While fraudulent activities are common, there are also many reports of innocent but reckless practices that often cause serious security breaches. Here are seven of the most common threats to Managed Lan Services.
1. Configuration problems (incorrect configurations or incomplete configurations)
Simple configuration issues are often at the root of many vulnerabilities as many SOHO / consumer APs ship without any security settings. Other potential configuration issues include weak passphrases, weak security implementations, and default SSIDs.
A beginner can quickly set up one of these devices and access or open the network for external use without additional configuration. These actions allow attackers to steal the SSID and connect without anyone noticing.
To reduce risk, use a centrally managed WLAN that includes regular audits and coordinated updates.
2. Denial of service
Anyone familiar with network security knows the concept of denial of service (DoS), also known as spoiler. This is one of the simplest network attacks since it only requires restricting access to services. This can be done by placing viruses or worms on the network, or simply by sending a large volume of traffic to a specific target with the intent to slow down or disable wireless services. This allows attackers to hijack resources, view unauthorized disclosures, and enter loopholes into the system.
For wireless networks, this can be much easier as the signal can be disrupted in several different ways. When the WLAN is using the 2.4 GHz band, interference can be caused by something as simple as a microwave oven or competing access point on the same channel. Since the 2.4 GHz band is limited to only three non-overlapping channels (in the US), an attacker only needs to create enough interference for them to cause a service disruption.
A denial of service attack can also be used in conjunction with a rogue access point. For example, one might be tuned to a channel that is not being used by a legitimate access point. A denial of service attack can then be launched on a channel that is currently in use, causing end devices to try to reconnect to another channel that is being used by a rogue AP.
3. Passive grip
Passive hijacking (or snooping) is accomplished by simply getting into range of the target WLAN, then listening and collecting data that can be used to violate existing security settings and analyze unsafe traffic. Such "listening" information includes SSID, packet sharing, and files (including confidential).
Consider the following scenarios that make passive capture possible:
- Your office building has multiple tenants, even directly above or below you on different floors.
- He has a lobby right in front of his office.
- Your parking lot next to the house.
- There is a street nearby.
- There are neighboring buildings.
As for the passive grip, it is possible almost everywhere. There are also some maneuvers where an attacker cannot be within normal transmission range, such as using a large antenna or wireless repeater to increase the range by several miles. An attacker could even use a packet tracking application that captures all outgoing packets, captures and analyzes them, and then exposes the data payload. You can try the packet tracker yourself to see the full depth and breadth of classified information available to anyone looking to capture it.
It is almost impossible to completely prevent this type of attack due to the nature of the wireless network. What can be done is to implement high security standards by using a firewall and setting complex parameters.
4. Unauthorized (or unauthorized / peer-to-peer) access points.
One technique often used by attackers is to set up an unauthorized access point within the reach of an existing WLAN. The idea is to "trick" some authorized devices in the zone into associating them with a fake hotspot and not a legitimate one.
This type of attack requires some physical access to be truly effective. This is necessary because if a user contacts an unauthorized access point and then cannot complete their normal tasks, the vulnerability will be short-lived and not as effective. However, if an attacker can access a physical port on a company's network and then connect an access point to that port, the devices can communicate and capture data from them for an extended period of time.
An exception to this barrier is when the target wireless LAN only provides Internet access. An unauthorized access point can also provide easy access to the Internet and leave the user unaware of their vulnerability for an extended period of time.
Part of the same idea of rogue hotspots are rogue and secure hotspots and ad hoc networks. In these situations, the legitimate user configures an access point or ad hoc network for their own use, but does not implement proper security practices. This makes it possible to observe the attackers.
Some steps you can take to avoid these hotspots:
Use correct WLAN authentication methods and encryption methods.
5. Evil double attacks
An attacker can gather enough information about the wireless access point to impersonate it with the strongest transmission signal. This tricks unsuspecting users into tapping into the evil twin's signal and allowing them to read or send data over the Internet.
Authentication and server penetration tests are the only tools that can help stop the attacks of the evil twins.
No comments:
Post a Comment