Wireless Attacks
Wireless Attacks:
There are several known attacks against the wireless networks. Most can be avoided by using strong security protocols such as WPA2 and CCMP.
Disassociation Attacks:
This attack effectively removes the wireless client from the wireless network. In disassociation attack, attackers send a disassociation frame to the AP with spoofed MAC address of the victim. The AP receives the frame and shutdown the connection. Victim then disconnected from the AP and need to go through the authentication process again to reconnect.
WPS Attack:
WPS is susceptible to the brute force attack. This attack keep trying different PINs until it succeeds. Once it discover the PIN, it can discover the passphrase in both WPA2 and WPA networks.
Rogue AP:
Rogue AP is an AP placed within a network without official authorization. It might be installed by the employee or attacker. Attacker may connect to a rogue access point to network devices in wireless closets that lack adequate physical security. This access point acts as a sniffer to capture traffic passing through the wired network device, and then broadcast the traffic using the wireless capability of AP. The attacker can then capture the exfiltrated data files.
Evil Twin:
An evil twin is a rogue access point with the same SSID as a legitimate access point. An attacker can set up an AP using the same SSID as the public WIFI network, and many users may connect with this evil twin. Once users connect to this evil twin. All traffic goes through this evil twin instead of legitimate AP. Attackers can then create a fake web page to steal the credentials.
Jamming Attack:
Attackers can transmit noise or another radio signal on the same frequency used by the wireless network. This interferes with the transmission and can seriously degrade performance. This type of denial-of-service is known as jamming.
IV Vector:
A wireless initialization vector attack attempts to discover the pre-shared key form the IV. The IV is simple a number. Some wireless protocols use an IV by combining it with pre-shared key to encrypt the data in transit. An IV attack is successful when an encryption system reuse the same IV. Moslty small IV results in reusing the key again.
Wireless Replay Attack:
In a replay attack, an attacker captures data sent between two entities, modifies it, and then attempts to impersonate one of the parties by replaying the data.
Comments
Post a Comment