to sniff information related to a specific target, such as AP or STA, or all the traffic of one channel or several wireless channels without interfering original network environment. The Eagle Eye - Wi-Fi system can automatically sniff Internet activities, such as Email, Chat, URL and File Transfer (FTP), P2P, Telnet, etc. 1

The Eagle Eye - Wi-Fi can be used in enterprise sector for preventing misusing of network resources, blocking loopholes to avoid leaking confidential information, and monitoring cyber-slackers. The Eagle Eye - Wi-Fi can be a perfect solution for police, military, information investigation and forensic departments as a legal interception tool to crack and track down illegal Internet activities such as illegal betting, transactions, access and activities that may lead to terrorism. 2. Application The Eagle Eye - Wi-Fi can sniff wireless packets (802.11a/b/g) from any available wireless network in its range of coverage. A specific wireless device (AP or STA) or network can be selected for data capturing. Data can be also captured from specific wireless channel. In open wireless network without encryption the Eagle Eye - Wi-Fi system can capture wireless packets, decode and display them immediately in an original format. In wireless network with encryption, such as WEP key, the system can crack a WEP key automatically or manually. Time required for decryption of a WEP key depends on network condition: active or inactive. The more packets are captured, the higher chances are to encrypt the WEP key. Internet STA STA AP STA Eagle Eye-WiFi 2

Tactical Use of the Eagle Eye - Wi-Fi system Eagle Eye - Wi-Fi system can be operated at one lap-top or can be scaled for simultaneous capture of the traffic from several points. The Eagle Eye - Wi-Fi system can be turned into a distributed system for the account of stand alone devices (drones) that transformed traffic capture and its transfer for further centralized processing at the remote server. Drones support all of the capture methods that the Eagle Eye system normally supports, including interception by one drone with multiple capture devices. As drones do not do decode packets, they require minimum hardware. Drones capture wireless data and forward them to the Eagle Eye - MC through a special connection (i.e. wired Ethernet). The Eagle Eye - MC provides a single point of receipt and registration of the intercepted information for all the drones. For this purpose an additional software module is to be installed at the MC. Eagle Eye - Wi-Fi can be fully integrated with monitoring centre for registering and processing information coming from Wi-Fi by means of the MC. Internet AP AP Drone Secure IP tunnel Drone Eagle Eye-MC 3

3. Content Reconstruction Functions First module Eagle Eye - Wi-Fi 802.11 a/b/g LAN Forensics Appliance provides front-end packet collection sub-module and back-end protocol restructured sub-module. This module can act as both wireless LAN detector and sniffer; and the sub-module is used to detect 802.11a/b/g Access Point (AP) and Station (STA) over the layer 2 network communication. The second module acts as a module of restoring and performing forensics, which categorizes the retrieved packet by its wireless nature and restores packet arrangement by sequence, then save the packet. At the same time, it will decipher the categorized packet by known protocol into plain text and store it into database for reference. Content Reconstruction functions support the following protocols: E-mail: POP3, SMTP, IMAP. Instant Message: YAHOO, MSN, ICQ, etc. Website: HTTP Link, HTTP Content. File Transfer Protocol: FTP. Telnet. VoIP: SIP,RTP,H.323, etc. Others. 4. Features Scanning and capturing data of 3 concurrent channels. Capturing full 802.I1 data, management, and control frames. Supports 802.I1a, 802.I1b, and 802.I1g. Microsecond timestamp resolution. Internal antenna and the integrated MC connector for an optional external antenna. Traffic injection. Decryption of WEP encrypted wireless packets. Real-time decryption of WEP/WPA PSK wireless packets using a known key. Full reconstruction of TCP flows in real time based on captured packets. 4

Identification and filtering of layer-7 traffic using a real-time DPI engine. Creating of filters and triggers for registering information. Extraction of application layer metadata and reconstruction of content for the following protocols: a. E-mail: POP3, SMTP, IMAP. b. Instant Message: YAHOO, MSN, ICQ, etc. c. HTTP Content. d. FTP. e. Telnet. f. VoIP: SIP,RTP,H.323. Full IPDR and CDR generation for all network flows. Storage of captured content and metadata in a local DB and transfer of this information to a remote Monitoring Center. WEB-access of the operator to the locally stored content with possibility of viewing, searching and è filtering. Record of traffic in the format enabling to analyze traffic in the Wireshark thereby providing in-depth protocol dissection and trace file analysis capabilities. Operating systems: Windows 2000, 2003, XP, or Vista. 5. Ranges of application The system can be used: To prevent confidentiality disclosure. To prevent a company for being hacked. To protect business right (such as intellectual property etc). To manage wireless traffic and to monitor utilization. To manage wireless network access behavior. To help government and law enforcement agencies such as Police and Military forces to neutralize threats from terrorists and criminals. Legal interception system. 5

6. Benefits Fully-featured portable tactical system for monitoring and analysing the Wi-Fi network traffic at one computer. Support of 802.I1a, 802.I1b, and 802.I1g. WEP/WPA decryption. Monitoring and registration of all traffic of a definite AP, and selective registration of a definite STA or definite content. Secret use in public places. Possibility of operation in a portable version with the same full set of tools for monitoring and analysis as when using distributed stationary posts for monitoring with the single point for collecting and analysing information. 7. Who needs Eagle Eye - Wi-Fi? Business Enterprises (finance and banking sector). Police sector. Forensics and Information Investigation. Lawful Department. 6

EAGLE EYE - Wi-Fi 6, Kostomarovskaya str. 61002 Kharkov, Ukraine Tel./Fax: +38 (057) 766-13-63 e-mail: post@altron.ua http://www.altron.ua

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information