My today threads based on about Wireless Attacks.Here first i am tell you Type of Wireless attacks and about his,and in my future thread i am tell about how it is done and how can you do it.So for future post please read this thread very clear fully and if any query come then ask me very friendly by your comment and mail.
There are various kinds of wireless attacks. The following are some methods hackers use to facilitate wireless attacks:
• Wardriving: Wardriving is a technique hackers use to locate insecure wireless networks while
driving around.
• Warflying: Similar to wardriving, warflying involves flying around in an aircraft, looking for open
wireless networks.
• Warchalking: Warchalking involves using chalk to place a special symbol on a sidewalk or another surface to indicate a nearby wireless network that offers Internet access.
Passive Attacks:
A passive attack is a type of attack where an unauthorized user monitors communications to gather information.For example, eavesdropping on network traffic is a passive attack. An eavesdropper can easily seize the network traffic using tools such as Network Monitor, Tcpdump, or AirSnort.
Active Attacks:
Active attacks on wireless networks are similar to those on wired networks, in which an attacker tries to alter or corrupt the data or services on a network. These types of attacks include flooding, spoofing, and unauthorized access. The information that an attacker collects during a successful passive attack can make it easier for him or her to actively attack a network.
Denial-Of-Service Attacks:
Wireless systems are vulnerable to the same protocol-based DoS attacks that strike wired networks. They are also vulnerable to other types of DoS attacks, because the signals used to transmit data over the air can be easily disrupted. The main objective of DoS attacks is to deny access to network services and resources. It is difficult to track such attacks on wireless networks.
Modes of Attack DoS attacks have varied modes of attacks that include consumption, alteration, and physical destruction of network components or resources. The following are some common modes of attack:
• Consumption of resources: This involves consuming the resources a system needs, including the following:
# Bandwidth: An intruder can redirect packets to the network in order to consume all of the available bandwidth on the network.
#Memory: This is normally accomplished by saving unnecessary e-mails, causing intentional errors, or sharing unimportant files and folders.
• Alteration of resources or information: Altering the configuration of a machine can prevent a user from being able to use it.
• Physical destruction of the computer/network elements: This type of attack concerns the destruction of the physical elements, such as computers and routers.
Flooding:
The goal of flooding is to degrade the performance of the network by directing unnecessary packets of data toward it. This may result in a loss of connection requests or a complete denial of service. Flooding is a multicasting technique wherein packets from one source are directed toward multiple destinations on the network.
Man-In-The-Middle Attacks:
A man-in-the middle (MITM) attack is when an intruder accesses information being transmitted between the sender and the receiver. The transmission proves to be insecure because the information is not encrypted. In such cases, there is a possibility of the intruder altering the data.
The following are the two types of MITM attacks:
1. Eavesdropping: Eavesdropping is a passive attack technique. The attacker intercepts data being transmitted between one system and another. Security mechanisms such as IPSec, SSH, and SSL help prevent eavesdropping.
2. Manipulation: Manipulation is an extended step of eavesdropping. In this type of man-in-the-middle attack, the attacker manipulates the data that he or she intercepts. This manipulation can be done using a technique such as ARP poisoning.
Hijacking and Modifying Wireless Network:
In a wireless network, TCP/IP packets go through switches, routers, and wireless access points. Each device looks at the destination IP address and checks for that address in its table of local IP addresses. This table is dynamically built up from traffic that passes through the device and from Address Resolution Protocol (ARP) notifications from devices joining the network. If the destination IP address is not in the device’s table, it passes the address off to its default gateway.
However, there is no authentication or verification of the validity of a packet that a device receives. A malicious user can send messages to routing devices and access points stating that his or her MAC address is associated with a known IP address. All traffic that goes through those devices that is intended for the hijacked IP address will instead go to the malicious user’s machine.
Take Help Of G00gle Uncle.
0 comments:
Post a Comment