Wednesday, July 4, 2018

WIFI Security Inspection Checklist

1) The security of Access Points and Access Controllers
Connect into the corresponding wlan before leveraging either Nessus or OpenVAS to fully scan those Access Points and Access Controllers.


2) The robustness of Wireless protocols
Run Kismet by executing the command, kismet, in a shell.
Manually check the encryption algorithm of each WIFI signal.
Bear in mind that there is a sequence listing the security robustness towards each of those WIFI protocols as shown below.
WPA2 Enterprise > WPA Enterprise > WPA2 PSK > WPA PSK > WEP > None Encryption


3) Wi-Fi Protected Setup (WPS) function
Run Fern WIFI Cracker and select the appropriate wlan0 interface before clicking the "Scan for Access points" button.
Check each access point and see if each of them enables the WPS function.


4) Rogue AP
Run Kismet by executing the command, kismet, in a shell.
Check all signals stronger than -40dBm while walking around.


5) Twins of Evil
Run the command, iwlist wlan0 scanning|grep -i 'address:\|essid:'.
There is an example as shown below.
root@alex-kali:~# iwlist wlan0 scanning|grep -i 'address:\|essid:'
          Cell 01 - Address: 90:2B:CF:DC:09:15
                    ESSID:"alex11"
          Cell 02 - Address: 80:29:94:D2:2A:1C
                    ESSID:"Highbridge26"
          Cell 03 - Address: 00:26:62:9B:47:87
                    ESSID:"E5426"
          Cell 04 - Address: B0:C2:87:B5:2B:79
                    ESSID:"TC8717T73"
          Cell 05 - Address: 90:1A:CA:DC:12:10
                    ESSID:"alex6"
          Cell 06 - Address: 00:14:D1:D4:64:02
                    ESSID:"ling23828"
          Cell 07 - Address: 58:EF:68:60:C9:87
                    ESSID:"Linksys15"
          Cell 08 - Address: 48:5D:36:56:44:0E
                    ESSID:"FiOS-TQ4TB"
          Cell 09 - Address: 48:5D:36:21:6D:BA
                    ESSID:"FiOS-Q9BY2"
          Cell 10 - Address: D8:D7:75:A8:59:5E
                    ESSID:"MySpectrumWiFi58-2G"
          Cell 11 - Address: 80:29:94:D2:2A:1D
                    ESSID:"Highbridge23"
          Cell 12 - Address: 58:EF:68:60:C9:88
                    ESSID:"Linksys15"
          Cell 13 - Address: 58:EF:68:60:C9:89
                    ESSID:"Linksys15"
          Cell 14 - Address: 20:C0:47:D3:4D:CA
                    ESSID:"Fios-DRARW-5G"
          Cell 15 - Address: 22:C0:47:D3:4D:CB
                    ESSID:"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
          Cell 16 - Address: 48:5D:36:56:44:0C
                    ESSID:"FiOS-TQ4TB-5G"
          Cell 17 - Address: 4A:5D:36:56:44:0D
                    ESSID:"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
          Cell 18 - Address: B8:D9:4D:4B:AA:0F
                    ESSID:"MySpectrumWiFi08-5G"
Check the output in order to filter out those Twins of Evil.
Posted by at

1 comment:

Subscribe to: Post Comments (Atom)