Before we get too deep into the ethical-hacking process, it will help to define a couple of terms that we’ll be using throughout this tutorial. They are as follows:
- Threat: A threat is an indication of intent to cause disruption within an information system. Some examples of threat agents are hackers, disgruntled employees, and malicious software (malware) such as viruses or spyware that can wreak havoc on a wireless network.
- Vulnerability: A vulnerability is a weakness within an information system that can be exploited by a threat. Some examples are wireless networks not using encryption, weak passwords on wireless access points or APs (which is the central hub for a set of wireless computers), and an AP sending wireless signals outside the building.
Beyond these basics, quite a few things can happen when a threat actually exploits the vulnerabilities of a various wireless network. This situation is called risk. Even when you think there’s nothing going across your wireless network that a hacker would want — or you figure the likelihood of something bad happening is very low — there’s still ample opportunity for trouble.
Risks associated with vulnerable wireless networks include
- Full access to files being transmitted or even sitting on the server
- Stolen passwords
- Intercepted e-mails
- Back-door entry points into your wired network
- Denial-of-service attacks causing downtime and productivity losses
- Violations of state, federal, or international laws and regulations relating to privacy, corporate financial reporting, and more
- “Zombies” — A hacker using your system to attack other networks making you look like the bad guy
- Spamming — A spammer using your e-mail server or workstations to send out spam, spyware, viruses, and other nonsense e-mails
We could go on and on, but you get the idea. The risks on wireless networks are not much different from those on wired ones. Wireless risks just have a greater likelihood of occurring — that’s because wireless networks normally have a larger number of vulnerabilities.
The really bad thing about all this is that without the right equipment and vigilant network monitoring, it can be impossible to detect someone hacking your airwaves — even from a couple of miles away! Wireless-network compromises can include a nosy neighbor using a frequency scanner to listen in on your cordless phone conversations — or nosy co-workers overhearing private boardroom conversations. Without the physical layer of protection we've grown so accustomed to with our wired networks, anything is possible.
No comments:
Post a Comment