Tip
"A false sense of security is worse than being unsure."
Anonymous
A false sense of security is worse than being insecure, as you may not be prepared to face the eventuality of being hacked.
WLANs have weak authentication schemas, which can be easily broken and bypassed. In this chapter, we will look at the various authentication schemas used in WLANs and learn how to beat them.
In this chapter, we will look at the following:
- Uncovering hidden SSIDs
- Beating MAC filters
- Bypassing Open Authentication
- Bypassing Shared Key Authentication
In the default configuration mode, all access points send out their SSIDs in the Beacon frames. This allows clients in the vicinity to discover them easily. Hidden SSIDs is a configuration where the access point does not broadcast its SSID in the Beacon frames. Thus, only clients which know the SSID of the access point can connect to it.
Unfortunately, this measure does not provide robust security, but most network administrators think it does. We will now look at how to uncover hidden SSIDs.
3