The development of wireless network technology provides us with more opportunities to learn and brings more potential network security risks. Here we will describe in detail. Wireless network technology provides the convenience and mobility of the network, but it also brings security risks to your network. Because the wireless local area network transmits data through wireless signals, wireless signals cannot control the spread of data in the space after being transmitted, and thus are easily intercepted by undesirable receivers. Unless visitor and device authentication and authorization mechanisms are sound enough, any user with a compatible wireless network card can access the network.
If valid data encryption is not performed, wireless data is sent in plaintext, in this way, anyone within the valid signal distance of a wireless access point can detect and receive all data from and from the wireless access point. Non-fast customers can easily access the network through wireless client devices within the range covered by wireless LAN signals without attacking the internal wired network. As long as the security mechanisms related to the security of the wireless LAN can be cracked, the local network of the company can be completely attacked. Therefore, wireless LAN is inherently insecure because it transmits data through wireless signals.
What are the security risks of a wireless LAN? What are the security risks of a wireless LAN without sound security mechanisms? Next, let's take a look at the security risks related to wireless networks.
1. Security risks caused by excessive "exposure" Wireless Networks
Wireless Networks have a certain coverage. Over-seeking coverage will lead to excessive "Exposure" of our wireless networks, allowing more wireless clients to detect wireless networks, this will increase the chance of attacks on our wireless networks, so we should pay attention to this security risk.
Sometimes we are too keen on the coverage of the wireless network, and the purchase of a Wireless AP with a large transmit power and a large antenna gain, in the security aspect of the global considerations, now we have to deal with this change of thinking. In addition, the placement of Wireless AP is also a problem, such as placing it on the windowsill will increase the chance of signal leakage.
2. Security Risks
This often happens to beginners who have no experience in wireless networks. After the customer buys a Wireless AP, the initial settings of the device security are not changed, and the Administrator Logon password and SSID of the Wireless AP are not reset, And the WEP Key is not set. This kind of security risk is most likely to happen. Because there are a lot of people using laptops with wireless NICs, the XP operating system's "Wireless Zero Configuration" also has the function of Automatically Searching for wireless networks, therefore, once the XP client enters the wireless network signal coverage range, it can automatically establish a connection, which will lead to undefended intrusion.
3. Crack the security risks that may result in fraudulent use of device identities due to general Wireless Security Settings
Even if the Wireless AP is encrypted, the wireless network is not absolutely secure. Many experienced wireless network users will set various security settings for their wireless networks. They thought these settings could withstand illegal attacks, but they do not know that wireless security technology is improving, intrusion technologies and tools are also improving.
As we have already said before, wireless network signals are transmitted in open space, so as long as a suitable wireless client device is available, wireless network signals can be received within the appropriate signal coverage range. Once the security settings of the common wireless network are cracked, you can enter the wireless network as a valid device.
The "General Wireless Security Settings" here refer to the built-in security settings in common wireless network devices, including SSID hiding, WEP encryption, WPA encryption, and MAC filtering. The peer-to-peer security mechanism between these Wireless AP and wireless clients is considered insecure so far, and is often cracked due to the easy acquisition of wireless signals, the device identity is impersonated.
Here we need to understand that the impersonating is the identity of the device, not the identity of the user (person, in the solution to wireless network security risks in the following section, we will learn that the identification of "persons" is more robust for wireless network security, is currently one of the more secure wireless network security solutions.
Step 1: sniff out the operating frequency band and SSID parameters (or crack the SSID to hide)
Network Stumbler is a wireless Network search program. Using this software, you can scan for nearby wireless Network signals, information including signal strength, name, frequency band, encryption, and so on will be displayed. You only need to sniff out the frequency band, SSID, and other information of the Wireless AP, and then perform the next cracking. However, when SSID broadcast is disabled, it sometimes cannot be detected. If hidden SSID cannot be detected, you only need to enter the detected frequency band parameters in the WildPackets AiroPeek NX tool to capture packets, you can crack the hidden SSID.
Step 2: capture packets
OmniPeek 4.1 is used to classify and intercept data that passes through your wireless network card. Set to allow only WEP packets to be captured, and select 802.11 wep data in protocol filter (protocol filter. Then, you can set the previously detected frequency band and SSID to capture WEP packets and generate a DMP file.
Step 3: crack the WEP Key
WinAircrack is used to crack the captured package-a dmp file, from which the encrypted WEP value can be obtained.
Obtain the channel, SSID, and WEP password before cracking the MAC address. Then, use the WildPackets AiroPeek NX software and enter the preceding three parameters to crack the password.
Compared with WEP, cracking WPA is very difficult. The data packets it listens to are verified by the legitimate client starting to "Shake hands" with the Wireless AP, it also provides a "dictionary file (which can be generated by tools or manually)" that exactly contains the key )". Before you start, use airodump to capture the entire "Request/challenge/response" Process of the client logging on to the WLAN and generate the CAP file. Then, use the WinAircrack tool to crack WPA-PSK. If WPA is too popular, it is easy to appear in the "Dictionary" and therefore cracked.