1.4 Network Attacks Flashcards
What is a Wireless Attack?
Wireless attacks are specific to wireless networks. Mostly these attacks attempt to gain unauthorized access to a wireless network.
What are the [8] types of wireless attacks?
- Evil Twin
- Rogue Access Point
- Bluesnarfing
- Bluejacking
- Disassociation
- Jamming
- Radio Frequency Identification (RFID)
- Near-Field Communication (NFC)
What is an Evil Twin?
Unauthorized wireless access points deceive users into believing that they are legitimate network access points.
- Corporate Networks, Private Networks, and Public Wi-Fi Hotspots
What is a Rogue Access Point?
An unauthorized wireless access point on a corporate or private network that allows unauthorized individuals to connect to the network.
- Can allow man-in-the-middle attacks
What is Bluesnarfing?
A wireless attack is where an attacker gains access to unauthorized information on a wireless device by using a Bluetooth connection.
- Close range attack
*Bluetooth transmission limit is 328 ft - Can access and steal private information from Bluetooth Devices.
Email messages
Contact Information
Calendar Entries
Images, Videos, and other data
What is Bluejacking?
A wireless attack where an attacker sends unwanted Bluetooth signals from a smartphone, mobile phone, it laptop to other Bluetooth - enabled devices.
What is Bluetooth?
A short-range wireless radio network transmission medium is normally used to connect two personal devices, such as a mobile phone and a wireless headset.
What is Wireless Disassociation?
A wireless attack where an attacker spoofs the MAC address of a wireless access point to force a target device to try and reassociate with the WAP.
What is Jamming?
A situation where radio waves from other devices (benign or malicious) interface with the wireless signals used to communicate over wireless networks. Also referred to as interference.
What is RFID System Attack?
RFID: A technology that uses electromagnetic fields to automatically identify and track tags or chips affixed to selected objects and store information about the objects.
- Tag and Reader
- Inventory Management and Tracking
- Human and Animal Identification and Tracking
- Contactless Payments
- Smart Cards
What is Near Field Communication (NFC)?
Commonly found on smartphones and many mobile device accessories, NFC is a standard that establishes radio communications between devices in close proximity. It is often used to perform device-to-device data exchanges, set up direct communications, or access more complex services. It lets you perform synchronization between devices by touching them together or bringing them within centimeters of each other. Many contactless payment systems are based on NFC.
What is an Initialization Vector (IV) Attack
A wireless attack where the attacker predicts or controls the IV used in an encryption process, rendering the encrypted data vulnerable.
What is an Initialization Vector (IV)?
A mathematical and cryptographic term for a random number is used to reduce predictability and repeatability.
What are the top [10] wireless security best practices?
- Disable SSID broadcasting (AKA hide your network)
- Use MAC Filtering
- Reduce the signal strength to only cover the area needed
- Change default SSID and default admin passwords
- Set policies for any devices that access the network
- Enable a firewall at the WAP
- Physically secure access to WAPs
- Use an SSID that does not provide identifying information
- Setup alerting for new MAC addresses that connect to the WAP
- Review devices connected to the WAP regularly
What is On-Path Attack? AKA Man-In-The-Middle
This attack happens when a hacker inserts themselves between a user and a website. There are many types of On-Path attacks such as eavesdropping, spoofing, or hijacking. Each attacker’s intent is different but these types of attacks can be mitigated by using a VPN, having an IDS in place, having strong firewall rules in place, using encrypted protocols, and regularly conducting penetration testing.