|
Radio Frequency Interference and its Use as a Weap
|
|
Hits: 19 |
|
Date added: 12/27/2006 |
|
Radio frequency is a type of electric current on a wireless network, which emits an electromagnetic field when alternating current is applied to an antenna. Similar to waves that result from a rock thrown into water, radio waves are altered when obstructions appear, and may reflect or scatter for example, depending on their interactions with each other. (Shimonski, 2002) Wave fronts are generated when the waves become reflected. So from a receiver’s perspective, the wave fronts may be in or out of phase with the main signal as they reach the receiver at different times. If the peak of one wave is added to the peak of another, they are in phase and the wave will be amplified. If the peak of one wave comes in contact with the valley of another, they are out of phase, and the wave is eliminated.
Radio Frequency Interference occurs “when a signal radiated by a transmitter is picked up by an electronic device in such a manner that it prevents the clear reception of another and desired signal or causes malfunction of some other electronic device (not simply a radio or television receiver).” (Brock, Fall 1998) RFI can be induced intentionally, or unintentionally. |
|
|
|
|
|
|
Wireless Network Security
|
|
Hits: 47 |
|
Date added: 04/22/2007 |
|
This volume is an authoritative, clearly-presented guide to key foundation topics and technology frameworks for designing and maintaining secure, reliable operations |
|
|
|
|
|
|
Detecting Wireless LAN MAC Address Spoofing
|
|
Hits: 47 |
|
Date added: 05/04/2007 |
|
An attacker wishing to disrupt a wireless network has a wide arsenal available to them. Many of
these tools rely on using a faked MAC address, masquerading as an authorized wireless access
point or as an authorized client. Using these tools, an attacker can launch denial of service
attacks, bypass access control mechanisms, or falsely advertise services to wireless clients.
This presents unique opportunities for attacks against wireless networks that are difficult to
detect, since the attacker can present himself as an authorized client by using an altered MAC
address. As nearly all wireless NICs permit changing their MAC address to an arbitrary value –
through vendor-supplied drivers, open-source drivers or various application programming
frameworks – it is trivial for an attacker to wreak havoc on a target wireless LAN.
This paper describes some of the techniques attackers utilize to disrupt wireless networks
through MAC address spoofing, demonstrated with captured traffic that was generated by the
AirJack, FakeAP and Wellenreiter tools. Through the analysis of these traces, the author
identifies techniques that can be employed to detect applications that are using spoofed MAC
addresses. With this information, wireless equipment manufacturers could implement anomalybased
intrusion detection systems capable of identifying MAC address spoofing to alert
administrators of attacks against their networks. |
|
|
|
|
|
|
Best Practices for Securing Your WLAN
|
|
Hits: 19 |
|
Date added: 05/11/2007 |
|
The steady growth of Wi-Fi in the enterprise demands that corporate IT
teams learn and adopt new security methodologies tailored to the unique
requirements and weaknesses of wireless networks. Network and security
staff must first evaluate a potentially confusing set of authentication and
encryption mechanisms to be used in the network. Depending on the
security selected, IT will then need to establish and document the corporate
WLAN security policy, including mechanisms to validate user compliance
and monitor for inherent network vulnerabilities. With a defined policy in
place, IT staff can turn their attentions to protecting the network from
snooping and an ever-expanding list of wireless attacks. In this paper, we
will address each of these areas in detail and identify the real-world best
practices needed to deploy and maintain a secure wireless network. |
|
|
|
|
|
|
Increasing security awareness - visualizing WEP in
|
|
Hits: 12 |
|
Date added: 05/16/2007 |
|
Increasing security awareness: visualizing WEP insecurity
It is a simple fact; security awareness is a very important aspect of your security solution. It is
confirmed every single day – just take a look at the latest MyDoom infection rate.
Failure to give attention to the area of security (awareness) training puts an enterprise at risk
because the security of the enterprise resources is as much a human issue as it is a
technological issue. |
|
|
|
