วันอังคารที่ 20 ธันวาคม พ.ศ. 2554

Blocking a wireless network? is a breeze

In this article we can, using special instruments, to catch up to block a wireless network. We will also try to figure out how to defend ourselves from this insidious attack.

Blocking a wireless network? is a breeze

They are called Jammer: are small devices that generate powerful radio signals are able to "disable", for the duration of the attack, a radio frequency communications.

We will analyze this type of attack in a wireless (WLAN), you can discover how all of this and try to understand how one could defend against this technique cracking.

I'll try to be very simple and basic, so that perhaps even the most experienced smile, but in any case it is necessary a little introduction.

Introduction to Telecommunications

Generally, the signals that are transmitted into the ether (radio waves) belong to the category of variable signals, ie signals that vary over time. Here is the classic example of a variable signal: sinusoidal signal:

The period is simply the duration of the oscillation, while the frequency is the number of times the signal repeats per second. So a signal with a frequency of 50Hz, will be repeated 50 times per second.

Any information, coming from a computer or other devices, to be transmitted into the ether, must first be subjected to a transformation called modulation.

The information, which is our data, since at low frequency can not be directly sent into the ether, but must be incorporated in a high-frequency signal, stable and able to travel in the ether: this signal is called a carrier. Then the output will change as a function of carrier data signal.

This is called modulation and can be schematically represented as follows:

The data signal is obviously our information, that is, for example from your PC or another, while the carrier signal is a fixed signal and, as we said before, in high frequency, which is created in part by a component called the oscillator.

The oscillator is a device from the power supply is capable of generating a variable signal (in this case a sine wave) amplitude and frequency desired.

In summary, in a system that must be transmitted over radio waves, we have the following blocks:

At the receiver, we have the demodulation process, ie the modulated signal is obtained from the data signal.

In order to receive the data sent, it is necessary that the receiver is tuned to the same transmission frequency (frequency of the carrier signal and then the modulated signal).

802.11b / g (Wi-Fi) operates on the frequency around 2.4 GHz then the access point and wireless clients are synchronized and share data on the frequency.

But what would happen if a third device from coming within range of your wireless network and start sending a burst of random data in the same wireless frequency? Happen that the random data sent from the device to interfere with the communication should be "clean" between the access point and clients by creating loud noises up to overtake, dropping the communication. The Jammers do just that. (In practice, it is similar to the flood that we are only at the physical level OSI).

How does a jammer

There is a unique pattern, but in general we can reduce a jammer in 5 blocks:

To understand the first block is first necessary to understand the second, the oscillator VCO (Voltage Controlled Oscillator) is an oscillator whose frequency depends on the output signal voltage supplied input, our wireless communications in frequency is around 2 , 4 GHz and especially 802.11b and 802.11g standard shares with 11 channels, thus generating a signal of 2.4 GHz could perfectly well be that you do not "guesses" the precise frequency since the communication may be in a band frequency side.

But if we oscillator input voltage that varies over time repeatedly from a minimum to a maximum, we will have an output signal whose frequency varies repeatedly within a range (eg 2350 - 2450MHz), and here we would have a carrier signal to frequency of which varies between two intervals could then be covered (albeit periodically) throughout the wireless band.

To make sure you have a signal whose frequency number repeatedly, you must provide a voltage to the oscillator also repeatedly that several; here is the usefulness of the first block.

A possible solution for this first block could be a triangular wave generator, but we will use an astable multivibrator:

This circuit uses the charging and discharging the capacitor to generate the output (Vo) a rectangular wave, but if we just exploit the charge and discharge the capacitor, the voltage across its terminals straightening with a diode, a signal that we repeatedly and varies consistently just as we wanted. Here's how it will be our signal Vc:

Just what we needed, so that once the signal gets, the higher the frequency that will send ...

This tension, therefore, will be entering the second block (oscillator), we will create it with a variable frequency signal, which will be our carrier signal. Now continue in the third block, we have the modulator that receives as input the output from the oscillator carrier we, as a data signal instead we take the square wave generated that we had missed in the first block (Vo), in practice as we have a data signal continuous sequence of 0 and 1.

At this point we have our modulated signal and capable of covering the entire wireless band, but before it is sent, the final amplification is required by a specific radio frequency amplifier (the fourth block).

Once amplified, the signal is ready to be forwarded to the antenna to be shown in the ether, without going into details, the antenna must be omni-directional and high gain.

How can I protect myself

Personally I think the very rare case that such an attack can be made to a home WLAN, because the jammer requires significant power transmission, wireless traffic to compromise and must therefore be relatively close to the target. In practice, an attacker would almost enter into the house to be a danger all'incolumità of your network, in any case would not be worth the effort if not for a simple joke.

The speech is different in an area where there are several hot spots, such as a mall, in this case would be very easy to launch this attack and go unnoticed, were also a cause greater damage.

Describe a few techniques to try to defend against this type of attack.

The most common way to defend is to change the communication channel, the standard provides 802.11b and g 1 to 11 channels, a possible remedy would be to choose communication channels at the extremes, for example channel 11 and If possible, configure the access point so that if necessary to use other channels automatically.

However, as we have previously seen in the diagram, just that the jammer has a circuit that allows you to vary the frequency of oscillation, the attack becomes larger, being able to cover all the available channels.

For the next defense technique abandon the physical layer to application layer jump, in fact we find solace in an interesting program called Netstumbler downloaded here.

This program allows you to observe in real time the characteristics of the wireless signal that reaches the client.

The program displays with green vertical lines, the signal strength and the vertical red lines, any noise

In this figure we see a good condition of access, as the green lines are very high (synonymous with good reception) and no noise (no red line).

In another case, however, we receive an average, but above all the presence of noise (red lines), which can be caused by external factors.

In the case of an attack Jammering noise becomes clearly disproportionate.

By installing this program on a laptop so we can start out by following the intensity of the noise until you find the source of the disturbance and to identify any jammer.

Last advice on how to defend ourselves if attacked is to lower temporarily the connection speed, because doing so reduces the ratio between the signal and noise, making it easier to receive the devices, but this is a solution that may not pleasure.

Conclusion must be stated that these attacks are quite rare, because these devices are not easily accessible, but especially for the absence of a valid purpose or gain to justify the attack, but I still think it should be informed of this possibility.

See Pictures and Read more : Blocking a wireless network? is a breeze

ไม่มีความคิดเห็น:

แสดงความคิดเห็น