202
PART 2
|
A Technical Overview of Hacking
Wireless Network Viruses
Viruses exist that are specifi cally designed to leverage
the strengths and weaknesses of wireless technologies.
Wireless viruses are different because they can replicate
quickly using the wireless network, jumping from system
to system with relative ease. For example, a virus known
as MVW-WIFI can replicate through wireless networks
by using one system to detect other nearby wireless
networks; it then replicates to those networks, at which
point the process repeats.
Countermeasures
Protection on a wireless network is absolutely essential to consider and consider carefully.
There are several techniques that you may use to protect yourself and your employees
from harm, these include:
Firewalls—In the case of roaming or remote clients that connect to wireless
networks at the offi ce or at the local coffee shop or airport, a good personal fi rewall
can provide a much needed level of protection.
Antivirus—An antivirus should be installed on every computer, and a wireless
client is no exception, especially due to its higher exposure to threats.
VPN—A virtual private network can enhance protection to a high degree
by encrypting all traffi c between the roaming client and the company network.
By using this technique it is possible to work on a wireless network that has
no protection itself and provide this through the VPN.
Wireless Hacking Tools
There are a number of wireless hacking tools available to the attacker who wants
to break into or discover wireless networks. Some of the more common ones include:
Kismet
Netstumbler
Medieval Bluetooth Scanner
inSSIDer
Coreimpact
CFI LANguard Network Security Scanner
Cowpatty
Wireshark
NOTE
While wireless viruses are restricted
to 802.11 networks, they can and
have appeared on other wireless
technologies, including Bluetooth
devices. In concept, 802.11 viruses
and Bluetooth are the same, but the
difference in practice is how they
use their underlying technologies
(wireless or Bluetooth).
CHAPTER 8
|
Wireless Vulnerabilities 203
8
Wireless
Vulnerabilities
Netstumbler
Netstumbler is one of the more common tools for locating wireless
networks of the 802.11 persuasion. The software is designed to detect any
wireless network that your wireless network adapter supports (802.11a,
802.11b, 802.11g, and so on). The software also has the ability to interface
with a USB global positioning system (GPS) to map out the location of the
APs it detects, usually within a good distance of the actual AP. Netstumbler
does not have many options and is very simple to use (see Figure 8-1).
inSSIDer
While Netstumbler software offers a good amount of functionality, it is not the
only product that can perform wireless network scanning. Another piece of software
that can do the same thing is inSSIDer. Metageek, the makers of inSSIDer, describe
the benefi ts of their tool as follows.
FIGURE 8-1
Netstumbler interface.
NOTE
Netstumbler also comes
in a version known as
mini-stumbler, designed
especially for PDAs.
204
PART 2
|
A Technical Overview of Hacking
Features unique to inSSIDer include:
Uses Windows Vista and Windows XP 64-bit
Uses the Native Wi-Fi application protocol interface (API) and current
wireless network card
Can group by Mac Address, SSID, Channel, received signal strength
indicator (RSSI), and “Time Last Seen”
Compatible with most GPS devices (NMEA v2.3 and higher)
The inSSIDer tool can do the following:
Inspect your WLAN and surrounding networks
to troubleshoot competing APs
Track the strength of received signals in dBm
(a measurement of decibels) over time
Filter APs in an easy-to-use format
Highlight APs for areas with high Wi-Fi concentration
Export Wi-Fi and GPS data to a Keyhole Markup
Language (KML) fi le to view in Google Earth
FIGURE 8-2
The inSSIDer interface.
NOTE
Netstumbler has been a staple of
wardriving techniques for awhile,
but for all its popularity it does
have some limitations, one of
which is a lack of 64-bit support.
The inSSIDer tool is a full featured
replacement for Netstumbler.

Get Hacker Techniques, Tools, and Incident Handling now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.