Attacks on Wireless Networks

Attacks on Wireless Networks

Wireless networks are vulnerable to various types of attacks. The following describes the different types of attacks and how to mitigate them:

• Association attack

  Occurs when an attacker attempts to use up all the available ports on a wireless AP. When all the ports are used up, the wireless AP denies association requests from legitimate wireless clients, which is a denial of service (DoS) attack on a wireless AP. Because the attacking wireless node must first authenticate, SOHO wireless networks with open system authentication are the most vulnerable to association attacks. The best defense against association attacks is to either deploy your wireless APs so the coverage areas do not extend outside buildings, or configure your wireless APs to quickly abandon associations that have not been authenticated.

• WEP key determination attack

  Occurs when an attacker captures encrypted text or the shared key authentication exchange and uses crypt analysis to determine the WEP encryption key. The best way to mitigate WEP key determination attacks is to use 802.1X and either EAP-TLS or PEAP-MS-CHAP v2 for per-authentication unicast encryption keys. Change the encryption key periodically from the client by reauthenticating, or (from the wireless AP side) by configuring the wireless AP to change the encryption key. Alternately, upgrade your wireless network components to use WPA.

• WEP bit flipping attack

  Occurs when an attacker intercepts a wireless frame, changes bits in the frame, updates the encrypted ICV in the frame, and sends it as the original wireless node. This attack is possible with WEP encryption. To prevent WEP bit flipping attacks, upgrade your wireless network to use WPA.