Where wireless is most vulnerable

Four ways an attacker can hack the airwaves and get access to your network and beyond:

Method: Low-hanging fruit
Description: Hacker scans for open access points that allow anyone to connect. In some cases, such wireless networks are meant to be used by the public, but most of the time, the networks are just misconfigured.
Goal: Free Internet access, attack a third party using target as a blind, exploring someone else's network.

Method: Access point spoofing
Description: An attacker sets up his or her own access point, known as a rogue, near the target network or in a public place where the victim might believe that wireless Internet access is available. If the rogue access point's signal is stronger than the signal of the real access point, then in many cases, the victim's computer will connect to the rogue access point. Then, the attacker can wait for the victim to type in passwords or inject attack code into the information flow to compromise the victim's computer.
Goal: Snooping, password acquisition, identity theft, network access

Method: WEP attack
Description: By exploiting the flaws in the Wired Equivalent Privacy security protocol, an attacker can crack the encryption on the communications between an access point and a legitimate client. Passive attacks, when the attacker just listens, can take days. But at least one active attack has been discovered that requires merely hours.
Goal: Snooping, password acquisition, identity theft, network access

Method: Man-in-the-middle attack
Description: Similar to the access point spoofing, the attacker combines an access point with a virtual private network (VPN) server of the same type as the one on the target network (for example, Secure Shell or SSH). When the victim attempts to connect to the real server, the spoofed server sends a reply back, leading the victim to connect to the fake server.
Goal: Snooping, password acquisition, identity theft, network access

Advertisement

Talkback 0 comments

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Suzanne Tindal Sick of broken tender sites
    Some of the state governments desperately need to invest in more user-friendly tender sites so that looking for information on government tenders doesn't have to be a game of blind man's bluff.
  • Array Cyberwar: What is it good for?
    In this week's episode, Cyberwar. What is Australia's place in the world of digital warfare? What are the implications for the NBN?
  • Array Is wholesale-only backhaul just a pipedream?
    The potential acquisition of Pipe Networks by SP Telemedia has raised the question about whether vertically integrated backhaul providers will mean higher wholesale prices for ISP customers.
  • More blogs »

Tags

Back to top

Featured