ScholarQuill logoScholarQuillUniversity Notes
  • Notes
  • Past Papers
  • Blogs
  • Todo
Login
ScholarQuill logoScholarQuillUniversity Notes
Login
NotesPast PapersBlogsTodo
More
SubjectsDiscussionCGPA CalculatorGPA CalculatorStudent PortalCourse Outline
About
About usPrivacy PolicyReportContact
Notes
Past Papers
Blogs
Todo
Analytics
    Current Subject
    🧩
    Cyber Security
    ITEC3125
    Progress0 / 39 topics
    Topics
    1. Introduction: Fundamental Concepts of Security2. Types of Attacks3. Social Engineering Attacks4. Classification Traits of Malwares5. Circulation6. Infection7. Concealment8. Payload Capabilities9. Web Application Attacks: SQL Injection10. Web Application Attacks: Cross Site Scripting11. Security Management & Cryptography12. Client Side Attacks: Cookies13. Client Side Attacks: DoS14. Client Side Attacks: Man in the Middle15. Client Side Attacks: Replay16. Developing Security Policy17. Deploy and Manage Security Settings18. Security Through Design19. Security Through Anti Malware20. Fundamentals of Cryptography21. OSI Reference Model22. AES23. Standard Network Devices24. Network Security Hardware25. Firewalls26. Types of Firewalls27. Spam Filters28. Virtual Private Networks29. Intrusion Detection and Prevention Study30. DNS31. Network Security: Network Address Translation (NAT)32. Network Access Control (NAC)33. Network Protocols34. TCP/IP35. Wireless Network Security: Wireless Network Attacks36. Wireless Network Security: Types of Attacks37. Mobile Devices Security38. Cloud Security Challenges and Solution39. IoT Security Challenges
    ITEC3125›Wireless Network Security: Wireless Network Attacks
    Cyber SecurityTopic 35 of 39

    Wireless Network Security: Wireless Network Attacks

    8 minread
    1,316words
    Intermediatelevel

    Wireless Network Security: Wireless Network Attacks

    Wireless networks, while convenient and increasingly prevalent in both personal and enterprise environments, introduce specific security risks and vulnerabilities. Wireless communication relies on radio waves, making it easier for attackers to intercept, disrupt, or manipulate data without being physically connected to the network. Because wireless signals can extend beyond the boundaries of the intended network, they expose networks to a variety of attacks.

    This section will cover some of the most common and significant wireless network attacks, their mechanisms, and how to protect against them.

    Common Wireless Network Attacks

    1. Eavesdropping (Sniffing)

      • Description: Eavesdropping is the unauthorized interception and monitoring of wireless communication to gain access to sensitive information like passwords, messages, or credit card numbers.
      • Mechanism: Attackers use tools like Wireshark, Kismet, or Aircrack-ng to capture data packets transmitted over the wireless network. Since wireless networks broadcast signals through the air, these packets can be intercepted and analyzed if the network is not properly encrypted.
      • Protection:
        • Use WPA3 (Wi-Fi Protected Access 3) or at least WPA2 encryption to secure the communication.
        • Avoid WEP (Wired Equivalent Privacy) as it is easily broken.
        • Use VPNs to encrypt data traffic when accessing sensitive information over public Wi-Fi networks.

    2. Man-in-the-Middle (MITM) Attack

      • Description: A Man-in-the-Middle (MITM) attack involves an attacker positioning themselves between two communicating parties (such as a client and a router) to intercept and potentially alter communications without either party knowing.
      • Mechanism:
        • The attacker can use a technique called DNS spoofing or ARP poisoning to insert themselves into the communication channel.
        • In wireless environments, the attacker may trick the victim into connecting to a rogue access point (also known as an Evil Twin).
        • Once connected, the attacker can intercept and modify communication between the client and the legitimate server.
      • Protection:
        • Use HTTPS (SSL/TLS) for secure web browsing, which encrypts data between the client and the server.
        • Implement Mutual Authentication in your wireless networks to ensure both the client and access point authenticate each other.
        • Avoid using public Wi-Fi for sensitive activities unless you use a VPN.

    3. Evil Twin Attack

      • Description: In this attack, the attacker sets up a rogue Wi-Fi access point that masquerades as a legitimate network, typically with a similar SSID (Service Set Identifier).
      • Mechanism:
        • The attacker creates a Wi-Fi network with the same name (SSID) as a legitimate network, hoping that users will unknowingly connect to it. Once connected, the attacker can intercept all data sent over the network.
        • In more sophisticated attacks, the rogue AP may also carry out MITM attacks or inject malicious traffic.
      • Protection:
        • Use WPA2 or WPA3 encryption and ensure strong authentication protocols like 802.1X.
        • Educate users not to connect to unknown or unsecured Wi-Fi networks, especially those that match the name of legitimate networks (e.g., "Starbucks_Free_WiFi" vs. "Starbucks_Free_WiFi_2").
        • Consider using Enterprise-level security (such as EAP-TLS), where each device has a unique certificate for authentication.

