In this article we will look at different attacks on wireless networks that can be performed and general guidelines for protection against those attacks.
Watch this video to learn about attacks on wireless networks:
Penetration of a wireless network through unauthorized access is termed as wireless cracking. Availability of various tools made it less sophisticated for performing different methods to crack WLANs. The traditional techniques of attacks on wireless networks are:
Sniffing: It is eavesdropping on the network and is the simplest of all attacks. Sniffing is the simple process of intercepting wireless data that is being broadcasted on an unsecured network. Also termed as passive reconnaissance technique, it gathers the required information about the active/available Wi-Fi networks. The attacker installs a sniffer and performs the following activities:
- Passive scanning of wireless network
- Detection of SSID
- Collecting the MAC address
- Collecting the frames to crack WEP
Spoofing: The primary objective of this attack is to masquerade oneself as a legitimate entity to gain unauthorized access to a service. Initially the attacker uses specialized software for scanning available wireless networks. Then using the tool, the attacker gathers the MAC addresses and IP addresses of the clients using the network. Later the attacker can use these details to pretend as a legitimate user in the network and perform malicious activities.
MAC address Spoofing: It is a technique in which the Media Access Control (MAC) address of a networked device can be changed to the address of another device. This allows attacker to bypass the access control lists at the server or a router. If a router follows MAC filtering for access, an attacker can easily bypass it by using MAC address spoofing technique.
IP Spoofing: In this technique the attacker sends packets by modifying the IP address of the sender with another device’s IP address. The goal of this technique is to hide or conceal the real sender or make the receiver think that it is communicating with a valid device on the network. The attacker typically uses tools to modify the header of the packets to spoof the IP address.
Frame Spoofing: The attacker injects the frames such that the source address is carefully spoofed and which are valid as per 802.11 specifications. Frames themselves are not authenticated in 802.11 networks and hence they cannot be detected easily.
Denial of Service (DoS): Same as explained here.
Man-In-The-Middle (MITM) attack: Consider two entities A and B communicating with each other in a wireless network. Now, the attacker X comes in between A and B and eavesdrops on the traffic sent and received between A and B. There are several techniques that can be used by the attacker X to come in between A and B. Some of the techniques are: ARP poisoning, DNS spoofing, or evil twin attack.
Encryption Cracking: The first for securing communication in a wireless network is to use strong encryption mechanism. The old generation encryption standard for wireless communications was WEP and it is later replaced with WPA. Both WEP and WPA can be cracked. Attackers can use sophisticated tools to gather encryption keys and crack them to see the plain text. Current standard in most of the wireless networks is WPA2.
Following measures helps to strengthen the security of a wireless network:
- Change the default configurations of all networking devices (like usernames and passwords)
- Enable WPA2 encryption
- Change the default SSID
- Enable MAC address filtering
- Disable remote login
- Disable SSID broadcast
- Disable the features that are not used in the AP (e.g. printing, file sharing, etc)
- Avoid providing easily guessable SSIDs
- Connect only to secured wireless network
- Upgrade router’s firmware periodically
- Assign static IP addresses to devices
- Enable firewall on computers and on the router
- Position the router or AP safely
- Turn off networking when not in use
- Periodically monitor wireless network security
Suryateja Pericherla, at present is a Research Scholar (full-time Ph.D.) in the Dept. of Computer Science & Systems Engineering at Andhra University, Visakhapatnam. Previously worked as an Associate Professor in the Dept. of CSE at Vishnu Institute of Technology, India.
He has 11+ years of teaching experience and is an individual researcher whose research interests are Cloud Computing, Internet of Things, Computer Security, Network Security and Blockchain.
He is a member of professional societies like IEEE, ACM, CSI and ISCA. He published several research papers which are indexed by SCIE, WoS, Scopus, Springer and others.
Leave a Reply