Wireless Security Assessment
Unleash Wireless Potential, Fortify Security First
Due to the extreme difficulty in preventing physical access to wireless networks, they are particularly vulnerable to both passive and active attacks. A passive attack is one in which an attacker captures signals flowing from authorized devices, such as a corporate laptop to an authorized Access Point (AP). An active attack is one in which an attacker sends signals to the authorized AP in order to solicit specific responses and intrude upon the corporate network, typically, in a very short timeframe.
What Can Elevate Do For Your Organization
Elevate will conduct configuration reviews, technical testing, and scanning for rogue AP detection. We will first passively monitor the wireless network to determine weaknesses, and then, if necessary, actively attack the network to gain access by breaking encryption keys or bypassing other security measures. Results of the test may include, as appropriate:
- Discover Wireless Access Points and Workstations
- Investigate rogue devices installed without IT department consent
- Assess Wi-Fi RF coverage by trying to sniff from adjacent buildings and public locations
- Determine the existing Wi-Fi Security Infrastructure
- Attempt to compromise the wireless security
- Determine encryption type and compromise the security
- Evaluate Security design flaws
Elevate uses a structured and iterative process, testing the network architecture, systems configurations, processes, and procedures that affect the ability to protect your wireless network from unauthorized access.
At your request, we will attempt to detect, analyze, and compromise the wireless networks in place.
Wireless clients are a critical part of the security of a wireless network. However, clients are often overlooked during testing. At your request, Elevate can establish rogue access points and attempt to coerce clients to attach, in order to demonstrate the ability of an attacker to compromise laptops and other devices which connect to the wireless network.
This threat exists not only on a corporate campus but also in coffee shops, airports, and other public places where laptops may be used. Attackers can take this opportunity to compromise the laptop, which then reenters the corporate network.