Page 241 - StudyBook.pdf
P. 241

Communication Security: Wireless • Chapter 4  225

                    By ARP spoofing the connection with the AP to be that of the host from
                 which the attacker wants to steal the passwords, an attacker can cause all wireless
                 users who are attempting to SSH into the host to connect to the rogue machine
                 instead.When these users attempt to sign on with their passwords, the attacker is
                 able to, first, receive their passwords, and second, pass on the connection to the real
                 end destination. If an attacker does not perform the second step, it increases the
                 likelihood that the attack will be noticed, because users will begin to complain that
                 they are unable to connect to the host.

                 Protection against

                 Network Hijacking and Modification
                 There are several different tools that can be used to protect a network from IP
                 spoofing with invalid ARP requests.These tools, such as ArpWatch, notify an
                 administrator when ARP requests are detected, allowing the administrator to take
                 the appropriate action to determine whether someone is attempting to hack into
                 the network.
                    Another option is to statically define the MAC/IP address definitions.This pre-
                 vents attackers from being able to redefine this information. However, due to the
                 management overhead in statically defining all network adapters’ MAC addresses
                 on every router and AP, this solution is rarely implemented.There is no way to
                 identify or prevent attackers from using passive attacks, such as from AirSnort or
                 WEPCrack, to determine the secret keys used in an encrypted wireless network.
                 The best protection available is to change the secret key on a regular basis and add
                 additional authentication mechanisms such as RADIUS or dynamic firewalls to
                 restrict access to the wired network. However, unless every wireless workstation is
                 secure, an attacker only needs to go after one of the other wireless clients to be
                 able to access the resources available to it.
                 Denial of Service and Flooding Attacks


                 The nature of wireless transmission, and especially the use of spread spectrum tech-
                 nology, makes wireless networks especially vulnerable to denial of service (DoS)
                 attacks.The equipment needed to launch such an attack is freely available and very
                 affordable. In fact, many homes and offices contain the equipment that is necessary
                 to deny service to their wireless networks.
                    A DoS attack occurs when an attacker has engaged most of the resources a host
                 or network has available, rendering it unavailable to legitimate users. One of the
                 original DoS attacks is known as a ping flood.A ping flood utilizes misconfigured



                                                                              www.syngress.com
   236   237   238   239   240   241   242   243   244   245   246