Page 227 - StudyBook.pdf
P. 227

Communication Security: Wireless • Chapter 4  211

                 Addressing Common Risks and Threats


                 The advent of wireless networks has not created new legions of attackers. Many
                 attackers utilize the same attacks for the same objectives they used in wired net-
                 works. Unless administrators protect their wireless infrastructure with proven tools
                 and techniques, and establish standards and policies that identify proper deployment
                 and security methodology, the integrity of wireless networks will be threatened.

                 Finding a Target

                 Utilizing new tools created for wireless networks and the existing identification
                 and attack techniques and utilities originally designed for wired networks, attackers
                 have many avenues into a wireless network.The first step in attacking a wireless
                 network involves finding a network to attack.The most popular software developed
                 to identify wireless networks was NetStumbler (www.netstumbler.org).
                 NetStumbler is a Windows application that listens for information, such as the
                 SSID, being broadcast from APs that have not disabled the broadcast feature.When
                 it finds a network, it notifies the person running the scan and adds it to the list of
                 found networks.
                    As people began to drive around their towns and cities looking for wireless
                 networks, NetStumbler added features such as pulling coordinates from Global
                 Positioning System (GPS) satellites and plotting the information on mapping soft-
                 ware.This method of finding networks is reminiscent of the method hackers used
                 to find computers when they had only modems to communicate.They ran pro-
                 grams designed to search through all possible phone numbers and call each one,
                 looking for a modem to answer.This type of scan was typically referred to as war
                 dialing; driving around looking for wireless networks is known as war driving.War
                 driving is the most commonly used method used by attackers to detect 802.11
                 wireless networks.
                    NetStumbler.org has a Web site where people can upload the output of their
                 war drives for inclusion into a database that graphs the location of wireless net-
                 works (www.netstumbler.org/nation.php). See Figure 4.13 for the output of dis-
                 covered and uploaded wireless networks as of October 2002.
                    Similar tools are available for Linux and other UNIX-based operating systems.
                 These tools contain additional utilities that hackers use to attack hosts and net-
                 works once access is found.A quick search on www.freshmeat.net or www.packet-
                 stormsecurity.com for “802.11” reveals several network identification tools, as well
                 as tools used to configure and monitor wireless network connections.




                                                                              www.syngress.com
   222   223   224   225   226   227   228   229   230   231   232