Page 216 - DCAP311_DCAP607_WIRELESS

Page 216 - DCAP311_DCAP607_WIRELESS_NETWORKS

P. 216

Wireless Networks

Notes z z Determine why and where to capture wireless traffic. To get quality wireless signal, try
your best to get close to the object that you want to monitor wireless traffic from.
z z Install wireless monitoring software on your pc or laptop. You can find lots of wireless
traffic sniffer tools on the web. And lots of them are freeware.

z z Prepare a wireless adapter. Some wireless monitor tools require specific wireless adapter
or specific driver. So you may need to get one wireless adapter for your wireless traffic
monitor software.

z z Get wireless security key for the wireless network if it uses encryption. It’s often that
wireless networks implement encryption for security purposes. So you need the key for
the wireless traffic monitor software to decode the wireless data.

13.3.2 Additional Equipment

Because wireless traffic transmits in air, it’s helpful if you have better equipment to perform
wireless traffic monitoring. Equipment that may be useful for wireless traffic monitoring includes:

z z a wireless network card supports 802.11a, b, g, n
z z an omni-directional antenna
z z a high-gain yagi directional antenna
z z pigtail cables for the yagi and omni-directional antenns

z z a USB GPS adapter
13.4 Unauthorized Access

The modes of unauthorised access to links, to functions and to data is as variable as the respective
entities make use of program code. There does not exist a full scope model of such threat. To
some extent the prevention relies on known modes and methods of attack and relevant methods
for suppression of the applied methods. However, each new mode of operation will create new
options of threatening. Hence prevention requires a steady drive for improvement. The described
modes of attack are just a snapshot of typical methods and scenarios where to apply.
z z Non-traditional networks: Non-traditional networks such as personal network Bluetooth
devices are not safe from cracking and should be regarded as a security risk. Even barcode
readers, handheld PDAs, and wireless printers and copiers should be secured. These non-
traditional networks can be easily overlooked by IT personnel who have narrowly focused
on laptops and access points.
z z Identity theft (MAC spoofing): Identity theft (or MAC spoofing) occurs when a cracker
is able to listen in on network traffic and identify the MAC address of a computer
with network privileges. Most wireless systems allow some kind of MAC filtering to allow
only authorized computers with specific MAC IDs to gain access and utilize the network.
However, programs exist that have network “sniffing” capabilities. Combine these
programs with other software that allow a computer to pretend it has any MAC address
that the cracker desires, and the cracker can easily get around that hurdle.
MAC filtering is effective only for small residential (SOHO) networks, since it provides
protection only when the wireless device is "off the air". Any 802.11 device "on the air" freely
transmits its unencrypted MAC address in its 802.11 headers, and it requires no special
equipment or software to detect it. Anyone with an 802.11 receiver (laptop and wireless
adapter) and a freeware wireless packet analyzer can obtain the MAC address of any
transmitting 802.11 within range. In an organizational environment, where most wireless

210 LOVELY PROFESSIONAL UNIVERSITY

211 212 213 214 215 216 217 218 219 220 221