Rogue Access Points : Överblick av en attack

Grönstedt, Elliot; Wass, Hampus

bibliotek.hv.se

Simple search

Advanced search -
Research publications Advanced search -
Student theses Statistics

English Svenska Norsk

Change search

Cite ExportLink to record

Permanent link

https://urn.kb.se/resolve?urn=urn:nbn:se:hv:diva-18586

Direct link

http://hv.diva-portal.org/smash/record.jsf?pid=diva2:1673539

Cite

Citation style

apa
ieee
modern-language-association-8th-edition
vancouver
Other style

More styles

Language

de-DE
en-GB
en-US
fi-FI
nn-NO
nn-NB
sv-SE
Other locale

More languages

Output format

html
text
asciidoc
rtf

Rogue Access Points: Överblick av en attack

Grönstedt, Elliot

University West, Department of Engineering Science.

Wass, Hampus

University West, Department of Engineering Science.

2022 (Swedish)Independent thesis Basic level (university diploma), 5 credits / 7,5 HE creditsStudent thesisAlternative title

Rogue Access Point : Overview of an attack (English)

Abstract [sv]

Rogue Access Point’s (RAP:s) har väldigt låg komplexitet i förhållande till effektivitet. Denna rapport syftar till att visa detta på ett praktiskt sätt och ge läsaren en inblick i olika perspektiv från attacken.

Ett internt nätverk byggdes i labbmiljö tillsammans med två interna servrar, Web Server (HTTP) samt Domain Name System (DNS) server. I det interna nätverket fanns en trådlös miljö för interna klienter som en hotaktör anslöt sig till och bryggade anslutningen till en RAP.

När en användare ansluter sig till RAP:n kan all dess trafik avlyssnas, manipuleras eller kapas av hotaktören. I denna rapport visas ett passivt tillvägagångsätt i form av avlyssning, med hjälp av Wireshark. Med detta verktyg lyckas rapporten visa hur okrypterade protokoll beter sig om de avlyssnas.

Från det interna nätverkets Wireless Lan Controller (WLC) indikeras RAP:n som en Rogue Access Point och en contain attack utförs. Detta medför att dissociation samt deauthentication dataramar spammas till de anslutna klienterna med en spoofad source MAC adress till RAP:n. Vilket i praktiken innebär en Denial of Service (DoS) attack mot klienternas association till RAP:n.

Abstract [en]

Rogue Access Point's (RAPs) have very low complexity in relation to efficiency. This report aims to show this in a practical way and give the reader an insight into different perspectives from the attack.

An internal network was built in a lab environment together with two internal servers, a Web Server (HTTP) and a Domain Name System (DNS) server. In the internal network, there was a wireless environment for internal clients that a threat actor joined and relayed the connection to a RAP.

When a user joins the RAP, all its traffic can be intercepted, manipulated, or hijacked by the threat actor. This report shows a passive approach, packetsniffing, using Wireshark. With the help it, the report manages to show how unencrypted protocols behave if they are intercepted.

From the internal network's Wireless Lan Controller (WLC), the RAP is detected as a Rogue Access Point and a contain attack is performed. This means that dissociation and deauthentication frames are spammed to the connected clients with a spoofed source MAC address of the RAP. Which in practice means a Denial of Service (DoS) attack on the unexpecting client’s association with the RAP.

Place, publisher, year, edition, pages

2022. , p. 30

Keywords [en]

cybersecurity, cyberattacks, remote-working, pandemic, Covid-19, social distancing

Keywords [sv]

Informationssäkerhet, Cybersäkerhet, Trådlösa sårbarheter, Wi-Fi säkerhet, Man In The Middle Attack

National Category

Computer Systems

Identifiers

URN: urn:nbn:se:hv:diva-18586Local ID: EXN300OAI: oai:DiVA.org:hv-18586DiVA, id: diva2:1673539

Subject / course

Computer engineering

Educational program

Nätverksteknik med IT-säkerhet

Supervisors

Lejon, Mats

Examiners

Belenki, Stanislav

Available from: 2022-06-22 Created: 2022-06-21 Last updated: 2023-05-31Bibliographically approved

Open Access in DiVA

No full text in DiVA

urn-nbn

Total: 200 hits