Wireless Attacks Flashcards

1
Q

Dissociation Attack

A

Dissociation Attack

  • Removes client from wireless network
  • Attacker sends dissociation frame with spoofed MAC address of victim to AP
  • AP disconnects victim from wireless network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

WPS Attacks

A

WPS Attacks

  • Wifi Protected Setup - config wireless device with PIN or buttons
  • Brute force attack - keep trying PINS until one works
  • Reaver is tool that can guess PIN in 10 hours
  • With PIN can discover passphrase in WPA and WPA2
  • Should disable WPS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Rogue AP

A

Rogue AP

  • Sniffer to capture wired traffic and broadcast wirelessly
  • Attacker could use rogue AP to access wired network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Evil Twin

A

Evil Twin

  • Rogue AP with same SSID as legit AP
  • Users connect to, attacker could present bogus login page
  • Attacker could traffic
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

IV Attack

A

IV Attack

  • Initialization Vector attack
  • IV = number plus pre-shared key
  • Try to discover pre-shared key from IV
  • Attacker injects packets, AP responds with more packets, each with an IV
  • WEP uses small 24-bit IV; good chance it will send same IV, so can figure out key
  • WEP can be broken in < 1 minute
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Bluejacking

A

Bluejacking

  • Send unsolicited messages to nearby Bluetooth devices
  • Harmless
  • Message can confuse users
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Bluesnarfing

-Tools

A

Bluesnarfing

  • Unauthorized access to, or theft of info from Bluetooth device
  • Can access email, contacts, calendars, texts
  • Attack tools: hcitool, obexftp
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Bluebugging

A

Bluebugging

  • Like Bluesnarfing
  • Attacker installs backdoor
  • Attacker can have user’s phone call attacker, so can eavesdrop
  • Also listen to phone calls, enable call forwarding, send messages
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Replay Attack

  • What is vulnerable?
  • What is not vulnerable?
A

Replay Attack

  • Attacker captures data between two parties, modifies, attempts to impersonate one party by replaying data
  • WPA2 uses CCMP and AES so not vulnerable
  • WPA using TKIP is vulnerable - should not be used
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which is short range? NFC or Bluetooth?

A

Which is short range? NFC or Bluetooth?

-NFC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly