Seven Deadliest Wireless Technologies Attacks
By Brad Haines
()
About this ebook
The book contains seven chapters that cover the following: infrastructure attacks, client attacks, Bluetooth attacks, RFID attacks; along with attacks on analog wireless devices, cell phones, PDAs, and other hybrid devices. One chapter deals with the problem of bad encryption. It demonstrates how something that was supposed to protect communications can end up providing less security than advertised.
This book is intended for novices and anyone in a technical role either as the family tech support to corporate IT managers. It also assumes some familiarity with basic networking and computer use.
Attacks detailed in this book include:
- 802.11 Wireless-Infrastructure Attacks
- 802.11 Wireless-Client Attacks
- Bluetooth Attacks
- RFID Attacks
- Analog Wireless Device Attacks
- Bad Encryption
- Attacks on Cell Phones, PDAs and Other Hybrid Devices
Brad Haines
Brad "RenderMan" Haines, Contributing Author to RFID Security (ISBN: 978-1-59749-047-4, Syngress) and Kismet Hacking (ISBN: 978-1-59749-117-4, Syngress), is chief researcher of Renderlab.net and co-refounder of "The Church of WiFi" wireless think tank. He currently operates his own consulting company in Edmonton, Alberta, Canada, providing wireless performance and security assessment services for a variety of clients both large and small. A noted expert in the hacker community in the field of wireless security, he has spoken at many international conferences such as Black Hat and DEFCON and taught several classes on free wireless assessment tools. He has also contributed over time to many wireless security tools such as the Kismet wirelss sniffer and coWPAtty.
Related to Seven Deadliest Wireless Technologies Attacks
Related ebooks
Hacking and Penetration Testing with Low Power Devices Rating: 2 out of 5 stars2/5Mobile Malware Attacks and Defense Rating: 5 out of 5 stars5/5Practical Anonymity: Hiding in Plain Sight Online Rating: 3 out of 5 stars3/5#HACKED: 10 Practical Cybersecurity Tips to Help Protect Personal or Business Inform Rating: 0 out of 5 stars0 ratingsProfessional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab Rating: 4 out of 5 stars4/5Placing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects Rating: 0 out of 5 stars0 ratingsWireless Reconnaissance in Penetration Testing Rating: 0 out of 5 stars0 ratingsNinja Hacking: Unconventional Penetration Testing Tactics and Techniques Rating: 4 out of 5 stars4/5Hack Proofing Your Network Rating: 0 out of 5 stars0 ratingsBotnets: The Killer Web Applications Rating: 5 out of 5 stars5/5Hacking Wireless Access Points: Cracking, Tracking, and Signal Jacking Rating: 0 out of 5 stars0 ratingsWireshark & Ethereal Network Protocol Analyzer Toolkit Rating: 0 out of 5 stars0 ratingsExecuting Windows Command Line Investigations: While Ensuring Evidentiary Integrity Rating: 0 out of 5 stars0 ratingsPenetration Testing with Raspberry Pi Rating: 5 out of 5 stars5/5Snort Intrusion Detection and Prevention Toolkit Rating: 5 out of 5 stars5/5Digital Forensics: Threatscape and Best Practices Rating: 0 out of 5 stars0 ratingsCybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats Rating: 3 out of 5 stars3/5Advanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics (English Edition) Rating: 0 out of 5 stars0 ratingsData Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols Rating: 5 out of 5 stars5/5Practical Cyber Forensics: An Incident-Based Approach to Forensic Investigations Rating: 0 out of 5 stars0 ratingsInfoSecurity 2008 Threat Analysis Rating: 0 out of 5 stars0 ratingsSnort Intrusion Detection 2.0 Rating: 4 out of 5 stars4/5Kismet Hacking Rating: 0 out of 5 stars0 ratingsStealing The Network: How to Own the Box Rating: 4 out of 5 stars4/5Asterisk Hacking Rating: 0 out of 5 stars0 ratingsThe Home Security Handbook: Expert Advice for Keeping Safe at Home (And Away) Rating: 0 out of 5 stars0 ratingsSeven Deadliest Unified Communications Attacks Rating: 0 out of 5 stars0 ratingsWarDriving and Wireless Penetration Testing Rating: 5 out of 5 stars5/5How to Cheat at Configuring Open Source Security Tools Rating: 0 out of 5 stars0 ratingsBlack Hat Physical Device Security: Exploiting Hardware and Software Rating: 0 out of 5 stars0 ratings
Information Technology For You
How To Use Chatgpt: Using Chatgpt To Make Money Online Has Never Been This Simple Rating: 0 out of 5 stars0 ratingsHow to Write Effective Emails at Work Rating: 4 out of 5 stars4/5CompTIA A+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1101 Rating: 0 out of 5 stars0 ratingsCreating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Summary of Super-Intelligence From Nick Bostrom Rating: 5 out of 5 stars5/5CompTIA Network+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam N10-008 Rating: 0 out of 5 stars0 ratingsThe Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5ChatGPT: The Future of Intelligent Conversation Rating: 4 out of 5 stars4/5Supercommunicator: Explaining the Complicated So Anyone Can Understand Rating: 3 out of 5 stars3/5An Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5Linux Command Line and Shell Scripting Bible Rating: 3 out of 5 stars3/5Inkscape Beginner’s Guide Rating: 5 out of 5 stars5/5Computer Science: A Concise Introduction Rating: 4 out of 5 