    4. Rogue Access Points (AP)

      • Description: A rogue access point is a Wi-Fi access point that is set up by an unauthorized user to gain access to a network. It may be installed within the premises or outside (within range).
      • Mechanism:
        • Attackers or even employees may set up rogue APs without the network administrator’s knowledge. These rogue APs can act as a backdoor into the organization’s internal network, bypassing security controls and leading to potential data breaches.
        • The attacker could gain full access to the network if devices are configured to automatically connect to open networks.
      • Protection:
        • Conduct regular network audits to identify rogue APs.
        • Use WIPS (Wireless Intrusion Prevention Systems) to monitor and block unauthorized APs.
        • Implement MAC address filtering to only allow authorized devices to connect to your APs.

    5. Deauthentication Attack

      • Description: This is a denial-of-service (DoS) attack targeting the authentication process between a wireless device (client) and an access point (AP).
      • Mechanism:
        • The attacker sends deauthentication frames to disconnect a device from the wireless network. This can disrupt service for users, forcing them to reconnect repeatedly or lose access to the network altogether.
        • The attacker may then exploit this disconnection to launch further attacks, such as a Rogue AP attack or attempt to intercept credentials when users reconnect.
      • Protection:
        • Use strong encryption like WPA2 or WPA3, which can make it harder for attackers to spoof deauthentication frames.
        • Implement 802.1X for device authentication and secure the authentication process.
        • Use intrusion detection systems (IDS) to detect and alert administrators about unusual deauthentication frames.

    6. Dictionary/Brute-Force Attack on WPA/WPA2 Password

      • Description: In this attack, the attacker attempts to crack the WPA or WPA2 password by systematically trying a large number of possible passwords using a dictionary (pre-generated list) or brute-force method (trying all possible combinations).
      • Mechanism:
        • Once the attacker intercepts the WPA/WPA2 handshake (via sniffing or eavesdropping), they can perform offline password-cracking attacks.
        • Tools like Aircrack-ng or Hashcat are commonly used to crack the WPA/WPA2 passphrase.
      • Protection:
        • Use strong, complex passwords for Wi-Fi networks to make it difficult to crack.
        • Enable WPA3 encryption if available, as it provides stronger protection against password-guessing attacks.
        • Consider using 802.1X (Enterprise mode) with a RADIUS server for stronger, certificate-based authentication, which is more secure than using a shared pre-shared key (PSK).

    7. WPS (Wi-Fi Protected Setup) Vulnerabilities

      • Description: WPS is a feature designed to simplify the process of connecting devices to a wireless network by allowing users to press a button on the router or enter a PIN for easy setup. However, WPS is vulnerable to brute-force attacks.
      • Mechanism:
        • The WPS PIN (which is 8 digits long) has a weak implementation. Attackers can easily try all combinations using tools like Reaver to crack the PIN.
        • Once the PIN is cracked, the attacker can gain access to the Wi-Fi network.
      • Protection:
        • Disable WPS on the router and manually configure devices.
        • Use strong WPA2 or WPA3 encryption with a complex passphrase instead of relying on WPS.
        • Regularly update router firmware to address known vulnerabilities.

    8. Packet Injection

      • Description: Packet injection allows attackers to inject malicious packets into a wireless network, causing disruptions or exploiting vulnerabilities in connected devices.
      • Mechanism:
        • An attacker who has gained access to a wireless network or is within range of an unprotected network can inject packets to exploit weaknesses in wireless protocols or devices.
        • Attackers can perform DoS attacks or even inject malicious code into the network traffic to compromise devices or steal information.
      • Protection:
        • Use strong encryption like WPA2 or WPA3 to protect data integrity.
        • Regularly update devices with the latest firmware to mitigate known vulnerabilities.
        • Use intrusion detection systems to monitor for unusual activity or packet anomalies.

    Best Practices for Wireless Network Security

    1. Use Strong Encryption (WPA2/WPA3): Always use WPA2 or WPA3 encryption to secure your wireless network. Avoid using WEP, as it is easily broken by modern tools.

    2. Implement Network Segmentation: Use VLANs (Virtual LANs) or subnetting to isolate sensitive devices or data from less secure parts of your network.

    3. Disable WPS: If not needed, disable Wi-Fi Protected Setup (WPS) to avoid the security risks associated with its weak PIN-based authentication.

    4. Enable Network Monitoring: Use a Wireless Intrusion Detection System (WIDS) or WIPS (Wireless Intrusion Prevention System) to monitor the network for unauthorized devices or suspicious activity.

    5. Use VPNs: Encourage the use of Virtual Private Networks (VPNs) to protect data when accessing public or unsecured wireless networks, especially when handling sensitive information.

    6. MAC Address Filtering: Although not foolproof, consider using MAC address filtering to restrict which devices can connect to your network.

    7. Strong Passwords: Always use complex and unique passwords for your wireless network, especially for WPA2 or WPA3 pre-shared keys (PSKs). Avoid default router passwords.

    8. Regularly Update Firmware: Keep router firmware up to date to fix any security vulnerabilities.

    Conclusion

    Wireless networks, while providing immense convenience and flexibility, are susceptible to a range of

    Previous topic 34
    TCP/IP
    Next topic 36
    Wireless Network Security: Types of Attacks

    Past Papers

    Open this section to load past papers

    Click on Show Past Papers to see past papers.
    On This Page
      Reading Stats
      Est. reading time8 min
      Word count1,316
      Code examples0
      DifficultyIntermediate