Seven Deadliest Wireless Technologies Attacks
By Brad Haines
()
About this ebook
Seven Deadliest Wireless Technologies Attacks provides a comprehensive view of the seven different attacks against popular wireless protocols and systems. This book pinpoints the most dangerous hacks and exploits specific to wireless technologies, laying out the anatomy of these attacks, including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.
Each chapter includes an example real attack scenario, an analysis of the attack, and methods for mitigating the attack. Common themes will emerge throughout the book, but each wireless technology has its own unique quirks that make it useful to attackers in different ways, making understanding all of them important to overall security as rarely is just one wireless technology in use at a home or office. The book contains seven chapters that cover the following: infrastructure attacks, client attacks, Bluetooth attacks, RFID attacks; and attacks on analog wireless devices, cell phones, PDAs, and other hybrid devices. A chapter deals with the problem of bad encryption. It demonstrates how something that was supposed to protect communications can end up providing less security than advertised.
This book is intended for information security professionals of all levels, as well as wireless device developers and recreational hackers.
Attacks detailed in this book include:
- 802.11 Wireless—Infrastructure Attacks
- 802.11 Wireless—Client Attacks
- Bluetooth Attacks
- RFID Attacks
- Analog Wireless Device Attacks
- Bad Encryption
- Attacks on Cell Phones, PDAs and Other Hybrid Devices
Brad Haines
Brad "RenderMan" Haines, Contributing Author to RFID Security (ISBN: 978-1-59749-047-4, Syngress) and Kismet Hacking (ISBN: 978-1-59749-117-4, Syngress), is chief researcher of Renderlab.net and co-refounder of "The Church of WiFi" wireless think tank. He currently operates his own consulting company in Edmonton, Alberta, Canada, providing wireless performance and security assessment services for a variety of clients both large and small. A noted expert in the hacker community in the field of wireless security, he has spoken at many international conferences such as Black Hat and DEFCON and taught several classes on free wireless assessment tools. He has also contributed over time to many wireless security tools such as the Kismet wirelss sniffer and coWPAtty.
Related to Seven Deadliest Wireless Technologies Attacks
Related ebooks
Seven Deadliest Unified Communications Attacks Rating: 0 out of 5 stars0 ratingsAdvanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics (English Edition) Rating: 0 out of 5 stars0 ratingsSnort Intrusion Detection and Prevention Toolkit Rating: 5 out of 5 stars5/5Penetration Testing: Protecting networks and systems Rating: 0 out of 5 stars0 ratingsClient-Side Attacks and Defense Rating: 0 out of 5 stars0 ratingsSnort Intrusion Detection 2.0 Rating: 4 out of 5 stars4/5Seven Deadliest Web Application Attacks Rating: 0 out of 5 stars0 ratingsCyber Forensics Up and Running: A hands-on guide to digital forensics tools and technique (English Edition) Rating: 0 out of 5 stars0 ratingsSeven Deadliest Network Attacks Rating: 3 out of 5 stars3/5Hacking Web Apps: Detecting and Preventing Web Application Security Problems Rating: 0 out of 5 stars0 ratingsDefending IoT Infrastructures with the Raspberry Pi: Monitoring and Detecting Nefarious Behavior in Real Time Rating: 0 out of 5 stars0 ratingsCybercrime and Espionage: An Analysis of Subversive Multi-Vector Threats Rating: 3 out of 5 stars3/5Wireshark & Ethereal Network Protocol Analyzer Toolkit Rating: 0 out of 5 stars0 ratingsThor's Microsoft Security Bible: A Collection of Practical Security Techniques Rating: 0 out of 5 stars0 ratingsManaged Code Rootkits: Hooking into Runtime Environments Rating: 5 out of 5 stars5/5Managing Information Security Rating: 0 out of 5 stars0 ratings#HACKED: 10 Practical Cybersecurity Tips to Help Protect Personal or Business Inform Rating: 0 out of 5 stars0 ratingsNmap in the Enterprise: Your Guide to Network Scanning Rating: 0 out of 5 stars0 ratingsHack Proofing Your Network Rating: 0 out of 5 stars0 ratingsThe Algorithm Man: America's Cyber Sleuth Rating: 0 out of 5 stars0 ratingsZero-Day Exploit: Countdown to Darkness Rating: 2 out of 5 stars2/5Nagios 3 Enterprise Network Monitoring: Including Plug-Ins and Hardware Devices Rating: 0 out of 5 stars0 ratingsAVIEN Malware Defense Guide for the Enterprise Rating: 0 out of 5 stars0 ratingsMalware Sandbox A Clear and Concise Reference Rating: 0 out of 5 stars0 ratingsHacking a Terror Network: The Silent Threat of Covert Channels Rating: 5 out of 5 stars5/5Detained Rating: 0 out of 5 stars0 ratingsPro Cryptography and Cryptanalysis with C++20: Creating and Programming Advanced Algorithms Rating: 0 out of 5 stars0 ratingsSeven Deadliest Social Network Attacks Rating: 0 out of 5 stars0 ratingsSOA Security Rating: 0 out of 5 stars0 ratingsOffensive Security Web Expert A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratings
Business For You
