Wireless Vulnerabilities

Related to my review of wireless security landscape is this review of threats to wireless security.

Passive Sniffing

“The same information in a Probe Response frame is available in the Beacon frames that every 802.11 network is required to transmit (even closed networks). So, we just listen for these frames in Monitor Mode instead.”

Extreme Tech’s guide to exploiting and protecting WiFi networks

“AirSnort can determine the WEP key in seconds…”

Wired News: AirSnort cracks WEP

“Once AirSnort breaks the encryption, you’re basically hosed. A malicious hacker can read any packet traveling over the network, gather information, passwords — you name it.”

Security News Portal’s 10 tips on Wireless Security

“…WEP is not fool proof: Don’t put all your encrypted eggs into the WEP basket. WEP is one security layer of many and should not be relied on as the sole security measure…. Many network administrators have learned this lesson the hard way.”

AirSnort FAQ

“…all 802.11b networks with 40/128 bit WEP encryption are vulnerable. As this is a passive attack, nothing can be done to detect to detect that this is being done, either.”

New Architect Magazine’s view on wireless security

“Ubiquitous public mobile networking is the manifest destiny of the Internet, and nothing will stand in its way. To work, the public mobile Internet has to be open, letting people join and drop out at will. This means that public wireless communication will be vulnerable to sniffing, so there’s no longer any excuse for failing to use end-to-end encryption for email, Web, and login protocols.”

AirSnort FAQ

“We suggest that you assume that every packet will be readable by the world. Protocols like SSL and SSH are trusted for a good reason; they’ve both withstood numerous attacks over the years, and emerged (mostly) unscathed. The latest versions of each allow users to protect data, even on totally public channels. This is what’s referred to as end-to-end encryption. End-to-end protection measures are fundamentally more resistant to attacks like AirSnort’s. Also make use of RADIUS (or some such) authentication to keep users off your network should they crack your key.”