2.7 Wireless Networking Vulnerabilities
Wireless networking has become extremely popular in today’s world. With wireless printers, wireless internet, and Bluetooth, we are always seeking ways to go wireless. It seems that anything and everything nowadays can be involved in the new wireless world. From cell phones to MP3 players and even a scale you use to weigh yourself, it seems most things are made to be wireless friendly. Even though it is extremely convenient, wireless networking is extremely vulnerable. Wireless networks as just as, if not more vulnerable to same attacks that can happen to wired networks. However, there is more of a risk with wireless networking because the radio frequency signals can be intercepted without much effort.
For this section, be aware of the risks of using wireless networking.
· Data emanation – To put it simply, data emanation is electronic eavesdropping. As data travels throughout a computer or through the wires or access points of a network, a magnetic field is generated. This magnetic field can be read and unauthorized users can gain access to personal data. The problem is that this data can be intercepted and put into the wrong hands.
· War driving – War driving is simply when a user, often times with malicious intent, uses a tool to seek out wireless network signals. An example would be a man who drives around with a laptop with a network card set to promiscuous mode, meaning it is constantly seeking for a WAP to communicate with. Once access is gained, the user can use the Internet access or damage your computer’s data.
· SSID broadcast – Most wireless networks today are assigned a SSID. They are routinely broadcasted which means any device that offers the option to automatically connect to a network can be used and a connection can be made. This puts your network and information at risk.
· Blue jacking – When spam or unsolicited messages are sent over a Bluetooth connection. Though a vulnerability, blue jacking is truly more of an annoyance than it is a huge threat to wireless networks.
· Bluesnarfing – Bluesnarfing involves gaining unauthorized access through the use of a cell phone, a PDA, or a similar device. Once access is gained, the user is able to freely copy and steal data.
· Rogue access points – Access points added to your wireless network that you haven’t authorized are considered to be rogue access points. Sometimes these access points can be set by someone looking to attack your wireless network. However, in most cases, the point is set by you or someone else who utilizes your network, except most times these access points are not given proper security and are therefore extremely vulnerable. Think man in the middle attack.
· Weak encryption – Sometimes the cryptographic keys used to encrypt a file or a network can be too short or extremely easy to guess, which puts your data at risk. Most times these keys are less than 64-bits and can be cracked with the proper program.
Because wireless computing and networking is so popular today, companies are stepping up their efforts to include security controls to help fight against the threats of using wireless connections. Think of smart phones and how companies are trying to find ways to prevent Bluetooth hacking.
GetCertify4Less and GetCertified4Less
No comments:
Post a Comment