Please enable JavaScript.
Coggle requires JavaScript to display documents.
Friday 10/1/2020 Wireless Security ITSC301 :check: (Wifi Attack Vectors (2…
Friday 10/1/2020 Wireless Security ITSC301
:check:
Wifi Attack Vectors
2
Accidental association
-AKA miss association
-often unintentional
1
Malicious Association
Intentional misdirection of wifi traffic
3
Caffe latte
exploit WEP weakness
ARP overflow tool
Shared key retrieval
4
Network Injection
Spanning tree weakness (802.1D)
RIP,OSPF,HSRP
Force network resets
5
Denial of Service
Flooding AP
premature successful connection attempts
Failure messages
Power Messages
6
MAC Spoofing
listen to network
Clone MAC ID
7 Man in the Middle
-Enticing attack
Honey pot users to authenticate against you
Sniff traffic to determine security faults and Handshakes.
8 Via Ad-Hoc Network
Bluetooth Connection
not secure
Wired terminals with bluetooth->targets
9 Non Traditional Networks
blue tooth, infrared, serial connection.barcode reader and PDA
Mitigation of Wifi Threats
1 SSID hiding
Weak, simple,ineffective
2 MAC filtering
Weak, Susceptible to Spoofing
3 Static IP addressing
Disable DHCP
Not Scalable
medium weak
4) 802.11 Security wired Equivalency protocol
deprecated in 2004!
TJ Maxx hack
5 WPA vs WPA 2
Vulnerable to dictionary attacks
Use long password /special characters
WPA2- Second generation 802.11i FIPs L2
6 Extensible Authentication Protocol EAP
uses a centralized auth server
broken in 2002
7 Extended EAP
EAP-MD5,EAP-MSCHAP,EAP-TLS,EAP-TTLS,EAP-SIM
8 LIGHTWEIGHT EXTENSIBLE PROTOCOL
Based on 802.1x
Uses WEP + Sophisticated key management
Vulnerable to THC - LEAP crakcer <-cisco
9) Protected Extensible Protocol PEAP**
Cisco, MS, RSA**
Secure data transport, key management
without a central Auth server
802.11i security
Newest, rigorous security STP
Full fledged STD using WPAv2
WPA v2
Wifi alliance branded security
Included AES-CCMP supports EAP, RADIUS
WPA 2 is vulnerable to HOLE 196
Group temporal key (GTK) weakness exploited
requires insider (GTK) in order to work
WAPI Wireless authentication privacy infrastructure ( originated in China)