Hacking For Beginners – Manthan Desai

2010

Services provided by Wireless Networks

• Association:

It establishes wireless links between wireless clients and access points in infrastructure networks.

• Re-association:

This action takes place in addition to association when client moves from one Basic Service Set(BSS) to another, such as in Roaming.

• Authentication:

This process proves a client’s identity through the 802.11 option, Wired Equivalent Privacy(WEP). In WEP, a shared key is configured into point and its wireless clients. Only thosedevices with a valid shared key will be allowed associated with the access point.

• Privacy:

In the 802.11 standard, data are transferred in the clear by default. If confidentiality is desired, the WEPoption encrypts data before it is sent wirelessly. The WEP algorithm of the 802.11 Wireless LAN Standarduses a secret key that is shared between a mobile station (for example, a laptop with a wireless Ethernetcard) and a base station point to protect the confidentiality of information being transmitted onthe LAN.

Standard Wireless Security Solution

Wireless Security policies are developed or enhanced to accommodate the wireless environment. Primary issues will beownership and control of the wireless network, controlling access to the network, physically securing access points,encrypting, auditing, and the procedures for detecting and handling rogue access points or networks. User securityawareness policies should be implemented.

SSID Solution

Wireless equipment manufacturers use a default Service Set ID (SSID) in order to identify the network to wireless clients.All access points often broadcast the SSID in order to provide clients with a list of networks to be accessed. Unfortunately,this serves to let potential intruders identify the network they wish to attack. If the SSID is set to the default manufacturersetting it often means that the additional configuration settings (such as passwords) are at their defaults as well.

Good security policy is to disable SSID broadcasting entirely. If a network listing is a requirement for network users thenchanging the SSID to something other than the default, that does not identify the company or location, is a must. Be sureto change all other default settings as well to reduce the risk of a successful attack.

www.hackingtech.co.tv

Page 67