IS4560 Hacking And Countermeasures
The article I picked for this assignment is “The Ten Most Critical Wireless and Mobile Security Vulnerabilities”. There were quite a few threats involved and they are: Default Wi-Fi routers
Rogue Access Points
Wireless Zero Configuration
Clear Text Encryption Passwords (On Mobile)
Multiple VoIP attacks
Lost and stolen devices
Wireless routers are shipped in an un-secured state. The result of this is that an attacker can easily connect to and configure the router to meet his or her own needs. The risks include changing the DNS server settings to a static IP that is owned by the attacker; or, uploading a hacked firmware version to the router that could put the attacker in full control of the data. Sniffing programs, wireless scanning drones, attack scripts, and more can be easily installed on the router, all of which would go undetected.
Wireless access points are easy to install. As a result, many individuals within companies have taken it upon themselves to set up an authorized access point, without informing the network administrator. Typically, these access points are not protected, which means they can be used by an attacker just as they can by a valid user.
When a computer connects to an access point, it generally stores the details of that connection locally. The next time the computer is turned on; the wireless network card immediately looks for the connection and re-establishes the connection – without user intervention.
BlueSnarfing: OBEX protocol exploit that allows hackers to secretly access the mobile phone’s colander, pictures, phone contact list, etc. without the owner knowing. BlueBugging: Allows hackers to send SMS messages from a remote vulnerable phone spoofing the sender. This is not the same as BlueSnarfing, and it affects only some phones. BlueJacking: By renaming the name of the phone,...
Please join StudyMode to read the full document