Document Type

Conference Proceeding

Publisher

Edith Cowan University

Faculty

Computing, Health and Science

School

School of Computer and Information Science

RAS ID

3075

Comments

This article was originally published as: Yek, S. (2005). How to build a faraday on the cheap for wireless security testing. Proceedings of the 3rd Australian Computer, Network and Information Forensics Conference . (pp. 126-130). Perth, WA: Edith Cowan University.

Abstract

The commonly known security weaknesses associated with the 802.11b wireless standard have introduced a variety of security measures to countermeasure attacks. Using a wireless honeypot, a fake wireless network may be configured through emulation of devices and the TCP/IP fingerprinting of OS network stacks. TCP/IP fingerprinting is one of the most popular methods employed to determine the type of OS running on a target and this information can then be used to determine the type of vulnerabilities to target on the host. Testing the effectiveness of this technique to ensure that a wireless honeypot using honeyd may deceive an attacker has been an ongoing study due to problems conducting TCP/IP fingerprinting in the wireless environment. Research conducted in a university laboratory showed that the results were ineffective and the time taken to conduct testing could be as long as 60 hours. The subsequent exploration of different testing methods and locations illuminated on an ideal research facility called a faraday cage. The design and construction of the faraday is discussed in this paper as an affordable solution for controlled and reliable testing of TCP/IP fingerprinting against the scanning tool Network Mapper (NMAP). The results are useful when looking to deploy a deceptive honeypot as a defence mechanism against wireless attackers.

Access Rights

free_to_read

 
COinS