stars4/5Handbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5Practical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Data Governance For Dummies Rating: 0 out of 5 stars0 ratingsComputer Organization and Design: The Hardware / Software Interface Rating: 4 out of 5 stars4/5Health Informatics: Practical Guide Rating: 0 out of 5 stars0 ratingsCybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1 Rating: 0 out of 5 stars0 ratingsWindows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Rating: 4 out of 5 stars4/5Data Analytics for Beginners: Introduction to Data Analytics Rating: 4 out of 5 stars4/5SharePoint Designer Tutorial: Working with SharePoint Websites Rating: 1 out of 5 stars1/5CompTIA ITF+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsPanda3d 1.7 Game Developer's Cookbook Rating: 0 out of 5 stars0 ratingsBeginner's Guide to Information Security Rating: 0 out of 5 stars0 ratingsHacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5ARDUINO PROGRAMMING FOR BEGINNERS: Tips and Tricks for the Efficient Use of Arduino Programming Rating: 0 out of 5 stars0 ratings
Reviews for Seven Deadliest Wireless Technologies Attacks
0 ratings0 reviews
Book preview
Seven Deadliest Wireless Technologies Attacks - Brad Haines
risk.
CHAPTER 1
802.11 Wireless – Infrastructure Attacks
Publisher Summary
Wired Equivalent Privacy (WEP) is the original encryption scheme included in the 802.11b wireless standard from 1997. WEP is based on the RC4 stream cipher algorithm, and as with any stream cipher, identical keys must not be used. The initialization vector (IV) changes with each packet and eventually repeats, giving an attacker, two packets with identical IVs. The counter used for IVs in the previous years was 24 bits long, which on a fairly busy network meant that there was a good chance that after 5,000 packets, an IV would be repeated, yielding an IV collision where two packets were encrypted with the same key, thus providing a basis for cryptanalysis. The advent of the ARP replay attack really shortened the time needed to perform an attack. The ARP replay attack is where an encrypted ARP packet is captured from a network and retransmitted back to the access point (AP), which in turn sends back another ARP packet with a different IV. There are many tools available that break WEP, but the most popular is Aircrack-ng. Wi-Fi Protected Access2 (WPA2) (also known as 802.11i) is the final and more secure version of WPA. WPA2 uses Advanced Encryption Standard as its stream cipher, which is vastly more secure but requires resources only found on the newer generations of APs and is not available on older equipment.
Information in This Chapter
• How Wireless Networks Work
• Case Study: TJX Corporation
• Understanding WEP Cracking
• How to Crack WEP
• It Gets Better and Worse
• WPA and WPA2 in a Nutshell
• How to Crack WPA PSK and WPA2 PSK
Just about every new laptop that hits the market today has an 802.11 network card built in. It’s a technology that has become ubiquitous in our lives, and we can hardly remember a time when it wasn’t part of our days. It’s a technology that has grown in terms of speed and range to provide the capability to be connected to the Internet from anywhere in our homes or businesses.
This widespread technology would also very quickly become quite an issue from a security perspective. Users quickly demanded to cut the cable
and be able to access the network from anywhere in the office. Home users were quick to adopt the technology to work from the kitchen, the couch, or (more oddly) the bathroom. This intense push led to a lot of overworked and underpaid information technology (IT) administrators and neighborhood computer know-it-alls to install wireless networks without properly understanding the security risks involved. These early networks would continue to just work
with users not realizing that the security arms race caught up with them and even passed them, making them prime targets for attack.
In November 2003, Toronto, Ontario, police held a press conference to announce a (at the time) new and unusual crime.A The police report indicates that at around 5:00 A.M. an officer noticed a car slowly driving the wrong way down a one-way street in a residential neighborhood. The officer pulled the car over, and when he walked up to the driver, he was greeted with several disturbing sights. The driver was first of all not wearing any pants, which is probably disturbing in and of itself, but more alarmingly, on the passenger seat was a laptop clearly displaying child pornography. The driver had been using open wireless networks in the area to obtain Internet access to download child pornography, unbeknownst to the owners of those networks. The owners were victims themselves, twice. First, they were victims of theft of service since their communications had to compete for bandwidth with the traffic of the unauthorized user. Second, they were victimized because, for all intents and purposes, the child pornography was being downloaded through their connection. Any digital trail left would lead back to them, potentially exposing them to false accusations of downloading child pornography themselves and all the emotional and financial damage that accusation can bring. The suspect’s home was searched as a result, and 10 computers and over 1,000 CDs worth of illegal material were