Types of Attacks on Wireless Environment
Denial of Service Attack
Denial of Service Attack aims at preventing the users from accessing the network resources. In a Wireless network, denial of service attack can be applied in various ways.
How the attack occurs in Wifi Environment ?
At the physical layer of TCP/IP Model, denial of service attack can be implemented by introducing a device which will generate noise in the same frequency band in which wireless accesspoint is operating. This makes the users who are trying to connect to the accesspoint may not be able to connect to it.
Also the other possibility of Denial of service Attack is spoofing the accesspoint. Normally wireless clients connect to the wired network with the help of an accespoint. For associating with the accesspoint they require SSID of it. When an unauthorised user places an accesspoint with the same SSID, then there is a chance of authorised user getting associated with the attackers accesspoint. If that happens, the attacker will try to collect sufficient number of packets from the wireless client and cracks the WEP key used by the legitimate accesspoint. Then the attacker gets associated with the legitimate accesspoint and generates large ping requests in the network or generate some abnormal traffic, which may finally result in Denial of Service Attack.
Also the other possibility of Denial of service Attack is spoofing the accesspoint. Normally wireless clients connect to the wired network with the help of an accespoint. For associating with the accesspoint they require SSID of it. When an unauthorised user places an accesspoint with the same SSID, then there is a chance of authorised user getting associated with the attackers accesspoint. If that happens, the attacker will try to collect sufficient number of packets from the wireless client and cracks the WEP key used by the legitimate accesspoint. Then the attacker gets associated with the legitimate accesspoint and generates large ping requests in the network or generate some abnormal traffic, which may finally result in Denial of Service Attack.
Man-In-Middle Attack in Wifi Devices
Performing Man-In-Middle Attack in a wireless network is much easier, when compared to wired network. As the transmissons from an accesspoint is broadcasted, it is easy for an unauthorised user to collect the traffic sent by other wireless clients. And the process of collecting the packets in this manner is known as Eavesdropping. Also the third party user can manipulate the packets sent to the legitimate users which results in breaking the users privacy.
So In order to avoid these kind of attacks, Strong encryption should be used for transmitting the data between wireless client and accesspoint.
WarDriving
It is a process of tracking Wi-Fi hotspots located at a particular place, while moving with a hand held device or a laptop in a vehicle. This helps the user in finding out the accesspoints that doesnot use encryption and takes control over it for performing the attacks on the network.
Tips for securing Wireless Communications
Always use the maximum key size supported by accesspoint for encryption
- If the keysize is large enough, then it takes more time to crack the key by the hacker. Also it is recommneded to change the encryption key frequently so that it makes difficult for the cracker to break the encryption key.
Isolate the wireless network from wired network with a firewall and a antivirus gateway.
- Do not connect the accesspoint directly to the wired network. As there is a chance of comprimised wireless client inturn effecting the systems in the wired network, a firewall and an antivirus gateway should be placed between the accespoint and the wired network.
Use VPN or IPSEC for protecting communication
- When the information flowing from wireless client to the wired network receiver is critical, then it is recommended to use VPN or IPSEC based communication so that the information is protected from sniffers in the network.
Always maintain a updated firmware
- Updating the firmware of accesspoint is recommended, as it will reduce the number of security loop holes in the accesspoint.
Restrict access to the accesspoint based on MAC address
- In order to allow authorised users to connect to the accesspoint, wireless clients should be provided access based on MAC address.
Do not maintain factory default settings for an accesspoint
- Most of the users do not change the default passwords while configuring the accesspoint. But it is recommended to keep a strong password, as this default password information can be known from product manufacturers.
Do not make the SSID information public
- SSID information is used to identify a accesspoint in the network and also the wireless clients connect to the network using this information. Hence, in order to allow authorised users to connect to the network, the information should not be provided in public.
Disable DHCP service
- When the number of users accessing the accesspoint are less, it is recommended to disable the DHCP service. As this may make the attackers easy, to connect to the network once they get associated with the accesspoint.
0 comments:
Post a Comment