Thursday, January 23, 2014

[Wireless IDS] Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets



Wireless IDS is an open source tool written in Python and work on Linux environment. This tool will sniff your surrounding air traffic for suspicious activities such as WEP/WPA/WPS attacking packets. It do the following
  • Detect mass deauthentication sent to client / access point which unreasonable amount indicate possible WPA attack for handshakes.
  • Continual sending data to access point using broadcast MAC address which indicate a possibility of WEP attacks
  • Unreasonable amount of communication between wireless client and access point using EAP authentication which indicate the possibility of WPS bruteforce attack by Reaver / WPSCrack
  • Detection of changes in connection to anther access point which may have the possibility of connection to Rogue AP (User needs to assess the situation whether similar AP name)

No comments:

Post a Comment