Linksys WET11 Active Attacks, Dictionary-Building or Table Attacks, Man-in-the-Middle Attacks

Page 32

Wireless-B Ethernet Bridge

Active Attacks

Hackers use Active Attacks for three purposes: 1) stealing data, 2) using your network, and 3) modifying your network so it's easier to hack in the next time.

In an Active Attack, the hacker has gained access to all of your network settings (SSID, WEP keys, etc.) and is in your network. Once in your wireless network, the hacker has access to all open resources and transmitted data on the network. In addition, if the wireless network’s access point is connected to a switch, the hacker will also have access to data in the wired network.

Further, spammers can use your Internet connection and your ISP’s mail server to send tens of thousands of e- mails from your network without your knowledge.

Lastly, the hacker could make hacking into your network even easier by changing or removing safeguards such as MAC address filters and WEP encryption. He can even steal passwords and user names for the next time he wants to hack in.

Dictionary-Building or Table Attacks

Dictionary-building, or Table attacks, is a method of gaining network settings (SSID, WEP keys, etc.) by analyzing about a day's worth of network traffic, mostly in the case of business networks. Over time, the hacker can build up a table of network data and be able to decrypt all of your wireless transmissions. This type of attack is more effective with networks that transmit more data, such as businesses.

Man-in-the-Middle Attacks

A hacker doesn’t need to log into your network as a user—he can appear as one of the network’s own access points, setting himself up as the man-in-the-middle. To do this, the hacker simply needs to rig an access point with your network’s settings and send out a stronger signal that your access point. In this way, some of your network's PCs may associate with this rogue access point, not knowing the difference, and may begin sending data through it and to this hacker.

The trade-off for the convenience and flexibility wireless networking provides is the possibility of being hacked into through one of the methods described here. With wireless networks, even with WEP encryption, open to the persistent hacker, how can you protect your data? The following section will tell you how to do just that.

Maximizing Wireless Security

Security experts will all tell you the same thing: Nothing is guaranteed. No technology is secure by itself. An unfortunate axiom is that building the better mousetrap can often create a better mouse. This is why, in the

Appendix B: Wireless Security

27

What Are the Risks?

Image 32
Contents 802 GHz .11b Wireless- B How to Use this Guide Copyright and TrademarksTable of Contents Wireless-B Ethernet Bridge Infrastructure Mode Ad-Hoc ModeIntroduction IntroductionWhat’s in this Guide? Wireless-B Ethernet Bridge Ad-Hoc versus Infrastructure Mode Network TopologyAd-Hoc Mode Getting to Know the Wireless-B Ethernet Bridge LANPWR Connecting the Wireless-B Ethernet Bridge for Setup Connect the Ethernet Network CableOverview Setting Up the Wireless-B Ethernet BridgeSetup Wizard List of Bridges Wireless Settings WEP Key Connecting the Wireless-B Ethernet Bridge for Network Use Using the Wireless-B Ethernet Bridge Web-based Utility Starting the Web-based UtilitySetup WirelessSite Survey Password Tab Advanced MAC AddressLAN Settings Wireless SettingsStatus LAN StatisticsHelp Help TabAppendix a Troubleshooting Common Problems and SolutionsFrequently Asked Questions Web-based Utility doesn’t detect the BridgeWhat is ad-hoc mode? What is Spread Spectrum? What Are the Risks? Appendix B Wireless SecurityBrief Overview Passive Attacks Jamming AttacksMaximizing Wireless Security Active AttacksDictionary-Building or Table Attacks Man-in-the-Middle AttacksWireless-B Ethernet Bridge Ssid Wireless-B Ethernet Bridge WEP Encryption Figure B-2 WEP EncryptionAppendix C Upgrading Firmware Network Neighborhood/My Network Places Appendix D Windows HelpShared Resources Appendix E Glossary Wireless-B Ethernet Bridge Wireless-B Ethernet Bridge Wireless-B Ethernet Bridge Wireless-B Ethernet Bridge Wireless-B Ethernet Bridge Appendix F Specifications ModelStandards Ieee 802.11b, Ieee Ports ButtonsStorage Humidity Warranty Year LimitedOperating Humidity Appendix G Warranty Information Limited WarrantyAppendix H Regulatory Information FCC StatementIndustry Canada Canada Wireless-B Ethernet Bridge Appendix I Contact Information