Passive Attacks On Wireless Networks - PowerPoint PPT Presentation

1 / 9
About This Presentation
Title:

Passive Attacks On Wireless Networks

Description:

A popular hobby for many wireless wardriving enthusiasts for detecting and ... Use of analysis tools, such as Network Monitor in Microsoft products, TCP dump ... – PowerPoint PPT presentation

Number of Views:113
Avg rating:3.0/5.0
Slides: 10
Provided by: sah65
Category:

less

Transcript and Presenter's Notes

Title: Passive Attacks On Wireless Networks


1
Passive Attacks On Wireless Networks
  • Name Sabbir Ahmed
  • Due Date 10/22/06

2
  • A passive attack occurs when someone listens or
    eavdrops on network traffic
  • Difficult to detect
  • Extremely common on wireless network
  • A popular hobby for many wireless wardriving
    enthusiasts for detecting and reporting on
    wireless networks

3
  • Using an wireless network adapter that supports
    promiscuos mode, the evesdropper captures network
    traffic
  • Use of analysis tools, such as Network Monitor in
    Microsoft products, TCP dump in Linux-based
    products, AirSnort, etc.
  • Many attackers claim that their activities are
    educational

4
  • Use of popular freeware program, called
    Netstumbler that works primarily with wireless
    network adaptors that use Hermes Chipset because
    of its ability to detect multiple APs that are
    within the range
  • Use of an external antena that can extend the
    range of a wireless network to many orders of
    magnitude.
  • Additionally and wireless network adapor, PRISM2
    chipset are used to capture the traffic

5
  • Netstumbler is free, sophisticated and
    feature-rich product that is excellent for
    performing wireless site suveys, whether for
    legitimate purposes or not.
  • Netstumbler can provide detailed information on
    the wireless networks it detects i.e. Service
    Set ID(SSID), channel, manufacturer of the
    wireless AP

6
  • Discovering the SSID and other information,
    attacker can connect to the wireless network to
    sniff and capture network traffic.
  • Thru analysis, the attacker can determine what
    DNS servers are being used, default home pages on
    browsers, network names, logon traffic, etc

7
  • Attacker, given some time, can capture a
    sufficient amount of traffic to crack the
    encryption

8
  • Wireless APs are half duplex similar to hubs and
    repeaters
  • Network devices can potentially see traffic from
    other devices
  • Only defense against sniffing on a wireless
    network is to encrypt Layer 2 and higher traffic
    whenever possible through the use of WEP, VPNs
    SSL, Secure Shell(SSH), Secure Copy(SCP) and so
    on

9
  • The End
Write a Comment
User Comments (0)
About PowerShow.com