Wireless Network Hacking

Introduction
Background and Context
According to a recently published article by Associated Press an 800-mile
drive in the San Jose, Calif. area in which over 3,600 wireless access points
were detected. According to the article, nearly 40 percent of those networks
were completely wide-open. "Wardriving", as it's called, is a popular hobby,
unchecked access to a wireless network can cause quite a bit of damage.
CNN even ran a recent report about "warflying" - flying over populated areas
to detect wireless hotspots. In the report, they detailed a warflying trip in
which over 3,000 wireless networks were detected and over 67 percent of the
networks did not have any encryption enabled [1].
Reasons to select this topic
All the latest tech reports, surveys details about “wayflying” motivate us to
choose a project on Wireless Internet Hacking and Protection. We do want to
see a wireless network both from hacker's perspective and protector's
perspective and this drive my friend and me to select a challenging project
where my friend will try to hack my wireless Internet network and break and
breach the security to as much extent as possible. I will be the protector and
will play the defensive part to protect my wireless network from any sort of
breaching or security breaks.
1.1 Aims of the subject
We will share our experiences about hacking and protecting a wireless
network in our final report, my basic part will be a comprehensive detail about
my experience while protecting my network against all break inns. I will try to
device some basic steps which can be very useful to protect a residential
home or small business.
As it's illegal to intrude in some one's wireless network, we would like to
mention that we are carrying out this activity with mutual agreement and any
thoughts shared at the end of the project will be used for making network
systems more protected and secured.
1.2 Scope and Objectives
My scope will be to write about wireless network protection techniques, flows,
detection, defence, encryption techniques, filtering and repair of a hacked
network.
Achievements
A comprehensive study of Latest Network Routers and their functionality,
Network's SSID, Encryption techniques, MAC Addressing, IP Addressing, Fire
Walls.
Devising practical approaches for protecting, troubleshooting, and Repairing
Wireless Networks.
For the purpose of my dissertation I have thoroughly gone through to Existing
IDSs Such as
1.1.Ethereal
Ethereal is one of the most popular sniffers available. It performs packet
sniffing on almost any platform (Unix, Windows) in both real-time (live), and
from saved capture files from other sniffers (NAI's Sniffer, NetXray, tcpdump,
and more). Included with this program are many features such as filtering.
TCP stream reconstruction, promiscuous mode, third-party plug-in options,
and the capability to recognize more than 260 protocols. Ethereal also
supports capturing on Ethernet, FDDI, PPP, token ring, X-25, and IP over
ATM. In short, it is one of the most powerful sniffers available on the market
today and it is free [2].
1.2. NetStumbler
NetStumbler is the "Mother of All" wireless network scanning tools. It includes
various features, such as signal strength, ESSID, channel, GPS support, and
more. In fact, NetStumbler is more than just a program because of an
interactive Web site that enables you to look up known access point MAC
addresses and locations, as determined by the optional GPS logs. In addition,
the NetStumbler Web site has a script that converts your capture files into
files that can be read by Map Point 2002.
The release of this program affected the wireless networking world
significantly. Thus, this remarkable tool is part of any war driver's arsenal. If
you own a wireless network, you should use this program to help position
your wireless network in a central location to reduce your radiation zone. In
addition to this 'full' PC-based program, the creator of this program also wrote
one for the Pocket PC environment [3].

Commview

CommView for WiFi is a special edition of CommView designed for capturing

and analyzing network packets on wireless 802.11a/b/g/n networks.
CommView for WiFi gathers information from the wireless adapter and
decodes the analyzed data. With CommView for WiFi you can see the list of
network connections and vital IP statistics and examine individual packets.
Packets can be decrypted utilizing user-defined WEP or WPA-PSK keys and
are decoded down to the lowest layer, with full analysis of the most
widespread protocols. Full access to raw data is also provided. Captured
packets can be saved to log files for future analysis. A flexible system of filters
makes it possible to drop unnecessary packets or capture the essential
packets. Configurable alarms can notify the user about important events such
as suspicious packets, high bandwidth utilization, or unknown addresses.

Wifi-Manager

ManageEngine WiFi Manager is an integrated and centralized management

and security solution for wireless networks (WLANs) for enterprises. It
enhances the availability and security of your WLANs by continuously
monitoring the network as well as the airspace. WiFi Manager offers wireless
device monitoring, one-click configuration, access point firmware
management, wireless security management and a variety of reports that
remove the complexity of wireless network management. WiFi Manager can
detect almost all major wireless threats including rogue attacks, intrusions,
sniffers, DoS attacks, and vulnerabilities. With WiFi Manager you'll have
complete control over your wireless devices as well as your airspace, and
more time to focus on core IT operations

AirSnort

AirSnort is an encryption-cracking program. AirSnort is able to capture

encrypted radio data and extract the secret key, byte by byte. After capturing
roughly 3,000,000-5,000,000 packets, AirSnort can crack the password used
by client and host in a few seconds. Although this program was not the first
available to demonstrate the weaknesses of WEP, it quickly became the one
of the most popular, because it can both capture and crack encrypted data.
(Its forefather, WEPCrack, was the first publicly released code to crack
archived data.) In addition, the newer releases of AirSnort provide a GUI,
which is more appealing to most users than the previously used command-
line interface [4].
WEPCrack

WEPCrack is a script program that is coded in Perl. This means that,

theoretically, an operating system need only have Perl installed and
operational to use WEPCrack. Although this is a great theory, in reality
WEPCrack is only fully functional on Unix-based systems.
WEPCrack will selectively capture, log, and crack RC4-protected encrypted
packets sent by hardware/software using the 802.11b standard. It does this
through the use of several separate scripts, each of which performs an
essential part of the cracking process. In addition to the necessary cracking
scripts, WEPCrack also includes a testing script that will generate a sample
"weak IV" file based on a given password.

AiroPeek NX
AiroPeek NX is the most comprehensive and feature-packed wireless
analyzer available. This program not only performs real-time monitoring and
analysis of 802.11b traffic, but it also provides virtual mapping, traffic filtering,
and intrusion detection. In short, this program is the only diagnostic software
you need to keep a watchful eye on any WLAN.