Attacks on wireless clients


Article from Issue 56/2005

Security experts are always concerned with WLAN access points, but they sometimes forget that the client is also open to attack. Public hotspots make it quite easy for attackers to hijack connections, as the Hotspotter tool demonstrates.

Thanks to today’s complex security mechanisms, wireless networks appear to be getting safer by the minute. Authentication constructions based on the EAP framework (Extensible Authentication Protocol) promises to keep uninvited guests at bay. The Temporal Key Integrity Protocol (TKIP) [1], with its quickly changing WEP keys, prevents replay attacks and makes cracking the encryption technology more complex. And keys are getting longer. WPA/ WPA2 [2] and the move to AES encryption [3] would seem to provide a nearly perfect security solution for enterprise networks. And just to make sure, access points are also equipped with VLAN support, Intrusion Detection, and firewalling systems – all of which cost serious sums of money.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Security Intro
  • Wireless LAN Security

    WLANs give you Internet access without a bird's nest of wiring. But if you don't take security seriously, you might find yourself with uninvited guests.

  • ARP Spoofing

    Any user on a LAN can sniff and manipulate local traffic. ARP spoofing and poisoning techniques give an attacker an easy way in.

  • Security Lessons

    How to find, map, crack, and impersonate wireless networks.

  • OpenVPN

    Wireless networks are practical but dangerous at the same time.WEP encryption is unlikely to stop an attacker. But help is at hand in the form of add-on security measures such as an encrypted OpenVPN tunnel.

comments powered by Disqus

Direct Download

Read full article as PDF:

Hotspotter.pdf (156.19 kB)