There are many attack methods used to prey upon common wireless LAN vulnerabilities. Perhaps the most well-known...
of these is WEPcrack. WEPcrack and similar key-cracking tools take advantage of weaknesses in the Wired Equivalent Privacy (WEP) protocol that was originally used to encrypt traffic over 802.11 connections. By capturing and analyzing WEP-encrypted traffic, WEPcrack creates a list of keystreams that can be used to decrypt future traffic encrypted with those same keystreams. Once enough traffic is captured, the actual WEP key can be derived, letting the attacker decrypt all future traffic. Some weaknesses leveraged by WEPcrack have since been fixed in most products, increasing the time required to "brute force" crack WEP keys. For better protection, most WLAN products now offer safer alternatives to WEP, like TKIP (WPA) or AES (WPA2). For a primer on WLAN security, read the Wi-Fi Alliance security page.
Some of the other tools and techniques used to attack wireless LANs include denial-of-service tools like AirJack, password dictionary attack tools like Asleap, and rogue wireless access point tools like Airsnarf. You can find literally hundreds of white papers about WLAN Security at the CWNP Learning Center. Many of those papers describe WLAN attack methods and tools (free registration required to view most papers). If you browse around the Internet a bit, you'll easily find several websites dedicated to listing WLAN attack tools and describing what they do.
Related Q&A from Lisa Phifer
The enterprise mobility management market for wearable devices is in its infancy, but IT can still use existing EMM tools to manage wearables.continue reading
Wireless expert Lisa A. Phifer explains to what extent WEP cracking remains a worrisome issue. It all depends on your company's WLAN security policy.continue reading
Wireless expert Lisa A. Phifer explains why you shouldn't stop using 802.1X authentication methods for enterprise WLAN access control.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.