Now that wireless LANs are used everywhere, network audits are a much-requested service. An unsafe configuration makes a network very vulnerable and allows attackers to gain access to and exploit networks remotely.
Due to the growth of wireless networks and mobile devices, wireless networks have become an important target for cyber criminals. The purpose of a wireless network is to provide easy access, but this can also become an open door for attackers.
When auditing wireless networks, we evaluate the security, effectiveness and performances in order to get an overview of the situation of the network. The best way to manage the security of wireless networks is to be continuously vigilant and periodically check the security level and possible holes.
Possible risks of an unsafe WiFi network:
• Data leaks
• Man-in-the-middle attacks
• Malware spreading
• Malicious hotspots
• Evil Twin attacks
• Weak passwords
• Weak to no encryption
• Unseparated networks (Guest / Business)
How we work
External testing of the network local/guest:
• We use Wireshark to follow the traffic of the relevant SSID.
With a “deauth” we disconnect all devices and users, and are able to see more than we should with the “WPA handshake” that we receive. The handshake is revealed once all devices, including the router, connect with all clients. This handshake contains useful information, such as the WiFi password. With various tools we can attempt to brute force the handshake and hopefully track down the password.
*Brute force is a technique whereby a dictionary is used to “guess” the password.
• Checking MAC restrictions. By tracking down the connected MAC addresses on the network, we can clone the MAC address and try to log in. This is also called MAC spoofing.
• Man-in-the-Middle attack. With this, we try to hijack the original connection. Next, we mimic the original connection. Once users try to connect again, they unconsciously connect to us. If users enter the correct information, we can connect to the WiFi network and intercept all ongoing traffic.
• Once we’re on the guest network, we check if it is possible to jump to the local network. This means that the security of the local WiFi must be in order to prevent this. With Nmap we map the network in order to see if we can reach other IP addresses and gain insight into open ports.
• Checking the router for vulnerabilities. With various tools we check whether the router in question is vulnerable for known exploits. On the guest network we will also try to gain access to the router via weak passwords, whereby we will try to gain access to another network.
From €1.220,- excl. VAT on basis of 8 hours, including travel costs and reporting.
Would you like to know more?
Get in touch today.
Read in-depth articles
Do you want to know more about online security and our mission to make the internet safer for everyone?
Become our partner
Networking4all is ready to make the next entry in our timeline. We would love to include you in the next step as our partner. Do you want to read more about our mission and the possibility of a partnership?