The attack method of the wireless network attacking tool and the precaution skill Summary _ network security

Find a wireless network

Finding a wireless network is the first step in an attack, where two common tools are recommended:

1, Network Stumbler a.k.a NetStumbler.

This windows-based tool makes it very easy to find radio signals that are broadcast in a range, and to determine which signals or noise information can be used for site measurements.

2, Kismet.

A key feature of the lack of NetStumbler is to show which wireless networks do not have a broadcast SSID. If you want to be a wireless security expert in the future, you should realize that access points (access Points) regularly broadcast this information. Kismet will discover and display those SSID that are not broadcast, and this information is critical to discovering wireless networks.

Connect to the found wireless network

After discovering a wireless network, the next step is to try to connect to it. If the network does not use any authentication or encryption security measures, you can easily connect to its SSID. If the SSID is not broadcast, you can create a file with the name of the SSID. If the wireless network uses authentication and/or encryption, you may need one of the following tools.

1, Airsnort.

This tool is very useful and can be used to sniff and crack the WEP key. Many people use WEP, which is certainly better than nothing. When you use this tool you will find that it captures a large number of captured packets to crack the WEP key. There are other tools and methods that can be used to force the traffic generated on the wireless network to shorten the time needed to crack the key, but Airsnort does not have this function.

2, Cowpatty.

This tool is used as a brute force to crack WPA-PSK, because home wireless networks rarely use WEP. This program is very simple to try a variety of different options in an article to see if a key is exactly the same as the pre-shared key.

3, Asleap.

If a wireless network uses LEAP, the tool can collect authentication information that is transmitted over the network, and the authentication information of these crawls may be cracked. Leap does not provide protection for authentication information, which is the main reason that leap can be attacked.

Crawl information on the wireless web

Whether you are directly connected to the wireless network, as long as the scope of the wireless network exists, there will be information delivery. To see this information, you need a tool.

This is ethereal. There is no doubt that this tool is very valuable. Ethereal can scan wireless and Ethernet information, as well as strong filtering capabilities. It can also sniff out 802.11 management information and can also be used as a sniffer for non broadcast SSID.

The previously improved tools are all necessary in your wireless network Security Toolkit. The easiest way to familiarize yourself with these tools is to use them in a controlled experimental environment. These tools can be downloaded to the Internet free of charge.

Guard against these tools

It's important to know how to use these tools, but it's more important to know how to guard against these tools and protect your wireless network security.

Guard against NetStumbler: Do not broadcast your SSID to ensure that your WLAN is protected by advanced authentication and encryption measures.

Guard against Kismet: There is no way for Kismet to find your WLAN, so be sure to have advanced authentication and encryption measures.

Guard against Airsnort: use a 128-bit, rather than 40-bit WEP encryption key, which can take longer to crack. If your device is supported, use WPA or WPA2, and do not use WEP.

Guard against Cowpatty: Choose a long complex WPA shared key. The type of the key is not likely to exist in the hacker-induced file list, so the attacker can guess your key will take a longer time. If you are in an interactive situation, do not use WPA with a shared key, use a good EAP type protection authentication, limit the number of incorrect guesses before the account exits.

Guard against Asleap: Use long, complex certifications, or turn to Eap-fast or another EAP type.

Guard against Ethereal: use encryption so that any sniff of information is difficult or almost impossible to crack. WPA2, using AES algorithm, ordinary hackers are impossible to crack. WEP also encrypts data. In a public wireless network area that does not normally provide encryption, use the encryption of the application layer, such as simplite, to encrypt IM sessions, or to use SSL. For users who need to interact, use IPSec VPN and turn off the split tunneling feature. This forces all traffic to be encrypted through the tunnel, possibly by Des, 3DES, or AES.