Wireless Network Security

  1. Wireless Threats and Vulnerabilities
    1. Passive Attacks
      1. Eavesdropping Techniques
        1. Passive Sniffing Methods
          1. Monitor Mode Configuration
            1. Traffic Capture Tools
            2. Traffic Analysis
              1. Packet Capture and Analysis
                1. Protocol Analysis
                  1. Metadata Extraction
                    1. Pattern Recognition
                    2. Reconnaissance Activities
                      1. Network Discovery
                        1. Device Fingerprinting
                          1. Vulnerability Identification
                          2. Detection Challenges
                            1. Passive Attack Characteristics
                              1. Monitoring Difficulties
                                1. Forensic Evidence Collection
                              2. Active Attacks
                                1. Unauthorized Access Attempts
                                  1. Rogue Access Points
                                    1. Evil Twin Deployment
                                      1. Captive Portal Attacks
                                        1. Detection Methods
                                        2. Misconfigured Access Points
                                          1. Default Credential Exploitation
                                            1. Open Network Abuse
                                              1. Configuration Weaknesses
                                              2. Ad-Hoc Network Exploitation
                                                1. Peer-to-Peer Risks
                                                  1. Direct Connection Attacks
                                                2. Man-in-the-Middle Attacks
                                                  1. Evil Twin Access Points
                                                    1. Setup and Deployment
                                                      1. SSL Certificate Spoofing
                                                        1. Traffic Interception
                                                        2. KARMA Attacks
                                                          1. Probe Request Exploitation
                                                            1. Automatic Connection Abuse
                                                              1. Client Impersonation
                                                              2. Wireless Bridge Attacks
                                                                1. Network Bridging Exploitation
                                                                  1. Traffic Redirection
                                                                2. Injection Attacks
                                                                  1. Frame Injection Techniques
                                                                    1. Packet Replay Attacks
                                                                      1. Protocol Manipulation
                                                                        1. Command Injection
                                                                      2. Denial of Service Attacks
                                                                        1. RF Interference
                                                                          1. Jamming Techniques
                                                                            1. Continuous Wave Jamming
                                                                              1. Pulse Jamming
                                                                                1. Sweep Jamming
                                                                                2. Detection Methods
                                                                                  1. Countermeasures
                                                                                  2. Protocol-Based DoS
                                                                                    1. Deauthentication Floods
                                                                                      1. Disassociation Attacks
                                                                                        1. Authentication Floods
                                                                                          1. Association Request Floods
                                                                                          2. Resource Exhaustion Attacks
                                                                                            1. Connection Table Overflow
                                                                                              1. Memory Exhaustion
                                                                                                1. CPU Overload
                                                                                                2. Virtual Carrier-Sense Attacks
                                                                                                  1. CTS Flooding
                                                                                                    1. RTS Flooding
                                                                                                  2. Cryptographic Attacks
                                                                                                    1. Key Recovery Attacks
                                                                                                      1. WEP Key Cracking
                                                                                                        1. Statistical Analysis
                                                                                                          1. IV Collection Methods
                                                                                                            1. Key Recovery Algorithms
                                                                                                            2. WPA/WPA2-PSK Attacks
                                                                                                              1. Dictionary Attacks
                                                                                                                1. Brute Force Methods
                                                                                                                  1. Rainbow Table Attacks
                                                                                                                    1. Handshake Capture
                                                                                                                  2. Protocol Downgrade Attacks
                                                                                                                    1. Forcing Weaker Encryption
                                                                                                                      1. Authentication Downgrade
                                                                                                                        1. Cipher Suite Manipulation
                                                                                                                        2. Implementation Attacks
                                                                                                                          1. Side-Channel Analysis
                                                                                                                            1. Timing Attacks
                                                                                                                              1. Power Analysis
                                                                                                                            2. Session and Identity Attacks
                                                                                                                              1. Session Hijacking
                                                                                                                                1. Session Token Theft
                                                                                                                                  1. Session Replay
                                                                                                                                    1. Session Fixation
                                                                                                                                    2. Identity Spoofing
                                                                                                                                      1. MAC Address Spoofing
                                                                                                                                        1. SSID Spoofing
                                                                                                                                          1. Device Impersonation
                                                                                                                                          2. Credential Theft
                                                                                                                                            1. Password Harvesting
                                                                                                                                              1. Certificate Theft
                                                                                                                                                1. Token Interception
                                                                                                                                              2. Specialized Wireless Attacks
                                                                                                                                                1. Wi-Fi Protected Setup Attacks
                                                                                                                                                  1. PIN Brute Force
                                                                                                                                                    1. Pixie Dust Attack
                                                                                                                                                      1. WPS Configuration Exploitation
                                                                                                                                                      2. Bluetooth Attacks
                                                                                                                                                        1. Bluejacking
                                                                                                                                                          1. Bluesnarfing
                                                                                                                                                            1. Bluetooth Impersonation
                                                                                                                                                            2. Near Field Communication Attacks
                                                                                                                                                              1. Eavesdropping
                                                                                                                                                                1. Data Corruption
                                                                                                                                                                  1. Relay Attacks

                                                                                                                                                              Previous

                                                                                                                                                              2. Evolution of WLAN Security Standards

                                                                                                                                                              Go to top

                                                                                                                                                              Next

                                                                                                                                                              4. Secure Wireless Network Design and Configuration