I think. Everyone, welcome back to the course in this video. We're gonna talk about wireless attacks as well as some countermeasures to those attacks.
So let's talk about our different types of wireless attacks, or at least the most common ones.
We've got her evil twin. So this is where that attacker sets up that face wire fake wireless access point
with a similar name, as we talked about before to corporate access points. So, for example, Starbucks corporate and they may be set up Starbucks guest or Starbucks corporate
dot number one or something like that, just a similar name toe where we don't necessarily know it's the end user. Should we connected this one or this other one over here?
And like I said, a lot of times they will boost the signal. So that way there device shows us the strongest signal, and you're more inclined to say, Well, it's a stronger signal. It must be the corporate one, and I should connect to it.
We've got jamming attacks, which is basically just blocking that wireless signal of the wireless access point. So thinking through when we talk about the CIA tree had earlier in the course thinking through the availability aspect there,
we've got what's called a honey spot attacks. So this is where the attacker sets up a wireless access point similar to an evil twin. But instead of naming it like a corporate thing, this would be one that will be like a public WiFi place. So, for example, a Starbucks or a restaurant, and the attacker will just name there
device a similar SS. I'd
as the public WiFi. So, for example, issues in Starbucks,
Starbucks might say Starbucks public
and the attacker might use, like Starbucks, underscore public right, something simple that looks very similar in nature and with the hope that people will connect to that and not use VPNs etcetera and allow the attacker to get things like log in credentials or banking information.
We've got mis configuration. So this is where the attacker takes advantage of default or weak credentials on the device or even default configurations as well as weak encryption to compromise that access point.
And then we've got ad hoc connections.
So this is where the attacker enables ad hoc connections and the user system s he doing something like using malware to do so or if the Lycan employees already using an ad hoc connection to, Like, share like file sharing sites or whatever with peers, Um then the attacker compromise that connection
because that particular mode, the ad hoc mode, doesn't actually provide
very strong encryption. So what are some countermeasures that we can do well, using things like W. P A. To encryption to give us a stronger encryption based not sharing our log in credentials?
Don't open emails that you don't trust. So don't fall for phishing emails essentially, which could be a little challenging,
implementing things like intrusion detection systems or firewalls and filtering the connections to those wireless access points,
changing default configurations or default credentials to make it more difficult for the attacker to get in
using a centralized authentication system.
And, of course, using a VPN right. So even though we're connected to what we would consider our corporate wireless access point, we need to use a VPN wherever possible to help encrypt the traffic that we're doing. So an attacker can just sniff that
and Mac filtering as well. So quick, quick question here for you. What are some best practices around? WiFi, which, which of the following are included on that. Is that using WP A two? Is it changing the default credentials or is it using a VPN?
All right, This one was pretty simple, right? It's obviously all of these. We wanna use WP a two or a least stronger encryption. We want to change the default credentials as well as the default settings and then use a VPN wherever we can. So this video we just talked about some of the different wireless attacks as well as some of the fundamental countermeasures that we can do.