Attacks on wireless clients

HOTSPOTTING

Article from Issue 56/2005
Author(s):

Security experts are always concerned with WLAN access points, but they sometimes forget that the client is also open to attack. Public hotspots make it quite easy for attackers to hijack connections, as the Hotspotter tool demonstrates.

Thanks to today’s complex security mechanisms, wireless networks appear to be getting safer by the minute. Authentication constructions based on the EAP framework (Extensible Authentication Protocol) promises to keep uninvited guests at bay. The Temporal Key Integrity Protocol (TKIP) [1], with its quickly changing WEP keys, prevents replay attacks and makes cracking the encryption technology more complex. And keys are getting longer. WPA/ WPA2 [2] and the move to AES encryption [3] would seem to provide a nearly perfect security solution for enterprise networks. And just to make sure, access points are also equipped with VLAN support, Intrusion Detection, and firewalling systems – all of which cost serious sums of money.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security Intro
  • Wireless LAN Security

    WLANs give you Internet access without a bird's nest of wiring. But if you don't take security seriously, you might find yourself with uninvited guests.

  • Security Lessons

    How to find, map, crack, and impersonate wireless networks.

  • ARP Spoofing

    Any user on a LAN can sniff and manipulate local traffic. ARP spoofing and poisoning techniques give an attacker an easy way in.

  • KWiFiManager

    Connecting to wireless networks is

    more popular than ever. KDE’s KWiFi-

    Manager is a handy tool for monitoring

    and managing wireless connections.

comments powered by Disqus