Wireless hacking

From Wikipedia, the free encyclopedia

 This article is orphaned as few or no other articles link to it.
Please help introduce links in articles on related topics. (May 2008)


In security breaches, wireless hacking is the unauthorized use or penetration of a wireless network. A wireless network can be penetrated in a number of ways. There are methods ranging from those that demand a high level of technological skill and commitment to methods that are less sophisticated and require minimal technologically skill. Once within a network a skilled hacker can modify software, network settings, other security items and much more. To counter the security threat of an intrusion into a wireless network, there are many precautions available.

Contents

[edit] Virtual Intrusion

The various methods used by hackers that enable them to exploit wireless connections typically begin with eavesdropping on a network, “sniffing”. A packet sniffer is a program that monitors that information contained on a network. The information that sniffer programs make available include emails, user names and passwords, among other sensitive information. There are different means of sniffing out wireless networks including passively scanning and collecting Media Access Control (MAC) addresses.

A hacker can passively scan each radio channel that wireless networks are broadcast on to check for activity. By passively scanning the presence of that scanner is not revealed since they are not actually transmitting any traceable material to the network at this point.

Detecting a wireless “sniffer” is extremely difficult. It is only after the hacker starts to probe and/or install packets onto the network that the location of the attacker and/or the device can be isolated. For some hackers the main goal of an intrusion is to obtain the WEP key. There are several methods that are used to achieve this. The main obstacle to intruders gaining the WEP key is a lack of computing power. The average home computer could take anywhere from hours to days to gain access through weak system frames.

The information that a hacker can collect from sniffing alone is limited, in order to gain all the information that they want hackers must then engage in actively probing a network. In actively probing a network a hacker increases the probably of detection. This risk comes as a result of the packets that are sent to the target in an effort to get back the desired information in return.

War Driving is another increasingly common method of gaining access to unprotected networks. The main equipment for war driving includes a WiFi enabled laptop or PDA, a GPS device.

[edit] Other Means of Gaining Access

Other means available and used by hackers to gain access to a wireless network include virtually probing, lost password and social spying. These methods are not as technologically intensive as virtual intrusions but they nonetheless pose a high security threat.

  • A virtual probe is when hackers contact users on a network on the pretence of being a vendor that a company normally deals with. The hacker than asks for sensitive information concerning the wireless network. A commonly used example of this is when a hacker pretends to be conducting a survey. They then ask for information about the firewalls, or many other sensitive pieces of information.
  • The lost password method of intrusion is when the hacker obtains a password to get past an organizations firewall or intrusion detection system. Then the hacker will develop an account for himself so they can access any information they want at any time they want.
  • The social spying method of intrusion is when hackers spy on everyday people when they are entering passwords. The person targeted does not know that they are the target of the hacker. An example of this is when people enter their PIN while at the ATM, very few take the precaution of protecting this important information.

Although not technically hacking, PC's running the Windows operating system can be inadvertently connected to an unsecured wireless access points. Windows alerts the user when a new wireless access point is found by default, and if no encryption is employed, then it is simply a matter of clicking a single button.

[edit] Security Measures

In an effort to protect a wireless network there are several security measures that can be employed.

  • Encryption of all wireless traffic is the most secure way of reducing both hacking attempts, and successful breaches. There are several wireless encryption types available, including WEP, WPA and WPAv2. WEP is considered insecure, as given enough processing power, it can be broken. That said, WEP will still stop any passive scans, as well as casual hackers.
  • Altering the network from the manufacturer’s defaults can also discourage hackers. The information about network defaults is easily accessible and will render any security enhancements useless. Settings such as default SSID, default admin password, and disabled encryption are the main items that need addressing.
  • Data, especially passwords, should be encrypted when travelling over the network. A cracked system without encrypted passwords and other information is totally accessible to hackers.
  • As with most technology updating security protocols and other information is crucial to maintaining the security of the system.

It is a common misconception that disabling broadcasting of the SSID and enabling MAC filtering is a sufficient security configuration. This is not the case. Disabling the SSID broadcast merely prevents casual nearby wireless users from detecting the presence of your network - war drivers and those who are already aware of your wireless network will not be disadvantaged at all by a disabled SSID. Similarly, MAC address filtering will only prevent accidental connection from casual users - MAC address's can be spoofed to appear to be that of an authorised workstation or laptop.

[edit] Sources