Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rogue Access Points: Överblick av en attack
University West, Department of Engineering Science.
University West, Department of Engineering Science.
2022 (Swedish)Independent thesis Basic level (university diploma), 5 credits / 7,5 HE creditsStudent thesisAlternative title
Rogue Access Point : Overview of an attack (English)
Abstract [sv]

Rogue Access Point’s (RAP:s) har väldigt låg komplexitet i förhållande till effektivitet. Denna rapport syftar till att visa detta på ett praktiskt sätt och ge läsaren en inblick i olika perspektiv från attacken.

Ett internt nätverk byggdes i labbmiljö tillsammans med två interna servrar, Web Server (HTTP) samt Domain Name System (DNS) server. I det interna nätverket fanns en trådlös miljö för interna klienter som en hotaktör anslöt sig till och bryggade anslutningen till en RAP.

När en användare ansluter sig till RAP:n kan all dess trafik avlyssnas, manipuleras eller kapas av hotaktören. I denna rapport visas ett passivt tillvägagångsätt i form av avlyssning, med hjälp av Wireshark. Med detta verktyg lyckas rapporten visa hur okrypterade protokoll beter sig om de avlyssnas.

Från det interna nätverkets Wireless Lan Controller (WLC) indikeras RAP:n som en Rogue Access Point och en contain attack utförs. Detta medför att dissociation samt deauthentication dataramar spammas till de anslutna klienterna med en spoofad source MAC adress till RAP:n. Vilket i praktiken innebär en Denial of Service (DoS) attack mot klienternas association till RAP:n.

Abstract [en]

Rogue Access Point's (RAPs) have very low complexity in relation to efficiency. This report aims to show this in a practical way and give the reader an insight into different perspectives from the attack.

An internal network was built in a lab environment together with two internal servers, a Web Server (HTTP) and a Domain Name System (DNS) server. In the internal network, there was a wireless environment for internal clients that a threat actor joined and relayed the connection to a RAP.

When a user joins the RAP, all its traffic can be intercepted, manipulated, or hijacked by the threat actor. This report shows a passive approach, packetsniffing, using Wireshark. With the help it, the report manages to show how unencrypted protocols behave if they are intercepted.

From the internal network's Wireless Lan Controller (WLC), the RAP is detected as a Rogue Access Point and a contain attack is performed. This means that dissociation and deauthentication frames are spammed to the connected clients with a spoofed source MAC address of the RAP. Which in practice means a Denial of Service (DoS) attack on the unexpecting client’s association with the RAP.

Place, publisher, year, edition, pages
2022. , p. 30
Keywords [en]
cybersecurity, cyberattacks, remote-working, pandemic, Covid-19, social distancing
Keywords [sv]
Informationssäkerhet, Cybersäkerhet, Trådlösa sårbarheter, Wi-Fi säkerhet, Man In The Middle Attack
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:hv:diva-18586Local ID: EXN300OAI: oai:DiVA.org:hv-18586DiVA, id: diva2:1673539
Subject / course
Computer engineering
Educational program
Nätverksteknik med IT-säkerhet
Supervisors
Examiners
Available from: 2022-06-22 Created: 2022-06-21 Last updated: 2023-05-31Bibliographically approved

Open Access in DiVA

No full text in DiVA

By organisation
Department of Engineering Science
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 111 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf