Seven Deadliest Wireless Technologies Attacks
By Brad Haines
()
About this ebook
The book contains seven chapters that cover the following: infrastructure attacks, client attacks, Bluetooth attacks, RFID attacks; along with attacks on analog wireless devices, cell phones, PDAs, and other hybrid devices. One chapter deals with the problem of bad encryption. It demonstrates how something that was supposed to protect communications can end up providing less security than advertised.
This book is intended for novices and anyone in a technical role either as the family tech support to corporate IT managers. It also assumes some familiarity with basic networking and computer use.
Attacks detailed in this book include:
- 802.11 Wireless-Infrastructure Attacks
- 802.11 Wireless-Client Attacks
- Bluetooth Attacks
- RFID Attacks
- Analog Wireless Device Attacks
- Bad Encryption
- Attacks on Cell Phones, PDAs and Other Hybrid Devices
Brad Haines
Brad "RenderMan" Haines, Contributing Author to RFID Security (ISBN: 978-1-59749-047-4, Syngress) and Kismet Hacking (ISBN: 978-1-59749-117-4, Syngress), is chief researcher of Renderlab.net and co-refounder of "The Church of WiFi" wireless think tank. He currently operates his own consulting company in Edmonton, Alberta, Canada, providing wireless performance and security assessment services for a variety of clients both large and small. A noted expert in the hacker community in the field of wireless security, he has spoken at many international conferences such as Black Hat and DEFCON and taught several classes on free wireless assessment tools. He has also contributed over time to many wireless security tools such as the Kismet wirelss sniffer and coWPAtty.
Related to Seven Deadliest Wireless Technologies Attacks
Related ebooks
Seven Deadliest Unified Communications Attacks Rating: 0 out of 5 stars0 ratingsPlacing the Suspect Behind the Keyboard: Using Digital Forensics and Investigative Techniques to Identify Cybercrime Suspects Rating: 0 out of 5 stars0 ratingsSnort Intrusion Detection 2.0 Rating: 4 out of 5 stars4/5Inside Radio: An Attack and Defense Guide Rating: 0 out of 5 stars0 ratingsCompsec: For the Home User Rating: 0 out of 5 stars0 ratingsHacking Wireless Access Points: Cracking, Tracking, and Signal Jacking Rating: 0 out of 5 stars0 ratingsNmap in the Enterprise: Your Guide to Network Scanning Rating: 0 out of 5 stars0 ratingsStealing The Network: How to Own the Box Rating: 4 out of 5 stars4/5Hacking and Penetration Testing with Low Power Devices Rating: 2 out of 5 stars2/5Mobile Malware Attacks and Defense Rating: 5 out of 5 stars5/5Wireshark & Ethereal Network Protocol Analyzer Toolkit Rating: 0 out of 5 stars0 ratingsAdvanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics (English Edition) Rating: 0 out of 5 stars0 ratingsMeeting People via WiFi and Bluetooth Rating: 0 out of 5 stars0 ratingsKismet Hacking Rating: 0 out of 5 stars0 ratingsWireshark Network Security Rating: 3 out of 5 stars3/5Digital Forensics: Threatscape and Best Practices Rating: 0 out of 5 stars0 ratingsPractical Anonymity: Hiding in Plain Sight Online Rating: 3 out of 5 stars3/5Social Engineering Penetration Testing: Executing Social Engineering Pen Tests, Assessments and Defense Rating: 0 out of 5 stars0 ratingsProfessional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab Rating: 4 out of 5 stars4/5Defending IoT Infrastructures with the Raspberry Pi: Monitoring and Detecting Nefarious Behavior in Real Time Rating: 0 out of 5 stars0 ratingsManaged Code Rootkits: Hooking into Runtime Environments Rating: 5 out of 5 stars5/5Penetration Testing with Raspberry Pi Rating: 5 out of 5 stars5/5Malware Forensics Field Guide for Windows Systems: Digital Forensics Field Guides Rating: 4 out of 5 stars4/5Cyber Forensics Up and Running: A hands-on guide to digital forensics tools and technique (English Edition) Rating: 0 out of 5 stars0 ratings#HACKED: 10 Practical Cybersecurity Tips to Help Protect Personal or Business Inform Rating: 0 out of 5 stars0 ratingsNinja Hacking: Unconventional Penetration Testing Tactics and Techniques Rating: 4 out of 5 stars4/5Snort Intrusion Detection and Prevention Toolkit Rating: 5 out of 5 stars5/5Mastering Wireshark Rating: 2 out of 5 stars2/5Coding for Penetration Testers: Building Better Tools Rating: 0 out of 5 stars0 ratings
Information Technology For You
Summary of Super-Intelligence From Nick Bostrom Rating: 5 out of 5 stars5/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5ChatGPT: The Future of Intelligent Conversation Rating: 4 out of 5 stars4/5How to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5Supercommunicator: Explaining the Complicated So Anyone Can Understand Rating: 3 out of 5 stars3/5Inkscape Beginner’s Guide Rating: 5 out of 5 stars5/5How To Use Chatgpt: Using Chatgpt To Make Money Online Has Never Been This Simple Rating: 0 out of 5 stars0 ratingsCompTIA A+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1101 Rating: 0 out of 5 stars0 ratingsData Analytics for Beginners: Introduction to Data Analytics Rating: 4 out of 5 stars4/5Computer Science: A Concise Introduction Rating: 4 out of 5 stars4/5Computer Organization and Design: The Hardware / Software Interface Rating: 4 out of 5 stars4/5Codeless Data Structures and Algorithms: Learn DSA Without Writing a Single Line of