Definition
Wireless security is the prevention of unauthorized access or damage to computers using wireless networks.
Wireless networks are very common, both for organizations and individuals. Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking has many security issues. Hackers have found wireless networks relatively easy to break into, and even use wireless technology to crack into wired networks[citation needed]. As a result, it's very important that enterprises define effective wireless security policies that guard against unauthorized access to important resources. Wireless Intrusion Prevention Systems are commonly used to enforce wireless security policies.
The risks to users of wireless technology have increased as the service has become more popular. There were relatively few dangers when wireless technology was first introduced. Crackers had not yet had time to latch on to the new technology and wireless was not commonly found in the work place. However, there are a great number of security risks associated with the current wireless protocols and encryption methods, and in the carelessness and ignorance that exists at the user and corporate IT level.
Cracking methods have become much more sophisticated and innovative with wireless. Cracking has also become much easier and more accessible with easy-to-use Windows or Linux-based tools being made available on the web at no charge.
Roaming & channel
roaming = walk/change away from initial AP network to another AP network
802.11a
54Mbps in 5Ghz range
not compatible
802.11g
54Mbps in 2.4GHz range
compatible
802.11b
11Mbps in 2.4GHz range
compatible
Open system authentication
*Service Set Identifier (SSID)
*Station must specify SSID to connect to the AP
Interception
signal week by 3 factor:
1. Wall
2. floor
3. interference
802.11
3 basic security service:
1. Authentication
2. Integrity - data will be encrypt by using WEP & WPA technique.
3. Confidential
* Some say WPA is much more secure than WEP but its actually depends on what type of shared key that actually base on ots library. the it use a simple library so it would be easy to crack and hack the network
*Passive attack
*Attacker collect all trafic
*Attacker collect two message
1. encrypted with same key and IV
2. Statistical attack to reveal plain text
3. Plaintext X0R chipertext = keystream
Tool to crack the wireless AP
*Backtrack