8.2/ Wireless Attacks
Crack Wi-Fi encryption with Aircrack-ng
1. Enable monitor mode on a wireless adaptor by using 'airmon-ng' command to put the network card into monitor mode 2. Capture handshake 3. Capture Wi-Fi key
Use wireless attack tools
1. Kali Linux Tools (Fern Wi-Fi Cracker) 2. Use Internet to find tools (Aircrack, Airsnort, Cain &Able, Wireshark, wigle.net, etc) 3. Hack a wireless network (easy to bypass MAC address filtering) 4. Change wireless interface to monitor mode : a.To change wireless interface to monitor mode, identify the name of the wireless card b. Type 'ifconfig' or 'ip address show' and enter c. To take interface down, use 'iwconfig' command to switch it to Monitor mode d. Type 'airmon-ng check wlan0' command to make sure there aren't any processes that will conflict with the tool we are going to use e. Kill any processes that appear 5. Capture signals with Airodump 6. Spoof MAC address 7. Connect to the network
Configure rogues host protection
1. Log in to wireless controller 2. Select config 3. Configure self-healing on the wireless network 4. Configure background scanning for rogue device detection 5. Configure load balancing 6. Configure band balancing 7. Reduce power levels in building As
Initialization vector(IV)
A seed value used in encryption The seed value and key are used in an encryption algorithm to generate additional keys or encrypt data
Interference
A signal that corrupts or destroys a wireless signal can affect communication of access points and other wireless devices
Rogues access points
Any unauthorized access point added to a network
Which type of RFID tag can send a signal over a long distance?
Active
What is the difference between passive and active radio frequency identification (RFID) tags?
Active RFID tags have onboard batteries and can send signals over a long distance (Ex. road toll pass) Passive RFID tags are seen in ID badges, credit cards and similar devices. Not powered and relies on the energy of the scanner to transmit data
Which of the following best describes an evil twin?
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)
Conduct a site survey. Check the MAC addresses of devices connected to your wired switch.
Detect rogue hosts
Configure wireless controller to detect rogue hosts 1. go to Insight > Untrusted Rogue APs -> no list yet 2. trigger a scan to look for -> go back to check untrusted rogue APs -> find the list
Which type of interference is caused by motors, heavy machinery, and fluorescent lights?
EMI
Which type of attack is WEP extremely vulnerable to?
IV attack
You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless network's signal. Which type of attack are you most likely experiencing?
Jamming
Radio frequency identification
RIFD uses radio waves to transmit data from small circuit boards called RFID tags to special scanners
An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device. Which type of attack is being executed?
Relay
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this?
Rogue access point
What is an initialization vector used for?
Used in encryption WEP encryption that uses IV can be cracked in as little as 1-2 minutes, so no longer use this Newer standards such as WPA2 and WPA3 do not use IVs in the encryption process
Which of the following best describes Bluesnarfing?
Viewing calendar, emails, and messages on a mobile device without authorization
Near Field Communication (NFCP
allows two-way communication between two devices The devices myst be within a few centimeters of each other Newer techonology that is built on RFID
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
bluejacking
What is the difference between bluejacking and bluesnarfing?
bluejacking: looks for nearby devices that are in discovery mode and sends unwanted messages The attacker is unable to steal any data bluesnarfing: exploits a vulnerability in the object exchange protocol that allows an attacker to pair to the target device. Once paired, the attacker can view the calendar, emails, text messages, contact lists, and other data on the device