The Intelligent Investor, Rev. Ed: The Definitive Book on Value Investing Rating: 4 out of 5 stars4/5Financial Words You Should Know: Over 1,000 Essential Investment, Accounting, Real Estate, and Tax Words Rating: 4 out of 5 stars4/5Your Next Five Moves: Master the Art of Business Strategy Rating: 5 out of 5 stars5/5Robert's Rules Of Order Rating: 5 out of 5 stars5/5The Richest Man in Babylon: The most inspiring book on wealth ever written Rating: 5 out of 5 stars5/5Becoming Bulletproof: Protect Yourself, Read People, Influence Situations, and Live Fearlessly Rating: 4 out of 5 stars4/5Emotional Intelligence: Exploring the Most Powerful Intelligence Ever Discovered Rating: 5 out of 5 stars5/5How To Pay Off Your Mortgage in 5 Years Rating: 5 out of 5 stars5/5Tools Of Titans: The Tactics, Routines, and Habits of Billionaires, Icons, and World-Class Performers Rating: 4 out of 5 stars4/5Crucial Conversations: Tools for Talking When Stakes are High, Third Edition Rating: 4 out of 5 stars4/5Just Listen: Discover the Secret to Getting Through to Absolutely Anyone Rating: 4 out of 5 stars4/5Carol Dweck's Mindset The New Psychology of Success: Summary and Analysis Rating: 4 out of 5 stars4/5Crucial Conversations Tools for Talking When Stakes Are High, Second Edition Rating: 4 out of 5 stars4/5The Everything Guide To Being A Paralegal: Winning Secrets to a Successful Career! Rating: 5 out of 5 stars5/5Leadership and Self-Deception: Getting out of the Box Rating: 4 out of 5 stars4/5The Five Dysfunctions of a Team: A Leadership Fable, 20th Anniversary Edition Rating: 4 out of 5 stars4/5Collaborating with the Enemy: How to Work with People You Don’t Agree with or Like or Trust Rating: 4 out of 5 stars4/5Company Rules: Or Everything I Know About Business I Learned from the CIA Rating: 4 out of 5 stars4/5Buy, Rehab, Rent, Refinance, Repeat: The BRRRR Rental Property Investment Strategy Made Simple Rating: 5 out of 5 stars5/5Set for Life: An All-Out Approach to Early Financial Freedom Rating: 4 out of 5 stars4/5Confessions of an Economic Hit Man, 3rd Edition Rating: 5 out of 5 stars5/5Law of Connection: Lesson 10 from The 21 Irrefutable Laws of Leadership Rating: 4 out of 5 stars4/5Capitalism and Freedom Rating: 4 out of 5 stars4/5Nickel and Dimed: On (Not) Getting By in America Rating: 4 out of 5 stars4/5
Reviews for Seven Deadliest Wireless Technologies Attacks
0 ratings0 reviews
Book preview
Seven Deadliest Wireless Technologies Attacks - Brad Haines
risk.
CHAPTER 1
802.11 Wireless – Infrastructure Attacks
Publisher Summary
Wired Equivalent Privacy (WEP) is the original encryption scheme included in the 802.11b wireless standard from 1997. WEP is based on the RC4 stream cipher algorithm, and as with any stream cipher, identical keys must not be used. The initialization vector (IV) changes with each packet and eventually repeats, giving an attacker, two packets with identical IVs. The counter used for IVs in the previous years was 24 bits long, which on a fairly busy network meant that there was a good chance that after 5,000 packets, an IV would be repeated, yielding an IV collision where two packets were encrypted with the same key, thus providing a basis for cryptanalysis. The advent of the ARP replay attack really shortened the time needed to perform an attack. The ARP replay attack is where an encrypted ARP packet is captured from a network and retransmitted back to the access point (AP), which in turn sends back another ARP packet with a different IV. There are many tools available that break WEP, but the most popular is Aircrack-ng. Wi-Fi Protected Access2 (WPA2) (also known as 802.11i) is the final and more secure version of WPA. WPA2 uses Advanced Encryption Standard as its stream cipher, which is vastly more secure but requires resources only found on the newer generations of APs and is not available on older equipment.
Information in This Chapter
• How Wireless Networks Work
• Case Study: TJX Corporation
• Understanding WEP Cracking
• How to Crack WEP
• It Gets Better and Worse
• WPA and WPA2 in a Nutshell
• How to Crack WPA PSK and WPA2 PSK
Just about every new laptop that hits the market today has an 802.11 network card built in. It’s a technology that has become ubiquitous in our lives, and we can hardly remember a time when it wasn’t part of our days. It’s a technology that has grown in terms of speed and range to provide the capability to be connected to the Internet from anywhere in our homes or businesses.
This widespread technology would also very quickly become quite an issue from a security perspective. Users quickly demanded to cut the cable
and be able to access the network from anywhere in the office. Home users were quick to adopt the technology to work from the kitchen, the couch, or (more oddly) the bathroom. This intense push led to a lot of overworked and underpaid information technology (IT) administrators and neighborhood computer know-it-alls to install wireless networks without properly understanding the security risks involved. These early networks would continue to just work
with users not realizing that the security arms race caught up with them and even passed them, making them prime targets for attack.
In November 2003, Toronto, Ontario, police held a press conference to announce a (at the time) new and unusual crime.A The police report indicates that at around 5:00 A.M. an officer noticed a car slowly driving the wrong way down a one-way street in a residential neighborhood. The officer pulled the car over, and when he walked up to the driver, he was greeted with several disturbing sights. The driver was first of all not wearing any pants, which is probably disturbing in and of itself, but more alarmingly, on the passenger seat was a laptop clearly displaying child pornography. The driver had been using open wireless networks in the area to obtain Internet access to download child pornography, unbeknownst to the owners of those networks. The owners were victims themselves, twice. First, they were victims of theft of service since their communications had to compete for bandwidth with the traffic of the unauthorized user. Second, they were victimized because, for all intents and purposes, the child pornography was being downloaded through their connection. Any digital trail left would lead back to them, potentially exposing them to false accusations of downloading child pornography themselves and all the emotional and financial damage that accusation can bring. The suspect’s home was searched as a result, and 10 computers and over 1,000 CDs worth of illegal material were