Home Security Wifi security

Wifi security

SHARE

WPA Whitelists and WIFI Security

Physical security is important to any organization. We place security guards, locks, and card scanners all over the perimeter of an organization. We use these methods to restrict access to only people we allow. In this day and age we try to prevent terrorists and ill intentioned people from wreaking havoc in the building. Now just like one does their best to secure physical security one must also be concerned about the technical security posture of one’s organization. We need to prevent the troublemakers from playing games with the network and infrastructure. The methods for physical and technical security differ but the goal is the same. To prevent unwanted usage of the facility be it physical or technical in the world of bits and bytes of ones and zeros.

WPA2 Psk has been a highly valued encryption solution for your APss (access points ) for years. Using long passwords and limiting where your Aps broadcast will help mitigate most wireless attacks.. An AP that’s open which implements mac address filtering as a whitelist won’t prevent someone from gaining access to the network. Using a laptop/desktop/raspberry pi ,a wifi card that supports promiscuous mode and packet injection, some sort of antenna or wifi booster like Alfa or yagi products one can be sitting comfortably in a nearby parking lot of a building using some kind of packet analyzer like wireshark to record various packets of various authorized devices on the network. Now all these conversations can be saved in a pcap file. A pcap file is a way to store transmitted wireless communications mostly from WIFI packets. Now that Sam (our attacker) has all those Mac addresses harvested from the pcap file, Sam can continue to analyze the packets to see when each device connects and disconnects. He can also send a deauth (deauthentication) attack to a device and set up a evil twin AP so now Sam can become the man in the middle while the unsuspecting user surfs the web. An evil twin AP is a fake access point which shares the same SSID as the legitimate AP. Now even if a user isn’t signed on to a network Sam can force it to connect to his evil twin ap because various devices have a feature to connect to the internet when they aren’t yet logged on. When Sam is the mitm he can manipulate packets to his heart’s content like redirecting people to his own sites,and stripping ssl to name a few methods.
Now when Sam isn’t on Windows your program Lanschool (or other windows remote access viewing tools like it) can’t control his computer remotely or see what he is doing on the lanschool interface which the school/many organizations heavily rely on. He can access drives, financial info, grades ,and transactions etc. He can add all kinds of software and leave it on the network without the admins permission or their ability to prevent it . Now once he has all this info (like Ip addresses, services running, software used , and versions of the various operating system) he can look through osint (open source intelligence ) tools and sites to find vulnerabilities to gain even more access. Also due to recent research of a vulnerability called “krack attack” WPA can be broken into as well with more open source tools. There are patches available for this issue.

Another issue that comes up is open Wifi with Mac Address filtering is arguably worse than implementing WEP for your AP. WEP has been proven to be ineffective over the past decade,a and has been condemned by many researchers. The best solution to implement is to use mac address filtering with some form of WPA2 whether it is for the enterprise or the home network. In addition if one has the time one should require a portal login to log into the network similar to wifi used in airports and corporations. This step is a bit more difficult but to prevent an evil twin AP attack limit your devices to connect to APs’ with certain mac addresses. If a AP isn’t a particular mac address the device will assume its a malicious AP and won’t connect to it at all.

Article by: F0X~{A Walker}#5499




  • LEAVE A REPLY

    Please enter your comment!
    Please enter your name here