Wireless LAN Basics

Wireless LAN (Wi-Fi) Basics & Security

A WLAN (Wireless Local Area Network) allows devices to connect and communicate wirelessly within a limited area (like a home or office) using high-frequency radio waves instead of traditional Ethernet cables. Today, this technology is universally known as Wi-Fi.

While highly convenient, wireless networks broadcast their data openly into the air. This means anyone within physical range with an antenna can intercept the traffic, making wireless security protocols absolutely critical.

The Evolution of Wireless Security

To protect data flying through the air from eavesdroppers, Wi-Fi networks rely on cryptographic security protocols. Over the years, these have heavily evolved to patch massive vulnerabilities.

1. WEP (Wired Equivalent Privacy): Introduced in 1997. It used incredibly weak encryption algorithms and can now be hacked by a novice in a matter of minutes. Never use WEP.
2. WPA (Wi-Fi Protected Access): Introduced to replace WEP. It implemented TKIP (Temporal Key Integrity Protocol) which dynamically changed encryption keys to improve security.
3. WPA2: Introduced in 2004. It mandated the use of AES (Advanced Encryption Standard), creating a highly robust and secure standard that is still widely used in most homes today. However, it is vulnerable to offline dictionary attacks if the network password is weak.
4. WPA3: The newest and most secure standard introduced in 2018. It provides individualized data encryption and heavily protects against brute-force password guessing using Simultaneous Authentication of Equals (SAE).

Common Wireless Attacks

• Rogue Access Points / Evil Twins: An attacker sets up a fake Wi-Fi hotspot named identically to a legitimate one (e.g., "Starbucks Free Wi-Fi"). When users connect, the attacker intercepts all their web traffic and steals passwords.
• Deauthentication Attacks: An attacker sends specialized "Deauth" frames forcing all devices on a legitimate network to instantly disconnect. When the devices try to frantically reconnect, the attacker captures the secret "handshake" to crack the Wi-Fi password.

Deep Dive: Wardriving and Wi-Fi Pineapples

Hackers do not always launch attacks from the comfort of their bedrooms. Wardriving is a highly popular physical technique where an attacker drives around a city or corporate campus in a car equipped with a laptop, GPS, and a massive high-gain antenna on the roof. They use software (like Kismet) to automatically scan, log, and physically map the GPS coordinates of every single vulnerable WEP or WPA network they drive past.

Once they find a target, they might use a tool like the Wi-Fi Pineapple. This is an inexpensive, highly portable hardware device designed specifically for penetration testing. It acts as an automated Evil Twin. If a victim's phone is searching for its home network "MyHomeNetwork", the Pineapple hears the request, dynamically changes its own name to "MyHomeNetwork", and tricks the phone into connecting to it instead.