Hacking Techniques in Wireless Networks

Prabhaker Mateti, Wright State University


Wireless LAN Overview

Stations and Access Points


Wired Equivalent Privacy

Infrastructure and Ad Hoc Modes




Wireless Network Sniffing

Passive Scanning

Detection of SSID

Collecting MAC Addresses

Collecting the Frames for Cracking WEP

Detection of Sniffers

Wireless Spoofing

MAC Address Spoofing

IP Spoofing

Frame Spoofing

Wireless Network Probing

Detection of SSID

Detection of APs and Stations

Detection of Probing

AP Weaknesses


Defeating MAC Filtering

Rogue AP

Trojan AP

Equipment Flaws

Denial of Service

Jamming the Air Waves

Flooding with Associations

Forged Dissociation

Forged Deauthentication

Power Saving

Man-in-the-Middle Attacks

Wireless MITM

ARP Poisoning

Session Hijacking

War Driving

War Chalking

Typical Equipment

Wireless Security Best Practices

Location of APs

Proper Configuration

Secure Protocols

Wireless IDS

Wireless Auditing

Newer Standards and Protocols

Software Tools



Cross References


Further Reading


Wireless networks broadcast their packets using radio frequency (RF) or optical wavelengths. A modern laptop computer can listen in. Worse, attackers can manufacture new packets on the fly and persuade wireless stations to accept their packets as legitimate. In this chapter, the term hacking is used as follows:

hacker n. [originally, someone who makes furniture with an axe] 1. A person ...

Get Handbook of Information Security: Threats, Vulnerabilities, Prevention, Detection, and Management, Volume 3 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.