Mobile Security: Top 10 Wi-Fi network security threats

This article summarizes several major threats to the use of wireless Internet access and mobile security under the increasing popularity of 3G wireless networks:

1. Data truncation: Today, it is increasingly common for network hackers to intercept data through Wi-Fi. Fortunately, all products that currently support Wi-Fi authentication support AES-CCMP data encryption protocols. However, some early products are still used by users. These products only support TKIP, and TKIP is easily stolen by network hackers due to security vulnerabilities. Therefore, users should upgrade to AES-CCMP as soon as possible.

2. Denial of Service: Wireless LAN is vulnerable to DoS attacks, but good news also exists. As more and more users start to use the 802.11n standard, they start to use the 5 GHz band which is not crowded, this reduces the occurrence of DOS. Even so, some DOS attacks still exist. At present, the latest product has begun to support the 802.11w management mechanism, which effectively avoids this phenomenon.

3. Illegal Access Points: Some network users who are lucky enough often use unauthorized access points for network access, which is very dangerous. Fortunately, most enterprises scan access point settings to avoid the emergence of illegal access points. For individual users, measures such as tracking and interception should be taken to prevent the use of illegal access points.

4. Wireless intruders: AirMagnet enterprise 8.5.1 is a multi-layer automatic defense system that can actively defend against illegal WLAN device intrusion and other attacks. Users can set policies in advance to automatically record information such as physical locations, Mac addresses, hardware vendors, channels, SSID, and 802.11 (a/B/g/n. Illegal devices and security threats can be traced and locked through wireless connection, or the switch port can be locked. You can also see on the floor plan that the exact physical location of the illegal device has determined all possible security threats in your wireless environment.

5. misconfigured Access Points: most enterprise WLAN instances are centrally managed and regularly updated to reduce overall costs, improve reliability, and reduce risks. However, 802.11n adds a series of complex configuration options, and the priority item and multi-media further complicate the configuration. For individual users, centralized management should be adopted to minimize operation errors.

6. Ad Hocs and soft Access Points: 802.11a/B/g and 802.11n AP can use 802.1X to connect and authenticate users while rejecting unfamiliar access. However, 802.11n still cannot prevent intruders from sending fake management frames. This is an attack that disconnects legal users or disguises them as "edevil twin" APS. The new 802.11n network must be vigilant against wireless attacks. Small WLANs still use periodic scans to detect fraud APS, at the same time, commercial WLAN should use a complete wireless intrusion defense system to prevent fraud, unexpected connections, unauthorized ad hocs and other Wi-Fi attacks.

7. New 802.11n devices may contain undiscovered defects. For example, early versions of wireless access points (AP) with the Netgear model WN802T cannot be correctly parsed and the length is zero (null) the SSID (WVE-2008-0010) ). Also, drivers used by Atheros on new 802.11n Wireless Access Point devices, such as Linksys's WRT350N, cannot properly process certain management frame information units (WVE-2008-0008 ). This type of vulnerability is not uncommon. WLAN administrators only need to pay attention to the security bulletin and update the firmware and driver in time.

8. About the new MAC Architecture of 802.11n: one of these architectures is discovered to be extensible. Enable the 802.11n module to confirm the receipt of several data frames and provide effective support for streaming media applications. Dos attacks can be identified by sending forged modules to the receiver (WVE-2008-0006) to destroy 802.11 nWLAN. An 802.11n WIPS can detect attacks, but the only way to avoid attacks is to stop using the Add Block-ACK (ADDBA) function.

9. Fraudulent access point: a fraudulent access point is an access point that is set or exists without the permission or knowledge of the wireless network owner. Some employees sometimes install fraudulent access points to avoid the company's installed security measures and create hidden wireless networks. Although this type of private network is basically harmless, it can construct a network without protection measures, and then act as an open portal for intruders to access the enterprise network.

10. Dual-sided demon attacks: these attacks are also called "wireless phishing". Dual-sided demons are actually fraudulent access points hidden by neighboring network names. Dual-sided demons wait for some blindly trusted users to enter the wrong access point, and then steal data from individual networks or attack computers.