The first place to start is with network security and when you can hack into

your own system, you can spot vulnerabilities in the Wi-Fi network and work

out how to protect your system against them. We’re going to look at some of the

free, and almost free, tools that you can use for a penetration test and this will

help you to find weak passwords, rogue access points, and their security holes,

giving you the chance to patch them up before someone else finds them.

Sniffing and Stumbling


This might sound like someone who is a bit high or a bit drunk but these are

two common methods for determining access points and everything you need to

know about them. The details you might want to know are the media access

control address, the type of security and the signal. You will likely come

across access points that have weak WEP (Wired Equivalent Privacy) security,

a very easy place for hackers to crack. You may even discover rogue access

points that have been set up by others to open your network. Stumblers will

easily find any access points that have been set up with non-broadcast SSID

names or hidden names

.

Sniffers will capture raw packets of data sent over your network and these data

packets can be imported into another tool, which you can use to crack the

encryption. You can also look for website and email passwords that are sent in

plain-text format.

Here are some of the best sniffers and stumblers for you to use:

* Vistumbler

An open-source application for Windows, this will display the basic details

about the access points, including the exact methods used for encryption and

authentications. It can also speak to the RSSI and the SSID. You will get graphs

showing signal levels and, as well as being easy to use, it is flexible in

configuration and you can customize it. Detect rogue access points and use

GPS logging and tracking with Google Earth.

* Kismet

Another open-source application, Kismet is a packet sniffer, Wi-Fi stumbler,

and an Intrusion Detection System, compatible with Windows, Linux, Mac, and

BSD. You will see access point details that include the SSID names of any

hidden networks and you can capture packet data and import them into tools

such as TCPdump and Wireshark.

* Wi-Fi Analyzer

Wi-Fi analyzer works on Windows and Android devices, helping you to find

access points on your desktop or mobile. It gives you basic information about

those access points on a 2.4 GHz network and for some supported devices on a

5 GHz network. The access point list can be exported and you get graphs that

show signals by usage rating, history, and channel as well as a signal meter that

helps you to locate access points.


Cracking – WEP Key and WPA/WPA2 Personal


There are plenty of tools that you can use to crack open Wi-Fi encryption and

they all either look for and use weaknesses in WEP or use brute-force

dictionary attacks on WPA/WPA2 Personal and this is why you should never

set your security levels as WEP.

The most secure form of Wi-Fi security is WPA2 with AES/CCMP

encryptions. If you choose to make use of the Personal or Pre-Shared Key

mode (PSK), ensure that your password is at least 13 characters long and

contains a mixture of numbers, lower and uppercase letters and ASCII

characters. The following tool will help you to find any encryption weaknesses

on your system and to test out your passwords:

* Aircrack-ng

This is a suite of open-source tools that are used to perform cracking on WEP

and WPA/WPA2-Personal keys. It runs on Windows, Linux, Mac and Open

BSD and can be used as a way of capturing data packets, to inject and to

replay traffic and, once sufficient packets have been obtained, to find and

reveal encryption keys.

WPS PIN Cracking

If you use a wireless router rather than or as well as access points, there is one

vulnerability that you need to be aware of. It revolves around WPS – Wi-Fi

Protected Setup – that is found on almost every wireless router and is

generally activated when WPA/WPA2 Personal security is activated.

Connection to the router is done via a WPS PIN and this can be cracked

incredibly quickly. This is the best tool for you to use to test out your router

against this weakness.

* Reaver

This is Linux program that will perform a brute-force attack on your wireless

router to see if it can reveal the WPS PIN and the WPA/WPA2 PSK. Usually, it

will be successful within 4 to 10 hours and will give you some advice on what

to do

Evil Twin APs and Wi-Fi Honey Pots

One of the techniques used by Wi-Fi hackers to get an unsuspecting target to

connect to them is to set up a fake access point. These are otherwise known as

Evil Twins or Wireless Honey Pots. Once a connection is made to the fake

point, the hacker is then able to capture FTP connections or email, even file

shares. They can also make use of a spoofed DNS or a captive portal to

display fake websites that mirror genuine login pages and these are used to

gain the login credentials of the target.

These are some of the best tools to use to locate vulnerable wireless clients

that may be on your network:

* WiFish Finder

This is an open source Linux program that is used to capture traffic on a Wi-Fi

network and also carries out active probing to identify clients that are

vulnerable to an attack, such as honey pots, evils twins or MiTM (Man in The

Middle) attacks. WiFish builds up a network name list; these are the names that

probe requests are being sent for and it will also determine the type of security

on that network, allowing you to identify for any clients that are probing for

networks that are not encrypted. Unencrypted networks are prime targets for

honey pots, MiTM or evil twin attacks.

* Jasager

This is another firmware based on Linux and it offers a suite of tools that can

identify wireless clients that are vulnerable. However, it can also perform

honey pot or evil twin attacks. It runs on Pineapple or FON routers and is able

to create soft access points that are set up with the SSID that wireless adaptors

are searching for. It will run a DNS, DHCP and HTTP server so that it can be

connected to and the HTTP server will the redirect any requests to a website.

It is also able to capture and display FTP, clear-text POP or HTTP logins that

are performed by the target.

Wireless Driver Vulnerabilities

The following is the best tool to use to find vulnerabilities in specific drivers

for Wi-Fi routers and wireless adapters, thus alerting you to potential points of

entry:

* WiFiDEnum

WiFiDEnum is a Wi-Fi Driver Emulator and is a windows program that can

help to find any Wi-Fi drivers that may be vulnerable to exploit attacks. It

wills can the network, collect details about any adaptor drivers and identify

where the weaknesses lay.

General Network Attacks

Lastly, we can look at a few tools that you can use to demonstrate attacks that

have long been carried out on wired networks and can also be done on Wi-Fi

networks, as well as demonstrating eavesdropping:

* NMap

Otherwise known as Network Mapper, it is an open source TCP/IP scanner

that is used to identify clients and hosts that are on the network. It will tell you

what operating system is being used, what services are on offer or being used

and what sort of firewalls or packet filters are being used, along with much

more information. You can use this to scan for ports and hosts that are not

secure and vulnerable to hacking.

* Cain and Abel

Cain and Abel is one of the most popular password crackers, password

recovery and sniffer tools for the Windows operating system. You can use it to

determine any clear text passwords that may be being sent across the network,

giving you the opportunity to fix the problem.

* FireSheep

This is an add-on for Firefox that will perform something called side jacking,

or HTTP session hijacking. It is used to monitor a network for any logins that

come from users on websites that don’t use full SSL encryption when they

exchange login cookies. As soon as the cookie has been detected, it provides a

shortcut to the fully protected website, allowing an attacker access without

having to log in.




Related searches

network security tutorial

types of network security

network security pdf

network security in computer networks

network security concepts

network security - geeksforgeeks

network security course

network security ppt

what is network security pdf

what is network security in cryptography

types of network security

what is network security in computer network

what is network security model

network security - geeksforgeeks

list some methods which are used for network security

network security ppt

what is network in computer

types of network

what is network topology

what is networking and example

uses of network

what is networking in computer science

what is network in hindi

advantages of network

network security tutorial

types of network security

network security pdf

network security in computer networks

network security concepts

network security - geeksforgeeks

network security course

network security ppt