Cyber Guerilla Networking

By Judith M. Myerson
2005-04-13


Exploiting Signals
Some tools that I call cyber weapons combine the best of the sniffing and hacker tools already available. With these cyber weapons -- hand-made or manufactured -- at the ready, guerillas can effectively intercept signals, rearrange the packets into their proper sequence, and find out the access points of a high-speed network that they can tap into.

In the real world, the users of ready-made sniffing tools fall into two groups. In the first group, the legitimate system administrators check traffic flow in WLANs connected with cellular networks to ensure, for example, it does not reach the dangerous point of system overload that would result in a system crash. The illegitimate users that make up the second group employ intercepting tools (and other types of cyber weapons, as well).

Like other software, legitimate sniffing tools, if not properly designed and implemented, can contain wireless network vulnerabilities. Cyber guerillas can use their weapons to exploit the vulnerabilities of legitimate system administrators' sniffing tools. For example, on May 29, 2002, Security Tracker.com reported vulnerabilities in Kismet Wireless Network Sniffing Software.

War-drivers and walkers use freeware sniffer tools (see "Sniffing for the Air"), including Ministumbler, a network sniffer for Pocket PC 3.0 and 2003, in order to get information about open, unprotected access points, or APs.

Cracker tools like WEPcrack can quickly begin decoding traffic on Linux-based systems, even when WEP is turned off. One encryption weakness is that the keys for each AP and client must be identical. Another weakness is that WEP's initialization is rather low (24-bits long) for effective encryption, even though WEP supports 64- and 128-bit keys (see Dale Gardner's "Wireless Insecurities").

Tutorial Pages:
» Recognizing and Battling Your Enemy
» Who are the Cyber Guerillas?
» In Search of Their Prey
» Get a Load of a Cyber Guerilla
» Wireless Security Weak Spots
» Exploiting Signals
» Please do add VPN Support
» Defeating Your Would-Be Attacker
» Preparing for Combat
» Resources


First published by IBM DeveloperWorks

Related Tutorials: » Secrets of the Wireless Elite: Alexei Polyakov » Linux Wireless Networking » A New Strategy of Language Pack Management for Wireless Apps » Open Source Wireless Tools Emerge » Getting Practical About Wireless Security, Part 1: Building a Wireless Sniffer with Perl » Challenges and Opportunities in Mobile Games

Tutorials AJAX ASP CGI & Perl CSS Flash HTML Illustrator Java JavaScript Linux MySQL PHP Photoshop Python Wireless XML Miscellaneous Scripts AJAX ASP ASP.NET CGI & Perl Flash Java JavaScript PHP Python Remotely Hosted Tools & Utilities XML Web Hosting Articles ASP.NET Budget Dedicated Servers Ecommerce Linux Resellers Shared Small Business Windows Developer Manuals Learn HTML Learn PHP Learn CSS Learn AJAX Learn JavaScript Learn Pear White Papers Resources Developer Tools Developer Content Dedicated Servers