Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Syngress - Eleventh Hour Network+ Exam N10-004 Study Guide (11 ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Common Exploits of Wireless Networks 67<br />
■<br />
(www.netstumbler.com). This type of scan, driving around looking for<br />
wireless networks, is known as war driving.<br />
Protecting against wireless network detection To defend against the use<br />
of NetStumbler and other programs to detect a wireless network easily,<br />
administrators should configure the wireless network as a closed system.<br />
This means that the AP will not respond to empty set SSID beacons and<br />
will consequently be “invisible” to programs such as NetStumbler, which<br />
rely on this technique to discover wireless networks.<br />
Crunch Time<br />
Sniffing<br />
Sniffing is the electronic form of eavesdropping on the<br />
communications that computers transmit across networks.<br />
Wireless networks function very similarly to the<br />
original repeaters and hubs by allowing every communication<br />
across the wireless network to be viewable to<br />
anyone who happens to be listening to the network. In<br />
fact, the person who is listening does not even need to<br />
be associated with the network in order to sniff!<br />
The hacker has many tools available to attack and monitor<br />
a wireless network. These tools work well for sniffing<br />
both wired and wireless networks. All of these software<br />
packages function by putting your network card in what<br />
is called promiscuous mode. When the network interface<br />
controller is in this mode, every packet that goes past the<br />
interface is captured and displayed within the application<br />
window.<br />
■<br />
Protecting against sniffing and eavesdropping To protect wireless users<br />
from attackers who might be sniffing is to utilize encrypted sessions wherever<br />
possible: SSL for e-mail connections, secure shell (SSH) instead of<br />
Telnet, and secure copy (SCP) instead of file transfer protocol (FTP). Additionally<br />
turn off any network identification broadcasts and, if possible, close<br />
down the network to any unauthorized users.<br />
Active Attacks on Wireless Networks<br />
The mechanisms used in active attacks can be comprised of a combination of<br />
methods that ultimately result in an intruder being able to navigate his or her<br />
way through the interworking of your network. Some possible attack methods<br />
include the following:<br />
■<br />
■<br />
Spoofing and network hijacking Usage of a legitimate IP address or MAC<br />
address by an unauthorized device oftentimes resulting in the redirection<br />
of legitimate data packets to the unauthorized device.<br />
MITM through rogue APs Interception of network communications<br />
through deployment of an AP with enough strength so that the end users<br />
may not be able to tell which AP is the authorized one that they should<br />
be using. Using this technique, the attacker is able to receive authentication<br />
requests and information from the end workstation regarding the secret key<br />
and where they are attempting to connect.