WiFi Keywords |
Access Point (AP) - An Access Point (also known as Hot Spot) is a Wireless LAN transmitter/receiver that acts as a connection between wireless clients and wired networks.
Authentication - A verification that a given user is who claim to be, based on user ID and password.
Authentication
Flood - An authentication flood is one form of a Denial of Service (DoS) attack against APs. On each AP, the tables that store client connection information have a finite amount of memory and thus can only handle a limited number of wireless client connections. Once this memory fills up, most APs will no longer accept incoming association requests; some APs even crash. This is easier to accomplish when anybody can connect (i.e. open authentication).
Bluetooth
- A technology specification for small form factor, low-cost, short range
radio links between mobile PCs, mobile phones, and other portable devices.
It is expected to enable users to connect a wide range of computing and telecommunications
devices without the need to connect cables. For more information visit our
bluetooth
section or www.bluetooth.com
Bruteforce - Attackers can try to guess the base station password SSID by use of the brute force method of dictionary attacks. This method attempts to guess the SSID with every word possible. This may sound like it can take a long time, but it actually doesn't. There are programs out there that can perform a scan of all the dictionary words quite quickly. On top of that, most users use simple passwords that are easy to remember for convenience. This makes guessing the password for attackers like taking candy away from a baby.
BSSID - Basic Service Set IDentifier.
Cantenna - A cantenna is a directional waveguide antenna for long-range WiFi (cf. Hi-fi) which can be used to increase the range of (or snoop on) a wireless network. Originally employing a Pringle's Potato Chip can, a cantenna can be constructed quickly, easily, and inexpensively out of readily obtained materials.
Channel - What channel the network will be broadcasted on.
Data Packets - A packet is a block of data with length that can vary between successive packets, ranging from 7 to 65,542 bytes, including the packet header.
dB - is the abbreviation of Decibel. (see below).
dBm - dBm is a decibel unit that measures power. 0 dBm is equivalent to 1 milliwatt. 30 dBm is equivalent to 1 watt.
Deauthenticate Attack - Deauthenticate packets are sent from access points in order to tell clients, that they are no longer available for service. Some wardriving software offers a feature to spoof these packets and therefore effectively disturbing any communication to the access point. This is a very effective way to reveal SSID's of hidden networks. Note: Some access points might recognise this attack method, and try to switch their frequency.
Decibel - A decibel is a logarithmic measure of something compared with a defined reference point. An increase of 10 dB corresponds to the value being multiplied by 10. A decrease of 10 dB corresponds to the value being divided by 10.
Directional
Antenna
- Is an antenna that you aim towards a certain direction. It usually has a
small angle but its signal more concentrated.
FTP - File Transfer Protocol
GPS - Global Positioning System, you can use a usb gps receiver when on a wardriving mission for location tracking.
HotSpot - see Access Point.
IEEE - Abbreviation of: Institute of Electrical and Electronics Engineers. IEEE is an organization composed of engineers, scientists, and students. The IEEE is best known for developing standards for the computer and electronics industry. In particular, the IEEE 802 standards for local-area networks are widely followed.
802.11a - Wireless networking that uses 5 GHz radio spectrum and achieves throughputs to 54 Mbps. Not compatible with 802.11b or 802.11g.
802.11b - Wireless networking that uses 2.4 GHz radio spectrum and achieves throughputs to 11 Mbps.
802.11g - Wireless networking that uses 2.4 GHz radio spectrum and achieves speeds up to 54 Mbps. It is compatible with both 802.11b, but when 802.11b users connect to and 802.11g access point, 802.11g users will experience thoughputs closer to 802.11b.
Insertion attacks - This attack is based on placing unauthorized devices on the wireless network without going through a security process. Using a laptop or PDA, an attacker tries to connect his wireless client to the base station without any authorization. Base stations should be configured to require a password before allowing access to users, however, the sad reality is that many base stations do not setup one. Without the password, intruders can connect to the internal network with ease, by simply connecting a client to the base station as described above.
Interference Robustness - (For Mac OSX) Interference Robustness should be enabled when you are in an environment with other 2.4Ghz devices that may be interfering with your network connection. Devices that can interfere include certain wireless telephones, televisions repeaters, or microwave ovens.
IP Number - (Internet Protocol Number) Sometimes called a dotted quad. A unique number consisting of 4 parts separated by dots, eg 165.113.245.2 Every machine that is on the Internet has a unique IP number - if a machine does not have an IP number, it is not really on the Internet. Most machines also have one or more Domain Names that are easier for people to remember.
Jamming - Another type of attack called jamming, denies service to legitimate users. Legitimate traffic gets jammed because illegitimate traffic overwhelms the frequencies so that legitimate traffic cannot get through. An attacker with the right equipment can easily flood the 2.4 GHz frequency, so that the signal to noise drops so low, that the wireless network ceases to function.
LAN - A local area network (LAN) is a computer network covering a local area, like a home, office or small group of buildings such as a college. The topology of a network dictates its physical structure.
