ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Wireless network attacks and how to prevent them

Updated on September 22, 2011

Wireless networks can be open to active and also passive attacks. These types of attacks include DoS, MITM, spoofing, jamming, war driving, network hijacking, packet sniffing, and many more. Passive attacks that take place on wireless networks are common and are difficult to detect since the attacker usually just collects information. This is the type of attack that google was criticized for doing during its google maps data tours. Active attacks happen when a hacker has gathered information about the network after a successful passive attack.

War driving

Hackers can download freely available war-driving software. Including a program called NetStumbler. These programs help launch passive attacks on a wireless networks. Hackers will use this software to detect an insecure wireless network which has poor security.

Man-in-the-Middle (MITM)

The hacker will place a rogue access point in the range of the existing wireless network. The wireless network users are then not aware that they are connecting to rogue access points, and give over their personal data. Some hackers have even been known to use access points close to a building from their car.

Plain-text attacks

WEP standard is vulnerable to these attacks since it uses the RC4 encryption algorithm. In WEP authentication, the initial verification text is sent in plain text. The RC4 encryption algorithm uses a stream cipher and is known for its vulnerability. It uses a 24-bit IV for both 40- and 128-bit encryption, which is easy to predict. WEP encryption keys can easily be cracked using tools including WEPCrack and AirSnort.

Packet sniffing and eavesdropping

These two common techniques are used to launch attacks on wireless networks. Sniffing is the act of monitoring the network traffic using legitimate network analysis tools. Hackers can use monitoring tools, including AiroPeek, Ethereal, or TCPDump, to monitor the wireless networks. These tools allow hackers to find an unprotected network that they can hack. Your wireless network can be protected against this type of attack by using strong encryption and authentication methods.

Jamming

Jamming is the flooding of radio frequencies with an undesired signal. It results in the unavailability of the required signal to the wireless devices. Since there is so much noise in the air, the valid user cannot pick up the correct signal.

Network hijacking

Network hijacking is when a users active session on the wireless network is taken control of by a hacker. The hacker can insert himself between the network server and the wireless client and from then on any communication that takes place between the hijacker and the client or the server is intercepted.

Denial of Service (DoS)

A DoS attack happens when the legitimate client is stopped from accessing the network resources due to unavailability of the services. This type of attack is normally the work of a collection of bots, or a number of users repeatedly using programs to bombard the website.

Flooding

Hackers can also flood a wireless network using attack methods including ICMP flooding (Ping flooding) and SYN flooding. These just overload the wireless network with data, and then the user can't find a space to squeeze in..

Protecting wireless networks from attacks

Network administrators can take steps to help protect their wireless networks from outside threats and attacks. Some protective measures include some basic common sense, like keeping the drivers of all the software and hardware up to date. Most hackers will be posting details of any loops or exploits online, and once a security hole is found, they will come in bunches to test your network with it. Always change your SSID from the default, before you actually connect the wireless router of the access point. WEP should always be used for wireless networks. Wireless adapters and AP devices should always support 128-bit WEP, MAC filtering, and the disabling of SSID broadcasts. If an SSID broadcast is not disabled on an access point, the use of a DHCP server to automatically assign IP addresses to wireless clients should not be used, Since wardriving software can easily detect your internal IP addressing if the SSID broadcasts are enabled and the DHCP is being used.

If you use Static WEP keys, they should be frequently rotated to so that they are not compromised. The wireless network should be located in a separate network segment. If possible also create a separate perimeter network, sometimes called a Wireless Demilitarized Zone, which is separate from the main network.

Make sure you take site surveys at every corner and the perimeter of your building . This will help detect any other APs near your wireless network. Place any access points in the center of the building; avoid placing them near windows and doors.

Comments

    0 of 8192 characters used
    Post Comment

    • profile image

      malik rizwan 

      6 years ago

      i m a student of bsCs in KOHAT UNIVERSITY OF SCIENCE & TECHNOLOGY.i have an IDEA on PASIVE ATTACKS IN WIRELESS NETWORK THROUGH ACCESS POINT i request u please help me because my proposel defence is healding on 17th may.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)