In this chapter, we covered an often overlooked element of wireless security assessments and penetration testing, the denial of service attack. Organizations have come to depend on their wireless networks, and having them unavailable can cost the organization both time and money as a result of the lost productivity of their employees or the inability to reach critical systems. A denial of service attack will not enable the attacker to glean any confidential information or compromise the wireless network; however, it should be used as a tool to demonstrate the potential weaknesses of the wireless infrastructure. An organization looking to minimize and quickly react to denial of service attacks should look at investing in Wireless Intrusion Detection Systems and implementing Management Frame Protection on their infrastructure and client systems. In my view, DoS attacks are not only used for bringing the target network down, it can be used along with any other attacks to increase the success rate of the attack. For example, after hijacking a user session, attacker can fire up deauth module to eliminate the user from network. Meanwhile, attacker can still maintain the session of the user and perform actions on behalf of user. After completing the malicious actions, attacker gives back the session to the user. By applying DoS attack in this scenario, there is no fear of user logging out when the attack is still going on.

In the next chapter, we will look at a new class of systems a penetration tester can add to their arsenal: embedded systems and purpose-built wireless attack platforms.