MAC
address - Every network adapter has what's called a Media
Access Control address (usually shortened to MAC address). It's a six-byte
identifying number permanently embedded in the firmware of the adapter, and
is readable by the network and the operating system of the device on which
the adapter is installed. All modems have a MAC address; so do all Ethernet
cards. The address must follow the standards set by the Institute of Electrical
and.Electronics Engineers (IEEE), which sets
computer networking standards. Basically, the address is a six-pair set of
hexadecimal numbers, for example, a1-c2-e3-44-5f-6d.
Network
- Any time you connect two or more computers together so that they can share
resources, you have a computer network.
NIC - Network Interface Cards.
Noise level - The strength of interference or other unintended background signals that are being received. Usually measured in dBm.
Packet - See: Data Packets.
Packet Reinjection - Is a very advanced WEP cracking technique. When you use this attack, the WEP cracking software will try to find packets, that cause another computer to respond. The program will then send these packets over and over again. If the software detects an answer, it will go into injection mode. Now the network will generate huge amounts of traffic, and more weak packets will be generated. Using this technique, wireless networks can be broken within the hour.
Passive Mode -
PCAP Dump -
PCMCIA - Personal Computer Memory Card International Association - The standard connection of peripherals to a portable computer.
Pigtail
- Is the lead that connects your wireless card to the antenna. There are three
main types of Pigtails:
MMCX -> N Male
MC-Card (right angle)-> N Male
U.FL (Also known as MHF) to N Female Bulkhead
Prism2 chipset - Type of chipset for wireless cards and devices.
Reinject Packets Attack - Affective attack using KisMac softwarre.
RF - Radio Frequency.
SSID - Acronym for: Service Set Identifier. A 32-character unique identifier attached to the header of packets sent over a WLAN that acts as a password when a mobile device tries to connect to the.BSS(Basic Service Set). The SSID differentiates one WLAN from another, so all access points and all devices attempting to connect to a specific WLAN must use the same SSID. A device will not be permitted to join the BSS unless it can provide the unique SSID. Because an SSID can be sniffed in plain text from a packet it does not supply any security to the network. An SSID is also referred to as a Network Name because essentially it is a name that identifies a wireless network.
SSL - Secure Socket Layer.
Unique IVs -
Vender - Company/Maker of the Access Point.
VoIP - Voice over IP.
VPN - Virtual Private Networks.
War Chalking - Warchalking is the name given to the practice of drawing symbols in public places to alert others to the location of a Wi-Fi wireless network. The symbols, typically drawn in chalk on a building, indicate whether the network is open, closed or whether it uses encryption.
War Dialling - [originally from ‘wargames dialer’, a reference to the movie War Games] A cracking tool, a program that calls a given list or range of phone numbers and records those which answer with handshake tones (and so might be entry points to computer or telecommunications systems). Some of these programs have become quite sophisticated, and can now detect modem, fax, or PBX tones and log each one separately.
Wardriving - The art of wardriving is when someone drives around in a car with a wifi enabled laptop picking up and logging networks that they stumble accross.
War Flying - Flying in the sky (usually over cities) logging all the AP's that you find. Very Affective!
War Nibbling - Like wardriving: finding wireless bluetooth insecurity's. But with Bluetooth instead of Wifi.
War Walking - Walking around, with a Wifi enabled laptop, logging AP's that are discovered.
Wifi - Stands for Wireless Fidelity.
WiMax - Acronym that stands for Worldwide Interoperability for Microwave Access, is a certification mark for products that pass conformity and interoperability tests for the IEEE 802.16 standards. IEEE 802.16 is working group number 16 of IEEE 802, specialising in point-to-multipoint broadband wireless access.
(WEP) - Wired Equivalent Privacy Is a security system that uses a series of keys on both sides of a wireless transmission to encrypt data for secure transmission. An 802.11 security protocol for wireless networks, the WEP encryption method is designed to provide the "equivalent" security available in wire line networks. This type of wifi security is not as secure as Wireless Protocol Access (WAP)!
(WPA) - Wireless Protocol Access The most common type of password protection used by most APs.
(WPA-PSK) - Stands for wifi protected access Preshared key. It is a simplified version of the more complicated and expensive WPA protocol.
Wireless LAN (WLAN) - Wireless Local Area Network. A derivative of a traditional LAN network that uses radio waves instead of cables to transmit data.
Wordlist Attack - A brute force attack that uses common words as possible passwords or decryption keys and may provide a more efficient way of discovering the user's code. Sophisticated dictionary attacks sort words by frequency of use and start with the most likely possibilities; for example, names of people, sports teams, pets and cars. For greater security, users should not use passwords that could be found in an ordinary dictionary. While a dictionary attack can be done by a person manually, it is mostly done via software and a database that contains millions of words.
Yagi Antenna - A Yagi antenna, also known as a Yagi-Uda array or simply a Yagi, is a unidirectional antenna commonly used in communications when a frequency is above 10 MHz. This type of antenna is popular among Amateur Radio and Citizens Band radio operators. It is used at some surface installations in satellite communications systems.