Several techniques are used on the Wireless Security LAN

Below are some events and activities undertaken to mengamanan wireless networks:
Hiding the SSID
Many administrators hid Services Set Id (SSID) wireless network with the intention
that they only know the SSID can be connected to their network. This is not correct,
because the SSID is not completely masked. At a certain moment or
especially when the client will connect (associate) or when it will decide itself (deauthentication)
of a wireless network, then the client will still send the SSID in plain text
(Although the use of encryption), so if we intend to tap, can be easily
find information. Some tools that can be used to get the ssid
dihidden among others, kismet (kisMAC), ssid_jack (airjack), aircrack,
void11 ​​and much more.
Wireless security with WEP key only
WEP is a security standard & first encryption used on wireless, WEP has
many weaknesses, among others:
● A key problem is weak, the RC4 algorithm used can be solved.
● WEP uses static keys
● Problem initialization vector (IV) WEP
● Problem message integrity Cyclic Redundancy Check (CRC32)
WEP consists of two levels, namely 64 bit key, and 128 bits. Actually, the secret key in the lock
WEP 64 bit only 40 bit, 24bit is an Initialization Vector (IV). Similarly, the key
128-bit WEP 104bit secret key consists of. Seranganserangan
the weaknesses of WEP are:
1. The attack on the weaknesses of the initialization vector (IV), often called the FMS attack. FMS stands for
The third name the inventor of the IV weaknesses Fluhrer, Mantin, and Shamir. This attack
done by collecting a weak sebanyakbanyaknya IV.
The more IV
obtained weak, the sooner discovered the key that is used
(Www.drizzle.com/ ~ aboba/IEEE/rc4_ksaproc.pdf)
2. Obtain a unique IV data obtained through the packet to be processed for the
cracking the WEP key more quickly. This method is called chopping attack, the first time
found by h1kari. This technique only requires a unique IV, thereby reducing
IV needs of the weak in WEP cracking.
3. Both of the above attacks require considerable time and packet, to shorten the time,
hackers usually do traffic injection. Traffic Injection is often done
by collecting the ARP packet and then sends back to the access point. It is
vector resulted in an initial collection easier and faster. Unlike the attack
The first and second, to attack traffic injection, required specification of tools and applications
that start rarely encountered in tokotoko,
ranging from chipsets, firmware version, and versions
drivers, and not infrequently have to do the patching of drivers and applications.
MAC Filtering
Almost every wireless access point or router MAC filtering is facilitated by the security. It is
actually not much help in securing wireless communications, because the MAC address
very easy dispoofing or even altered. Tools ifconfig in OS Linux / Unix or a variety of tools such as
network utility, regedit, SMAC, machange on windows OS easily be used for spoofing
or change the MAC address.
I still often find wifi in the office and even the ISP (which is usually used by
warnetwarnet)
which only use MAC filtering protection. By using the application
wardriving like kismet / aircrack kisMAC or tools, we can obtain the MAC address of each client information
which is connected to an Access Point. After getting this information, we can
connected to the Access point to change the MAC in accordance with this client. In wireless networks,
MAC address duplication does not result in conflict. It only takes a different IP to client
the earlier.
Captive Portals
Captive Portal infrastructure originally designed for the purposes of community that enables all
people can connect (open network). Captive portal is actually a router or gateway machine
which does not protect or allow the traffic to the user registration / authentication.