|
|
 |
|
|
Connecting to network
- Turn on Wireless Zero Configuration Service
- Insert wireless card
- Open connection manager
- Connect to network
MAC Address Filtering
- Passively sniff traffic on the wireless network with Ethereal (www.ethereal.com) to determine MAC address(es) allowed to connect to network
- Use BWMACHAK (www.irvineunderground.org/blackwave/bwmachak.zip) to change MAC address of attackers wireless network card
Finding Cloaked Access Points
- Wireless access points can be put in stealth mode by turning off the SSID broadcast
- Active scanners like NetStumbler cannot detect cloaked access points
- Kismet (www.kismetwireless.net/download.shtml) and AirSnort (airsnort.shmoo.com) (both run on Linux) are passive scanners capable of detecting hidden SSID's
Attacking Encrypted Networks
- WEP encryption can be cracked with WEPCrack (wepcrack.sourceforge.net)
- WepCrack is written in Pearl so Cygwin (www.cygwin.com) or ActivePearl (www.activestate.com) needs to be installed on Windows computers
|
