Академический Документы
Профессиональный Документы
Культура Документы
Wireless Standards
WAP (Wireless Access Point): Wireless Access Point is the point from where the Wireless network signals are generated. Like the Wireless Routers or Switches.
Wireless Standards
SSID (Service Set Identifier): An SSID is the name of a wireless local area network (WLAN). All wireless devices on a WLAN must employ the same SSID in order to communicate with each other. SSID is also known as ESSID (Extended Service Set Identifier)
Wireless Standards
BSSID (Basic Service Set Identifier): A BSSID is the MAC Address (Media Access Control) or Physical Address of the Wireless Access Point or the Wireless Router. This is a unique 48 bit key provided by the manufacturer of the device. It can be in the form of Hexadecimal i.e. 0-9 , A-F. E.g. 00:A1:CB:12:54:9F For checking your cards MAC Address: Start > Run > CMD Write getmac in Command Prompt.
Wireless Standards
Wireless Standards
Beacons: These are the Wireless Packets which are broadcasted to maintain the connectivity with the Wireless Access Point and Client systems. The Wireless Access point broadcasts beacon frames from time to time to check connectivity with the systems. Channel: It is the frequency at with the Wireless Signal travels through air. Data Packets: These are the packets which sent and received for the transfer of data between Wireless Access Point and Client systems. All the data communicated between two Computers travels in the form of Data Packets.
Wireless Standards
Data Packets: These are the packets which sent and received for the transfer of data between Wireless Access Point and Client systems. All the data communicated between two Computers travels in the form of Data Packets.
SSID Solution
Wireless equipment manufacturers use a default Service Set ID (SSID) in order to identify the network to wireless clients. All access points often broadcast the SSID in order to provide clients with a list of networks to be accessed. Unfortunately, this serves to let potential intruders identify the network they wish to attack. If the SSID is set to the default manufacturer setting it often means that the additional configuration settings (such as passwords) are at their defaults as well.
SSID Solution
Good security policy is to disable SSID broadcasting entirely. If a network listing is a requirement for network users then changing the SSID to something other than the default, that does not identify the company or location, is a must. Be sure to change all other default settings as well to reduce the risk of a successful attack.
Wireless Attacks
The Broadcast Bubble
One of the problems with wireless is that the radio waves that connect network devices do not simply stop once they reach a wall or the boundary of a business. They keep traveling into parking lots and other businesses in an expanding circle from the broadcast point, creating a bubble of transmission radiation. This introduces the risk that unintended parties can eavesdrop on network traffic from parking areas or any other place where a laptop can be set up to intercept the signals.
Wireless Attacks
War Driving
War Driving is finding out the Wireless Networks present around the Wireless Card. common war driving exploits find many wireless networks with WEP disabled and using only the SSID for access control. This vulnerability makes these networks susceptible to the parking lot attack, where an attacker has the ability to gain access to the target network a safe distance from the buildings perimeter. WAR Driving is of two types: 1. Active War Driving 2. Passive War Driving
Wireless Attacks
Active War Driving
Active War Driving is detecting the Wireless Networks whose SSIDs are broadcasted or the Wireless Networks which are shown to all the Wireless Adapters. It can be done through any Wireless Card.
Wireless Attacks
Passive War Driving
Passive War Driving is detecting the Wireless Networks whose SSIDs are not Broadcasted or the Hidden Wireless Networks. The Wireless card should support the Monitor Mode for the Passive War Driving.
MAC Spoofing
Even if WEP is enabled, MAC addresses can be easily sniffed by an attacker as they appear in the clear format, making spoofing the MAC address also fairly easy. MAC addresses are easily sniffed by an attacker since they must appear in the clear even when WEP is enabled. An attacker can use those advantages in order to masquerade as a valid MAC address, by programming the wireless card or using a spoofing utility, and get into the wireless network.
WEP Cracking
Wired Equivalent Privacy (WEP) was the first security option for 802.11 WLANs. WEP is used to encrypt data on the WLAN and can optionally be paired with shared key authentication to authenticate WLAN clients. WEP uses an RC4 64-bit or 128-bit encryption key. WEP was fairly quickly found to be crack able. WEP is vulnerable because of relatively short and weak encryption. The security of the WEP algorithm can be compromised.
WEP Cracking
Countermeasures
Hide the Wireless Network Do not broadcast the SSID of the Wireless Network. This will help you in protecting your Wireless being invisible to the people who do not know about Passive War Driving
Countermeasures
Use a Secured Key You can use the WEP Key protection on your Wireless Network to protect your Wireless Network Connection. Although this is not the ultimate security measure but will help you a lot against the Script Kiddies who do not know how to break into the WEP Protection.
Countermeasures
WPA: Wi-Fi Protected Access WPA employs the Temporal Key Integrity Protocol (TKIP)which is a safer RC4 implementationfor data encryption and either WPA Personal or WPA Enterprise for authentication. WPA Enterprise is a more secure robust security option but relies on the creation and more complex setup of a RADIUS server. TKIP rotates the data encryption key to prevent the vulnerabilities of WEP and, consequently, cracking attacks.
Countermeasures
Mac Filtering An early security solution in WLAN technology used MAC address filters: A network administrator entered a list of valid MAC addresses for the systems allowed to associate with the Wireless Access Point.
Countermeasures
Choosing the Best Key Always use a long WPA Key with lower as well as upper case letters including numbers and special characters. A Sample Key: 12345@abcde&FGHI