issuhub.com

CEH

(Jeff_L) #1

364 Chapter 15 ■ Wireless Networking


One hardware device that is designed to use as a wireless honeyspot is the

WiFi Pineapple from Hak5. This device looks like a compact wireless router,

but it offers features useful for working with wireless networks. Since its

first release, it has introduced custom hardware and software purpose

built to audit wireless networks. In the hands of an ethical hacker, this tool

can be used to deploy not only a wireless honeyspot or honeypot, but

much more.

Ways to Locate Wireless Networks


In order to attack, you must first find a target, and though site surveys can make this

easier, they cannot help in every case. Several tools and mechanisms make locating a target

network easier.

The following are methods that can complement wardriving or be used on their own:

■ OpenSignal is a useful app that can be used on the web at http://opensignal.com or

on a mobile device by downloading the OpenSignal app. With this application, you can

map out Wi-Fi networks and 2G–4G networks, as well as correlate this information

with GPS data.

■ wefi (www.wefi.com) provides a map of various locations, with the access points noted

in varying amounts of detail.

■ JiWire (www.jiwire.com) offers a map of various locations, with access points detected

in a given region.

Traffic Analysis

Once you’re connected to a target network, the next step is to perform traffic analysis to

gain insight into the activity in the environment. As when using Wireshark with standard

network traffic, it is entirely possible to scrutinize traffic on a wireless network. By

performing such analysis, you can gain vital information on traffic patterns, protocols in

use, and authentication, not to mention information specific to applications. Additionally,

analysis can reveal vulnerabilities on the network as well as client information.

Under ideal conditions, traffic analysis of a wireless network can be expected to reveal

the following:

■ Broadcast SSID

■ Presence of multiple access points

■ Possibility of recovering SSIDs

■ Authentication method used

■ WLAN encryption algorithms

Currently, a number of products can perform wireless traffic analysis—Kismet,

AirMagnet, Wireshark with AirPcap, CommView, and a few others.
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.