A wireless network refers to any type of computer network that is wireless and is commonly associated with a telecommunications network whose interconnections between nodes are implemented without the use of wires. Wireless telecommunications networks are generally implemented with some type of remote information transmission system that uses electromagnetic waves such as radio waves for the carrier. The implementation usually takes place at the physical level or layer of the network.
The objective of this lab is to protect the wireless network from attackers.
In this lab, you will learn how to:
Wireless network technology is becoming increasingly popular but, at the same time, it has many security issues. A wireless local area network (WLAN) allows workers to access digital resources without being tethered to their desks. However, the convenience of WLANs also introduces security concerns that do not exist in a wired world. Connecting to a network no longer requires an Ethernet cable. Instead, data packets are airborne and available to anyone with the ability to intercept and decode them. Several reports have explained weaknesses in the Wired Equivalent Privacy (WEP) algorithm by the 802.11x standard to encrypt wireless data.
To be an expert ethical hacker and penetration tester, you must have sound knowledge of wireless concepts, wireless encryption, and their related threats. As a security administrator for your company, you must protect the wireless network from hacking.
Network administrators can take steps to help protect their wireless network from outside threats and attacks. Most hackers will post details of any loops or exploits online, and if they find a security hole, they will come in droves to test your wireless network with it. WEP is used for wireless networks. Always change your SSID from the default, before you actually connect the wireless router to the access point. If an SSID broadcast is not disabled on an access point, the use of a DHCP server to automatically assign an IP address to wireless clients should not be used because war driving tools can easily detect your internal IP addressing if the SSID broadcasts are enabled and the DHCP is being used.
As an ethical hacker and penetration tester of an organization, your IT director will assign you the task of testing wireless security, exploiting the flaws in WEP, and cracking the keys present in WEP of an organization. In this lab, we discuss how WPA key is cracked using standard attacks such as korek attacks and PTW attacks.
Lab Objectives
The objective of this lab is to protect wireless network from attackers. In this lab, you will learn how to:
Lab Analysis
In this lab you have learnt how to crack WEP using various tools, capture network traffic and analyze and detect wireless traffic. Document the BSSID of the target wireless network connected clients and recovered WEP key. Analyze various Airecrack-ng attacks and their respective data packet generation rate.
Packet sniffing is a form of wire-tapping applied to computer networks. It came into vogue with Ethernet; this means that traffic on a segment passes by all hosts attached to that segment. Ethernet cards have a filter that prevents the host machine from seeing traffic address to other stations. Sniffing programs turn off the filter, and thus see everyone traffic. Most of the hubs/switches allow the inducer to sniff remotely using SNMP, which has weak authentication. Using POP, IMAP, HTTP Basic, and talent authentication, an intruder reads the password off the wire in cleartext.
To be an expert ethical hacker and penetration tester, you must have sound knowledge of sniffing network packets, performing ARP poisoning, spoofing the network, and DNS poisoning. OmniPeek network analysis performs deep packet inspection, network forensics, troubleshooting, and packet and protocol analysis of wired and wireless networks. In this lab, we discuss wireless packet analysis of captured packets.
Lab Objectives
The objective of this lab is to reinforce concepts of network security policy, policy enforcement, and policy audits.
Lab Analysis
In this lab, you have learnt how to reinforce concepts of network security policy, policy enforcement, and policy audits. Document the BSSID of the target wireless network connected clients and recovered WEP key. Analyze various Airecrack-ng attacks and their respective data packet generation rate.