Have You Met The Evil Twin?
So this is the second post appearing with evil in its title, the first one appeared for #-Link-Snipped-# and now for Evil Twin. Hacking community is really evil on things done for evil purposes. Anyway what actually is Evil Twin? Evil Twin is wireless version of phishing attack. Phishing is an attack in which an attacker sends victim with an e-mail usually posing as bank or financial transaction company’s employee and asks the victim for information about his bank account, financial transactions, credit cards or something related to victim’s personal or organizational finance. He usually sends a obfuscated link redirecting him/her to fake site which appears same as the legitimate transactional site. Now Evil Twin Phishing is nothing but its wireless version, in this kinda attack an attacker blocks legitimate signals from trusted source and then configures his own access point posing as legitimate access point via his/her laptop or PDA.
Methodology Of Execution: The attacker uses a device like laptop, mobile phone, PDA or cheap antenna for setting up a rouge access point with Service Set Identifier (SSID) of legitimate source. Next he uses a signal bombarding tool or interface to block all legitimate signals from his spot of execution, if he don’t have any bombarding device or tool then he uses the spot where signal strength is very less. First of all he bombards all legitimate signals from his place of execution then he sets up rouge access point with SSID of legitimate source, people think the Wi-Fi signals their devices are receiving are from known access point and connect with it. Once they get connected an attacker can monitor all traffic with help of sniffer.
#-Link-Snipped-#How To Detect Evil Twin: At practical level it is really very hard to detect an Evil Twin. Netstumbler is a tool designed for Wardriving attack can detect rouge access point with ease, so at this level this tool can help detect Evil Twin.
Countermeasures To Evil Twin Attack:
1.Use Virtual Private Network (VPN).
2.Use browsers that uses forced HTTPS connections.
3.Use SSL/TSL.
4.Never use untrusted public Wi-Fi systems for sensitive communication.
5.If you are the one who have to use sensitive information on communication then try to use VPN or a software which allows 100% tunneling of all traffic generating from your PC.
Methodology Of Execution: The attacker uses a device like laptop, mobile phone, PDA or cheap antenna for setting up a rouge access point with Service Set Identifier (SSID) of legitimate source. Next he uses a signal bombarding tool or interface to block all legitimate signals from his spot of execution, if he don’t have any bombarding device or tool then he uses the spot where signal strength is very less. First of all he bombards all legitimate signals from his place of execution then he sets up rouge access point with SSID of legitimate source, people think the Wi-Fi signals their devices are receiving are from known access point and connect with it. Once they get connected an attacker can monitor all traffic with help of sniffer.
#-Link-Snipped-#How To Detect Evil Twin: At practical level it is really very hard to detect an Evil Twin. Netstumbler is a tool designed for Wardriving attack can detect rouge access point with ease, so at this level this tool can help detect Evil Twin.
Countermeasures To Evil Twin Attack:
1.Use Virtual Private Network (VPN).
2.Use browsers that uses forced HTTPS connections.
3.Use SSL/TSL.
4.Never use untrusted public Wi-Fi systems for sensitive communication.
5.If you are the one who have to use sensitive information on communication then try to use VPN or a software which allows 100% tunneling of all traffic generating from your PC.
Replies
You are reading an archived discussion.
Related Posts
Bangalore based Notion Ink Design Labs Pvt. Ltd has began the pre-order of its Adam tablet. The response from all over the world is so huge that the devices with...
The campus recruitment season is on and many engineering students are preparing for the recruitment tests and personal interviews. One of the most common questions asked in interview is "What...
While browsing the Internet, I stumbled upon the term 'Precision Engineering'. I wasn't familiar with the term, so decided to find out more information about it. Upon search, I found...
Beijing, China, Dec.17, 2010 – GstarCAD, one of the world leading providers of 2D/3D CAD software, today announced the pre-release of GstarCAD 2011 version for public evaluation on Nov.30. Designed...
Well, I was reading through Kaustubh's post about the interview question 'your greatest weakness' and as much as I agree with whatever 'The Big K' has written over there, I...