Wireless area networks is used worldwide by individuals and corporations alike. This wireless communication module is broadcasted across a radio, and is fitted in computers, smartphones, game consoles and so on, for the sole purpose of connecting to a network resource, or internet.There are varying types of wireless network connections, each designed with the purpose of creating easy communication between the end users and network resources.
Some of these connections are -
The wireless area network is simple and very beneficial, as there is no need for connections through wires. The wireless module is also advantageous for remote areas. It is easier to get access to the internet in public places like airports, schools or restaurants. This increasing freedom is not met with its own challenges, as bandwidth reduces with increase in number of computers connected to the wireless network. Additionally, wireless networks are very prone to security attacks, some of which will be highlighted in this article.
There are different means to detect open wireless networks for exploitation, they are-
The wireless networks can be broadcasted through antennas, to increase the bandwidth range. Attackers could also use these antennas as tools for gaining information and carrying out malicious functions. There are different types of antennas -
The wireless network is usually protected with encryption tools, to ensure the protection of information as well as privacy during wireless transmissions.
There are various types of wireless encryptions, such as -
The web encryption system provides privacy during transportation of data from one point to the other using the wireless network system. While this system is known for its age and originality in wireless encryption, it is riddled with numerous flaws and vulnerabilities.
This method is weak for various reasons, some of which include a non-defined device for transmitting encryption keys, security loopholes in associate and disassociate messages, as there is no provision for validation, a small sized IV, susceptibility to attacks based on reusing keys, due to a short IV and hence the need for the protection system to reuse keys after short periods and lastly, there is a high probability of the IV sequence being developed more than one, especially when wireless adapters are designed by the same vendor.
Weak IVs are detrimental to encryption methods, as they create an easy system for attack. These weak IVs not only show the attacker the origination points i.e key byte origin, they also provide the attacker with the means to reveal the bytes of the base key. The steps below are used to determine which IVs are weak -
Determine the ability of the injection of the wireless device with respect to the access point. Sniff with tools like Cain and Abel to retrieve original IVs Extract the encryption keys with tools like Cain and Abel Open the wireless in monitor mode and use tools like aireplay-ing to falsify authentication. Inject packets with tools like aireplay-ing in ARP mode.
This is another encryption module, designed for wireless local area networks and based on 802.11 standards. This encryption method is stronger that it’s web encryption privacy counterparts, and provides data security by requesting for PSK or EAP authentication.
This method works with TKIP, which uses the RC4 stream cipher encryption with 128-bit keys and 64-bit MIC integrity check. This method is one step ahead of WEP, as it takes care of flaws by increasing the size of the IV as well as using mixing functions.
TKIP uses temporal keys, programmed to change after every 10,000 packets, hence providing security against cryptanalytic attacks designed for reusing keys.
It is important to note that these temporal keys are gotten from the PMK which is gotten from the EAP authentication. This is noted as the four-way handshake.
This is designed for corporation bodies and wireless network users, and is fitted with a stronger security measure with regards to data and access control. As stated in the afore mentioned statement, there are two types of WPA2:
For personal use: this has a pre-shared key, as a protective measure against illegitimate access. This PSK is used an encryption method for each wireless device, encoding network traffic with a 128-bit key, gotten from a passphrase of8-63 ASCII characters.
For enterprise: this uses an EAP or a radius, to allow for central validation through numerous methods, from token cards to certificates. The authentication method is passed, by providing login details generated from the central server.
Published with the express permission of the author.