Wireless networks are in almost every corner of the world, from home to corporate data centers. They make our lives very easy and comfortable by avoiding bulky cables and the related problems while ensuring the seamless connectivity of network nodes.
As the wireless networks do not have built-in security systems, a secure layer is on top of the wireless protocol stack. This is achieved easily by encryption and authentication techniques like WEP (Wired Equivalent Privacy) or WPA (Wi-Fi Protected Access). This is especially important as, unlike a wired network, wireless signals can be easily intercepted just by using a signal-trapping device.
– In this type of attack, the attacker easily listens or eavesdrops on an open wireless channel using a wireless modem that is rigged to work in a promiscuous mode. All the traffic packets are then stored, containing important information like MAC addresses, packet sequences and many more. Since passive attacks take place very silently, they are almost impossible to detect and stop. Attackers using passive methods usually capture and store data and use a packet deciphering tool to steal information.
– Using passive attacks, once the attacker gathers sufficient information, an active attack can be planted on a network. The common examples are denial of service attacks, IP spoofing etc. In case of any spoofing, the attacker gains access to a full unauthorized wireless station and performs packet crafting to impersonate it as a valid and authorized station.
The wireless nodes are actually incapable of detecting this and end up connecting to the attacker’s station and thus revealing the information. By extending this technique or method further, the attacker can easily plant a denial of service attack on a particular node to disrupt its services.
Protecting FOSS systems
Additional security measures are essential for wireless networks, along with monitoring techniques. For any small network, changing the default password and SSID of the access point is mandatory. Modern routers are equipped with a feature which disables the broadcasting of SSID, which should be turned on to ensure that the passive sniffing attacks are somewhat thwarted.
Periodically changing SSID is highly recommended though it can be a tough task for many wireless access points. To protect a Linux server, the farm is hosted in a data center, and the wireless signal strength of access points must be adjusted in such a manner that it must be adequate for client nodes that connect and transfer data seamlessly. At the same time, it should not cross physical building boundaries whereby a “drive-by” attacker can detect it.
Wireless attacks are, unfortunately, an easy type and are difficult to detect. Modern data centers allow wireless networks to connect to the product server farms, thus needing security measures. While there is not a single solution to protect wireless networks, an appropriate combination of the different techniques mentioned above can achieve adequate security. Wireless monitoring audit is an important activity to be followed by network administrators at regular intervals.