Wireless_Attacks_DSchade - Wireless Attacks and Defense By...

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Wireless Attacks and Defense By: Dan Schade April 9, 2006
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Schade - 2 As more and more home and business users adapt wireless technologies because of their ease of use and affordability, these devices are coming under attack by the malicious who are after your data and by the casual user looking for free bandwidth. In this paper, I will explain how wireless attacks are done on Wired Equivalency Privacy (WEP) networks, other common network attacks and then present several options to defend wireless networks. History of 802.11 Wireless Security Since the summer of 2001, WEP cracking has been a trivial but time consuming process. “Scott Fluhrer, Itsik Mantin, and Adi Shamir identified a key scheduling attack, known as FMS attack, against theRC4 algorithm that, when used with certain keys, renders the cipher vulnerable to key recovery.” (Branch) A few tools that implement the Fluhrer-Mantin-Shamir (FMS) attack were released to the security community -- who until then were aware of the problems with WEP but did not have practical penetration testing tools. Although simple to use, these tools required a very large number of packets to be gathered before being able to crack a WEP key. On August 8th, 2004, a hacker named KoreK posted new WEP statistical cryptanalysis attack code to the NetStumbler forums. While it is still functional, it is not currently maintained, and the attacks have since seen better implementations in Aircrack and WepLab just to name a few. The KoreK attacks changed everything. No longer were millions of packets required to crack a WEP key. With the new attacks, the critical
Background image of page 2
Schade - 3 ingredient is the total number of unique IVs captured, and a key can often be cracked with hundreds of thousands of packets, rather than millions. So even though there is widespread deployment of wireless, why does it attract so much criticism? Arbaugh stated it best when he said “First, there was the exponential adoption rate of the technology. Further, the security architecture did not define a threat model or security goals and was developed by a relatively closed standards body without public review or involvement of a security professional.” (Arbaugh). Probing and Network Discovery Transmitting data through the air makes them susceptible to being captured and read by anyone with a receiver capable of listening in on the same frequency that the data is being transmitted. Wi-fi signals are easy to intercept and WEP security is fairly simple to crack given the right tools. Unfortunately, these tools are readily available and can be downloaded from numerous sites. WPA can be cracked using a brute force dictionary attack if the user uses a simple word or phrase as his key. Simply creating a 20+ word pass phrase interspersed with number or symbols will secure your network (at least for today). To demonstrate how easy it is for someone to break a WEP code, I did some
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 12

Wireless_Attacks_DSchade - Wireless Attacks and Defense By...

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online