Monday, February 6, 2012
Chapter 8
This chapter dealt with security on wireless networks. First, the chapter went through bluetooth hacking. Bluejacking is like spam email that you send other bluetooth users unwanted messages. Bluesnarfing is where an attacker gets access to a wireless device through a bluetooth-enabled device. Wireless LANs (WLANs) are often a point of attack for hackers. Access points have antennas which makes them vulnerable to war drivers and unauthorized attackers nearby who use them to link to a wired network.This can be done with the aid of wireless protocol analyzers to attempt man-in-the-middle attacks and by using interference, such as a 'loud' EM device like a microwave to disrupt access points' signals. Some hackers use rogue access points, or an access point that is setup inside the perimeter of the original WLAN in order to gain access to the network. An evil twin AP is similar, but is setup by an outside user that hijacks traffic from an access point. Countermeasures to WLAN attacks are many. MAC address filtering is used to only allow authorized devices to connect with the network. This can be hacked by someone using a protocol analyzer to substitute their own MAC address for someone else's computer on the network. SSID broadcasts are often used as an attack vector as an attacker simply copies the SSID from a device and, like the MAC address attack, substitutes their own in for an authorized machine at a later time. WEP or wired equivalent privacy is an older method of encrypting data across a WLAN, and thus is vulnerable to attackby hacking the keys the policy uses in its frame encryption algorithm. Temporal key integrity protocol (TKIP) is a method used to help defeat attacks using a 128 bit key instead of a 40 bit key like WEP. it also uses CRC to check for any alteration of individual packets. WPA2 is the second generation of WPA, and it uses AES-CCMP encryption via the advanced encryption standard. It also uses 128 bit encryption, though the key lengths can vary. The last part of the chapter covered some methods to enhance security on a network. First is placing an antenna so as to limit its range to inside the building to keep from attracting wardriving attacks. Another is to use rogue access point detection methods like desktop and access point probes to detect where and when access point hacks have occurred. Third is through the use of VLANs to segment traffic and keep more sensitive data in more secure access levels.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment