How to avoid a WiFi de-authentication attack



A couple of weeks ago I found myself facing a situation related to the security of my wireless devices and it is that despite the fact that new communication and security protocols are constantly coming onto the market, such a simple and innocent attack can ruin life when our The need for connection is at stake. Interestingly, this type of attack does not require great sophistication or large extensions of time to create chaos for those who need to connect in our home or office.

 

Attacks based on the de-authentication of users, either to capture or retain connection possibilities, are quite common and are preferred by crackers/hackers because their rate of effectiveness is high and it depends directly on the capacity of wireless networks to prevent this. type of actions that determine success.

 

Although we already have protection mechanisms within our reach, such as the IEEE 802.11w-2009 standard, the truth is that its application is overshadowed only by the compatibility of some manufacturers to include support for this mechanism in their devices.

 

Indeed, 802.11w includes management frame protection (MFP), that is, all authentication, de-authentication, association, disassociation, beacons, and probes frames that are normally used by wireless clients to manage their connection to a network.

 

As with many security parameters, its use is subject to and determined by the type of clients you expect to receive on the network and may eventually mean problems for some of our users as they do not have the necessary compatibility to connect, at the time of writing this post two of my most used devices do not have MFP support namely Google Assistant and Chromecast3.

 

Conclusions  


Despite the repercussions that having the MFP active for the connection of its devices can have within a home or office environment, I prefer to keep my devices with a separate level of security from the rest of my network with a different type of security. and that only this part of the network is affected and not be exposed to the fact that due to the decrease in security my users and their data are violated, which are usually more important than what passes through devices that are normally used for streaming video. Implementing WIPS network profiles is a new goal.


Next posts:


     - Deauthentication attack

     - Activating MFP on a WLAN

     

 

Post a Comment

0 Comments