Book Image

Kali Linux Wireless Penetration Testing Beginner???s Guide - Third Edition

By : Cameron Buchanan, Daniel W. Dieterle, Vivek Ramachandran
Book Image

Kali Linux Wireless Penetration Testing Beginner???s Guide - Third Edition

By: Cameron Buchanan, Daniel W. Dieterle, Vivek Ramachandran

Overview of this book

As wireless networks become ubiquitous in our lives, wireless penetration testing has become a key skill in the repertoire of the professional penetration tester. This has been highlighted again recently with the discovery of the KRACK attack which enables attackers to potentially break into Wi-Fi networks encrypted with WPA2. The Kali Linux security distribution comes with a myriad of tools used for networking attacks and detecting security loopholes. Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing with each new technology. You'll learn various wireless testing methodologies by example, from the basics of wireless routing and encryption through to detailed coverage of hacking methods and attacks such as the Hirte and Caffe Latte.
Table of Contents (21 chapters)
Kali Linux Wireless Penetration Testing Beginner's Guide Third Edition
Credits
Disclaimer
About the Authors
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
Index

A rogue access point


A rogue access point is an unauthorized access point connected to the authorized network. Typically, this access point can be used as a backdoor entry by an attacker, thus enabling him to bypass all security controls on the network. This would mean that the firewalls, intrusion prevention systems, and so on, which guard the border of a network, would be able to do little to stop him from accessing the network.

In the most common case, a rogue access point is set to Open Authentication and no encryption. The rogue access point can be created in the following two ways:

  • Installing an actual physical device on the authorized network as a rogue access point. (This is something I leave as an exercise to you.) Also, more than wireless security, this has to do with breaching the physical security of the authorized network.

  • Creating a rogue access point in software and bridging it with the local authorized Ethernet network. This will allow practically any laptop running on the authorized...