• Choose a category
• All
• Classic-Fiction

Wi-Fi Protected Access

The Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2) technologies were designed to address the core problems with WEP. These technologies implement the 802.11i standard. The difference between WPA and WPA2 is that the former implements most—but not all—of 802.11i in order to be able to communicate with older wireless cards (which might still need an update through their firmware in order to be compliant), while WPA2 implements the full standard and is not compatible with older cards.

Wireless Vulnerabilities to Know

Wireless systems are vulnerable to all the different attacks that wired networks are vulnerable to. However, because these protocols use radio frequency signals for data emanation, they have an additional weakness: All radio frequency signals can be easily intercepted. To intercept 802.11x traffic, all you need is a PC with an appropriate 802.11x card installed. Many networks will regularly broadcast their name (known as an SSID broadcast) to announce their presence. Simple software on the PC can capture the link traffic in the WAP and then process this data in order to decrypt account and password information.

An additional aspect of wireless systems is the site survey. Site surveys involve listening in on an existing wireless network using commercially available technologies. Doing so allows intelligence, and possibly data capture, to be performed on systems in your wireless network.

The term site survey initially meant determining whether a proposed location was free from interference. When used by an attacker, a site survey can determine what types of systems are in use, the protocols used, and other critical information about your network. It’s the primary method used to gather data about wireless networks. Virtually all wireless networks are vulnerable to site surveys.

If wireless portals are installed in a building, the signals will frequently radiate past the inside of the building, and they can be detected and decoded outside the building using inexpensive equipment. The term war driving refers to driving around town with a laptop looking for WAPs that can be communicated with. The network card on the laptop is set to promiscuous mode, and it looks for signals coming from anywhere. After intruders gain access, they may steal Internet access or start damaging your data.

Weak encryption was an issue with earlier access points, but most of the newer wireless controllers use special ID numbers (SSID) and must be configured in the network cards to allow communications. However, using ID number configurations doesn’t necessarily prevent wireless networks from being monitored, and one particularly mischievous undertaking involves taking advantage of rogue access points. Any wireless access point added to your network that has not been authorized is considered a rogue. The rogue may be added by an attacker, or could have been innocently added by a user wanting to enhance their environment—the problem with the user doing so is that there is a good chance they will not implement the security you would, and this could open the system up for a man-in-the-middle attack. Educate and train users about the wireless network and the need to keep it secure, just as you would train and educate them about any other security topic. Be sure to change the default settings on all wireless devices.

Never assume that a wireless connection is secure. The emissions from a wireless portal may be detectable through walls and for several blocks from the portal. Interception is easy to accomplish, given that RF is the medium used for communication. Newer wireless devices offer data security, and you should use it. You can set newer WAPs and wireless routers to non-broadcast in addition to configuring WEP at a higher encryption level.

With the popularity of Bluetooth on the rise, two additional vulnerabilities have been added: blue jacking and bluesnarfing. Blue jacking is the sending of unsolicited messages (think spam) over the Bluetooth