If the search for wireless networks in a busy city where you would be surprised at how many unsecured networks, see, many people are not aware of the dangers, but I would like these sketches.
Why I am referring to a unsecured wireless network that is accessible without the need for a network key, even if WEP is terribly insecure I will not even cover its weaknesses in this article. Provide an attacker in a series that can connect to unsecuredwireless network and the local network infrastructure. Ok, so now what? The attack would have a scan on the IP subnet to determine what is currently connected to the network. At this point the attacker can perform several scans (port scans, and so on) against these targets. It should be noted that this type of scan would not be possible outside the network as a router usually acts as a firewall and only forward traffic to the ports assigned to transmit.
Withthe above in mind, you run the risk of certain exploits as a striker is a part of your network, what services are dependent on use and if you do not have a software firewall in place, but the following are the most serious exploits that are the real dangers that your privacy and confidential information possible, and in general a software firewall will not protect you against this danger.
ARP poisoning - To be placed byallows an attacker to "put down" like a computer or other device, usually your router! This is done simply by sending a certain amount of ARP replies to the victim say that is the MAC address of the router. The victim then updates the ARP table and sends all traffic destined for the router to the attackers MAC address. In this way the attack can then monitor all traffic coming to and from the victim. This should explain why the risk is very low. Anotherconfidential information (username, password) are sent over the Internet in plain text or with weak encryption, allowing the attacker to your email account or other websites that are using compromised. There is also the problem of the attacker almost everything can be done online! including all MSN conversations, etc.
DHCP spoofing - This exploit requires a bit 'more patience in the name of the attackers, however, if implemented could be very bad news forvictim. The attacker creates a DHCP server on their system, when a new user is online address where the card is automatically set to an IP, DHCP server, the attackers attempt to provide a DHCP packet before the router is, if the victim accepts the request the attacker can include all the details they want, usually their IP address as gateway and DNS server (s) of these problems are presented below.
DNS Poisoning -This is the most serious form of abuse, the attacker can do this in two ways. The first is explained above, the second is for the attacker to gain access to the router (unsecured networks are most in default, this means that the password for the router is usually standard and can be easily guessed or found online! ) And that change the DNS server it uses for one of the attackers (this could be a classroom on the attackers machine, or a rogue statehosted elsewhere) All the attacker needs to do now is create a DNS record to redirect the victim to rogue imitations of websites, these usually look the same, but once the user name and password are entered and submitted, which are sent the striker in place of where they should be sent! The attacker can also send the details page aftewards correct site, then the attack is completely unnoticed. Obviously this is a very big problem, especiallyfor sites such as eBay, PayPal, and especially online banking.
These exploits are on the most common use for an attacker to obtain sensitive information, there are many, and much depends on the design of the machine on the network and victims.
In short, it is clear that leaving an unsecured wireless network can have serious consequences, and gives attackers an open door to their access to various confidential information. The following securityprecautions are recommended for maximum security for home users to give:
-Always protect your network with a WPA or WPA2, make sure that the key is long in length and complexity. Avoid WEP at all, is unnecessary and can be divided into a couple of minutes that an attacker has a good signal.
-Implement MAC address filtering, this only makes the movement of domains MAC addresses. While MAC addresses can be spoofed, it can be a difficult process, as an attacker to intercept traffic and anaylseframe headers for the source / destination MAC address of an authenticated client to see, this can be very difficult for a customer associates.
t-Don 'your SSID broadcast, but that alone will not stop an attacker, it is an extra layer of security.
-Use a software firewall, I recommend Agnitum Outpost.
Although no system can ever be 100% sure, it is important to implement security as far as possible to prevent attacks to exploit. With the abovepoints instead of a striker has been a very difficult time gaining access to the network.
Recommend : Video Cards Store. LOWER Prices HTC Phone Store Vulnerability Security
No comments:
Post a Comment