Code Rating: 0 out of 5 stars0 ratingsAn Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5Linux Command Line and Shell Scripting Bible Rating: 3 out of 5 stars3/5Cybersecurity for Beginners : Learn the Fundamentals of Cybersecurity in an Easy, Step-by-Step Guide: 1 Rating: 0 out of 5 stars0 ratingsAWS Certified Cloud Practitioner: Study Guide with Practice Questions and Labs Rating: 5 out of 5 stars5/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5CompTIA Network+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam N10-008 Rating: 0 out of 5 stars0 ratingsPractical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Learning Nagios 4 Rating: 5 out of 5 stars5/5Micro Niches Rating: 0 out of 5 stars0 ratingsHandbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5Panda3d 1.7 Game Developer's Cookbook Rating: 0 out of 5 stars0 ratingsHack Proofing Your Network Rating: 0 out of 5 stars0 ratingsCISSP Study Guide Rating: 4 out of 5 stars4/5CompTIA ITF+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Exam FC0-U61 Rating: 0 out of 5 stars0 ratings
Reviews for Seven Deadliest Wireless Technologies Attacks
0 ratings0 reviews
Book preview
Seven Deadliest Wireless Technologies Attacks - Brad Haines
risk.
CHAPTER 1
802.11 Wireless – Infrastructure Attacks
Publisher Summary
Wired Equivalent Privacy (WEP) is the original encryption scheme included in the 802.11b wireless standard from 1997. WEP is based on the RC4 stream cipher algorithm, and as with any stream cipher, identical keys must not be used. The initialization vector (IV) changes with each packet and eventually repeats, giving an attacker, two packets with identical IVs. The counter used for IVs in the previous years was 24 bits long, which on a fairly busy network meant that there was a good chance that after 5,000 packets, an IV would be repeated, yielding an IV collision where two packets were encrypted with the same key, thus providing a basis for cryptanalysis. The advent of the ARP replay attack really shortened the time needed to perform an attack. The ARP replay attack is where an encrypted ARP packet is captured from a network and retransmitted back to the access point (AP), which in turn sends back another ARP packet with a different IV. There are many tools available that break WEP, but the most popular is Aircrack-ng. Wi-Fi Protected Access2 (WPA2) (also known as 802.11i) is the final and more secure version of WPA. WPA2 uses Advanced Encryption Standard as its stream cipher, which is vastly more secure but requires resources only found on the newer generations of APs and is not available on older equipment.
Information in This Chapter
• How Wireless Networks Work
• Case Study: TJX Corporation
• Understanding WEP Cracking
• How to Crack WEP
• It Gets Better and Worse
• WPA and WPA2 in a Nutshell
• How to Crack WPA PSK and WPA2 PSK
Just about every new laptop that hits the market today has an 802.11 network card built in. It’s a technology that has become ubiquitous in our lives, and we can hardly remember a time when it wasn’t part of our days. It’s a technology that has grown in terms of speed and range to provide the capability to be connected to the Internet from anywhere in our homes or businesses.
This widespread technology would also very quickly become quite an issue from a security perspective. Users quickly demanded to cut the cable
and be able to access the network from anywhere in the office. Home users were quick to adopt the technology to work from the kitchen, the couch, or (more oddly) the bathroom. This intense push led to a lot of overworked and underpaid information technology (IT) administrators and neighborhood computer know-it-alls to install wireless networks without properly understanding the security risks involved. These early networks would continue to just work
with users not realizing that the security arms race caught up with them and even passed them, making them prime targets for attack.
In November 2003, Toronto, Ontario, police held a press conference to announce a (at the time) new and unusual crime.A The police report indicates that at around 5:00 A.M. an officer noticed a car slowly driving the wrong way down a one-way street in a residential neighborhood. The officer pulled the car over, and when he walked up to the driver, he was greeted with several disturbing sights. The driver was first of all not wearing any pants, which is probably disturbing in and of itself, but more alarmingly, on the passenger seat was a laptop clearly displaying child pornography. The driver had been using open wireless networks in the area to obtain Internet access to download child pornography, unbeknownst to the owners of those networks. The owners were victims themselves, twice. First, they were victims of theft of service since their communications had to compete for bandwidth with the traffic of the unauthorized user. Second, they were victimized because, for all intents and purposes, the child pornography was being downloaded through their connection. Any digital trail left would lead back to them, potentially exposing them to false accusations of downloading child pornography themselves and all the emotional and financial damage that accusation can bring. The suspect’s home was searched as a result, and 10 computers and over 1,000 CDs worth of illegal material were