Home > Cloud Computing > Cloud Security

How can we trace wireless attack sources?

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Q: I need a tool that can locate DoS attacks in a wireless LAN. Although the wireless intrusion defense system WIPS in use can provide the alarm function when an attack occurs, I still need to know which tool can locate the specific location of the device that initiates the attack.

A: When an attack occurs, WIPS can locate the approximate attack location, or at least display the sensor device or AP closest to the attack source. In view of this, you can find the attack source by listening to the RF at the specific location.

If the attack source happens to be a Wi-Fi AP or Ad Hoc node, resulting in co-frequency interference, you can only listen through any Wi-Fi discovery tool, also known as "stumbler. View the list of wireless security tools. For example, the best AP ing tool is HeatMapper.

If the attack source is a Wi-Fi client, you need a tool that can enter RFMON mode and listen to other Wi-Fi traffic, not just an AP or Ad Hoc pointer. AirPCap adapter is required for running Linux) or Airodump-ng, Kismet, and Wireshark on Windows are competent. Commercial WLAN analysis tools can also capture client traffic.

If the attack source is not a Wi-Fi device, you need a mobile RF spectrum analysis device with the "Search" function. Some commercial devices already have this feature, such as MetaGeek Wi-Spy.

Note: When you are looking for an attack source, the attack device must be in operation. This requirement seems obvious, but it also brings some challenges: especially when DoS attacks prove to be Transient RF interference. Let's take a look at the historical data generated by WIPS and the real-time observation results of the sensors and AP. When we find attacks again, you may want to use WIPS with the "View" function to trigger sensor-based remote packet capture. In addition, WIPS also recommends the best time to search for attack sources in a day based on the event history. Finally, some new enterprise APS can provide on-board spectrum analysis devices-if your "DoS attack" does have chronic RF interference problems, this investment is worth it.

  1. Six new myths about wireless security
  2. Eight Methods for hacker attacks and intrusions

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
http trace xss attack can ddos attack traced how to trace package how to trace dns how to ddos attack how to smurf attack how to trace wire transfer
Related Article
How does personal cloud security guarantee data security?
Cloud security to achieve effective prevention of the future ...
Focus on three major cloud security areas, you know?
Decrypting Cisco type 5 password hashes
Using redis to write webshell

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More