Understanding Computer Network Security Part 2: Wireless Network Poisoning
If you haven't already, checkout my last post regarding wireless network sniffing as it will help set the scene for what's going on here.
Wireless network poisoning is the practice of getting onto a wireless network, and then tricking other users of the network to route all of the traffic to your computer, before it goes to the router, and therefore, before it goes on to the internet. By "user", I mean any device connected to the network such as a phone, laptop, tablet, pc, etc.
As that image comically points out, wireless network signals are sent in all directions, so the attacker actually doesn't need to be in between you and the network, or have physical access to any device.
Now let's pretend I have poisoned a network, and I'm getting all of those sweet sweet 802.11 frames (data). What can I actually do with this? Well a few problems come to mind
- I can read your potentially sensitive unencrypted info, potentially passwords, browser cookies, etc., unless of course, you are on an encrypted connection.
- I can modify the information that the router returns to you.
- I can take this a step further by tampering with encryption, which is more easily detectable, and easy to defend yourself from.
The first item on the list, we talked about earlier, and the last item we will get to eventually, but the second item on our list is by far the most interesting. When I have all of the traffic running through my computer, I can actually edit what gets sent back to the user.
How is this dangerous? Well what if you were trying to access Facebook, and instead, I sent you a new version of Facebook that has a little bit of code in the background that sends me every keypress you type. This could include any private message, credit card, password, etc.
How do you defend against an attack like this? Well first off, you shouldn't send private information over a public WiFi network. Secondly, ensure that encryption is available on websites that you are browsing.
To learn more about how wireless network poisoning works, learn about the ARP protocol. Also, it would certainly be worth while to take a look at Ettercap.