Seven Deadliest Wireless Technologies Attacks
By Brad Haines
()
About this ebook
The book contains seven chapters that cover the following: infrastructure attacks, client attacks, Bluetooth attacks, RFID attacks; along with attacks on analog wireless devices, cell phones, PDAs, and other hybrid devices. One chapter deals with the problem of bad encryption. It demonstrates how something that was supposed to protect communications can end up providing less security than advertised.
This book is intended for novices and anyone in a technical role either as the family tech support to corporate IT managers. It also assumes some familiarity with basic networking and computer use.
Attacks detailed in this book include:
- 802.11 Wireless-Infrastructure Attacks
- 802.11 Wireless-Client Attacks
- Bluetooth Attacks
- RFID Attacks
- Analog Wireless Device Attacks
- Bad Encryption
- Attacks on Cell Phones, PDAs and Other Hybrid Devices
Brad Haines
Brad "RenderMan" Haines, Contributing Author to RFID Security (ISBN: 978-1-59749-047-4, Syngress) and Kismet Hacking (ISBN: 978-1-59749-117-4, Syngress), is chief researcher of Renderlab.net and co-refounder of "The Church of WiFi" wireless think tank. He currently operates his own consulting company in Edmonton, Alberta, Canada, providing wireless performance and security assessment services for a variety of clients both large and small. A noted expert in the hacker community in the field of wireless security, he has spoken at many international conferences such as Black Hat and DEFCON and taught several classes on free wireless assessment tools. He has also contributed over time to many wireless security tools such as the Kismet wirelss sniffer and coWPAtty.
Read more from Brad Haines
Kismet Hacking Rating: 0 out of 5 stars0 ratingsSeven Deadliest Wireless Technologies Attacks Rating: 0 out of 5 stars0 ratings
Related to Seven Deadliest Wireless Technologies Attacks
Related ebooks
Hacking Wireless Access Points: Cracking, Tracking, and Signal Jacking Rating: 0 out of 5 stars0 ratingsSeven Deadliest Unified Communications Attacks Rating: 0 out of 5 stars0 ratingsWireless Reconnaissance in Penetration Testing: Using Scanners to Monitor Radios during Penetration Tests Rating: 0 out of 5 stars0 ratingsDigital Forensics Basics: A Practical Guide Using Windows OS Rating: 0 out of 5 stars0 ratingsPractical Anonymity: Hiding in Plain Sight Online Rating: 3 out of 5 stars3/5Wireshark & Ethereal Network Protocol Analyzer Toolkit Rating: 0 out of 5 stars0 ratings#HACKED: 10 Practical Cybersecurity Tips to Help Protect Personal or Business Inform Rating: 0 out of 5 stars0 ratingsLow Tech Hacking: Street Smarts for Security Professionals Rating: 4 out of 5 stars4/5Compsec: For the Home User Rating: 0 out of 5 stars0 ratingsUnified Communications Forensics: Anatomy of Common UC Attacks Rating: 4 out of 5 stars4/5Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques Rating: 4 out of 5 stars4/5Data Hiding: Exposing Concealed Data in Multimedia, Operating Systems, Mobile Devices and Network Protocols Rating: 5 out of 5 stars5/5Placing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects Rating: 0 out of 5 stars0 ratingsMobile Malware Attacks and Defense Rating: 5 out of 5 stars5/5Hack Proofing Your Network Rating: 0 out of 5 stars0 ratingsIntegrated Security Systems Design: Concepts, Specifications, and Implementation Rating: 5 out of 5 stars5/5How to Cheat at Securing a Wireless Network Rating: 2 out of 5 stars2/5Electronic Access Control Rating: 2 out of 5 stars2/5Snort Intrusion Detection 2.0 Rating: 4 out of 5 stars4/5Stealing The Network: How to Own the Box Rating: 4 out of 5 stars4/5Nmap in the Enterprise: Your Guide to Network Scanning Rating: 0 out of 5 stars0 ratingsManaged Code Rootkits: Hooking into Runtime Environments Rating: 5 out of 5 stars5/5Botnets: The Killer Web Applications Rating: 5 out of 5 stars5/5An Introduction to Hacking and Crimeware: A Pocket Guide Rating: 0 out of 5 stars0 ratingsHacking and Penetration Testing with Low Power Devices Rating: 2 out of 5 stars2/5Advanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics (English Edition) Rating: 0 out of 5 stars0 ratingsPractical Cyber Forensics: An Incident-Based Approach to Forensic Investigations Rating: 0 out of 5 stars0 ratingsSnort Intrusion Detection and Prevention Toolkit Rating: 5 out of 5 stars5/5Cyber Protect Your Business Rating: 0 out of 5 stars0 ratings
Information Technology For You
Computer Science: A Concise Introduction Rating: 4 out of 5 stars4/5The Ultimate Guide to Landing a Network Engineering Job Rating: 0 out of 5 stars0 ratingsHow to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Health Informatics: Practical Guide Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner: Study Guide with Practice Questions and Labs Rating: 5 out of 5 stars5/5CompTIA ITF+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsData Analytics for Beginners: Introduction to Data Analytics Rating: 4 out of 5 stars4/5Practical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5Inkscape Beginner’s Guide Rating: 5 out of 5 stars5/5WordPress Plugin Development: Beginner's Guide Rating: 0 out of 5 stars0 ratingsHow To Use Chatgpt: Using Chatgpt To Make Money Online Has Never Been This Simple Rating: 0 out of 5 stars0 ratingsHacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5Summary of Super-Intelligence From Nick Bostrom Rating: 5 out of 5 stars5/5An Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry Rating: 4 out of 5 stars4/5Quantum Computing for Programmers and Investors: with full implementation of algorithms in C Rating: 5 out of 5 stars5/5CompTIA Network+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam N10-008 Rating: 0 out of 5 stars0 ratingsLinux Command Line and Shell Scripting Bible Rating: 3 out of 5 stars3/5The Programmer's Brain: What every programmer needs to know about cognition Rating: 5 out of 5 stars5/5DNS in Action Rating: 0 out of 5 stars0 ratingsChatGPT: The Future of Intelligent Conversation Rating: 4 out of 5 stars4/5The Certified Fintech Professional Rating: 5 out of 5 stars5/5A Civic Technologist's Practice Guide Rating: 0 out of 5 stars0 ratingsSupercommunicator: Explaining the Complicated So Anyone Can Understand Rating: 3 out of 5 stars3/5CompTIA A+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1101 Rating: 0 out of 5 stars0 ratings
Reviews for Seven Deadliest Wireless Technologies Attacks
0 ratings0 reviews
Book preview
Seven Deadliest Wireless Technologies Attacks - Brad Haines
risk.
CHAPTER 1
802.11 Wireless – Infrastructure Attacks
Publisher Summary
Wired Equivalent Privacy (WEP) is the original encryption scheme included in the 802.11b wireless standard from 1997. WEP is based on the RC4 stream cipher algorithm, and as with any stream cipher, identical keys must not be used. The initialization vector (IV) changes with each packet and eventually repeats, giving an attacker, two packets with identical IVs. The counter used for IVs in the previous years was 24 bits long, which on a fairly busy network meant that there was a good chance that after 5,000 packets, an IV would be repeated, yielding an IV collision where two packets were encrypted with the same key, thus providing a basis for cryptanalysis. The advent of the ARP replay attack really shortened the time needed to perform an attack. The ARP replay attack is where an encrypted ARP packet is captured from a network and retransmitted back to the access point (AP), which in turn sends back another ARP packet with a different IV. There are many tools available that break WEP, but the most popular is Aircrack-ng. Wi-Fi Protected Access2 (WPA2) (also known as 802.11i) is the final and more secure version of WPA. WPA2 uses Advanced Encryption Standard as its stream cipher, which is vastly more secure but requires resources only found on the newer generations of APs and is not available on older equipment.
Information in This Chapter
• How Wireless Networks Work
• Case Study: TJX Corporation
• Understanding WEP Cracking
• How to Crack WEP
• It Gets Better and Worse
• WPA and WPA2 in a Nutshell
• How to Crack WPA PSK and WPA2 PSK
Just about every new laptop that hits the market today has an 802.11 network card built in. It’s a technology that has become ubiquitous in our lives, and we can hardly remember a time when it wasn’t part of our days. It’s a technology that has grown in terms of speed and range to provide the capability to be connected to the Internet from anywhere in our homes or businesses.
This widespread technology would also very quickly become quite an issue from a security perspective. Users quickly demanded to cut the cable
and be able to access the network from anywhere in the office. Home users were quick to adopt the technology to work from the kitchen, the couch, or (more oddly) the bathroom. This intense push led to a lot of overworked and underpaid information technology (IT) administrators and neighborhood computer know-it-alls to install wireless networks without properly understanding the security risks involved. These early networks would continue to just work
with users not realizing that the security arms race caught up with them and even passed them, making them prime targets for attack.
In November 2003, Toronto, Ontario, police held a press conference to announce a (at the time) new and unusual crime.A The police report indicates that at around 5:00 A.M. an officer noticed a car slowly driving the wrong way down a one-way street in a residential neighborhood. The officer pulled the car over, and when he walked up to the driver, he was greeted with several disturbing sights. The driver was first of all not wearing any pants, which is probably disturbing in and of itself, but more alarmingly, on the passenger seat was a laptop clearly displaying child pornography. The driver had been using open wireless networks in the area to obtain Internet access to download child pornography, unbeknownst to the owners of those networks. The owners were victims themselves, twice. First, they were victims of theft of service since their communications had to compete for bandwidth with the traffic of the unauthorized user. Second, they were victimized because, for all intents and purposes, the child pornography was being downloaded through their connection. Any digital trail left would lead back to them, potentially exposing them to false accusations of downloading child pornography themselves and all the emotional and financial damage that accusation can bring. The suspect’s home was searched as a result, and 10 computers and over 1,000 CDs worth of illegal material were