Wireless Security
WiFi protocols, WPA3, wireless attacks, and network protection.
Overview
Wireless security protects WiFi networks from unauthorized access.
WiFi Security Protocols
| Protocol | Year | Security |
|---|---|---|
| WEP | 1999 | Broken |
| WPA | 2003 | Weak |
| WPA2 | 2004 | Secure |
| WPA3 | 2018 | Most Secure |
WPA3 Features
- SAE Authentication — Dragonfly key exchange
- Protected Management Frames — Prevents deauth attacks
- Forward Secrecy — Past sessions uncompromised
- Longer Passwords — 63 character minimum
Wireless Attacks
Evil Twin
Architecture Diagram
Attack: Create fake access point
Defense: WIDS, certificate validation
Deauthentication
Architecture Diagram
Attack: Force clients to disconnect
Defense: PMF (Protected Management Frames)
KRACK Attack
Architecture Diagram
Attack: WPA2 handshake interception
Defense: Updated firmware, WPA3
Wireless Security Configuration
# Hostapd configuration (WPA3)
interface=wlan0
driver=nl80211
ssid=SecureNetwork
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=3
wpa_passphrase=StrongPassword123!
wpa_key_mgmt=SAE
wpa_pairwise=CCMP
rsn_pairwise=CCMP
Wireless Intrusion Detection
# Monitor mode
airmon-ng start wlan0
# Capture traffic
airodump-ng wlan0mon
# Detect rogue APs
wash -i wlan0mon
Best Practices
- WPA3 — Use latest protocol
- Strong passwords — 12+ characters
- Guest network — Isolate visitors
- MAC filtering — Additional layer
- Regular monitoring — Detect anomalies
Practice
Set up a secure wireless network with WPA3 and monitor for attacks.