As we know, WiFi hacking is one of the most popular fields among hackers. Many people do not have sufficient knowledge about WiFi network attacks, so when they are under attack, they cannot defend against it. In the following, we will examine one of the most famous hacking attacks called DOS (Denial-of-Service) attack. This attack is also known as deauthentication attack on WiFi networks.
How does a deauthentication attack work on WiFi networks?
In a deauthentication attack, an attacker sends fake packets to an Access Point and tries to disconnect all connected devices from the modem or AP. This disconnection will continue until the DOS attack is stopped.
Why is deauthentication attack performed?
You might wonder why a DoS attack is performed. Does the hacker want to prevent someone from connecting to the Wi-Fi network? The answer can be both yes and no. Because people who are new to the world of hacking and security are likely to be curious and aimless, they may simply disconnect people from the modem.
But the main goal of this attack can be much more dangerous. One of these events could be getting a handshake to hack your Wi-Fi password.
That is, after the person is exposed to the attack, when they try to reconnect to their Access Point, at the same time, the attacker performs Sniffing (listening) attack on their Wi-Fi network and eavesdrops on their communications, which later they can obtain the actual Wi-Fi password from the eavesdropped file (handshake).
How to perform a Deauthentication attack?
To perform a DoS attack on a Wi-Fi network, a hacker needs a network card that supports monitoring mode. In the first step, they need to put their WiFi adapter in monitor mode so they can scan nearby Wi-Fi networks and select their target Wi-Fi. After selecting the target BSSID, they can use it as follows:
To disconnect all users connected to the Wi-Fi network, they can use the following command:
aireplay-ng --deauth [number of packets] -a [Bssid] [Interface]
Ex: aireplay-ng –deauth 1000 -a 11:22:33:44:55:66 wlan0mon
To disconnect a specific person connected to the Wi-Fi network, they can use the following command:
aireplay-ng --deauth [number of packets] -a [Bssid] -c [target] [Interface]
Ex: aireplay-ng –deauth 1000 -a 11:22:33:44:55:66 -c 11:AA:22:33:44:BB wlan0mon
Introduction to WiFi Deauthentication Attack
In this type of attack, a hacker tries to disrupt a WiFi network by sending fake packets to the Access Point and disconnect users from it. As long as these attacks continue, users will not be able to access the WiFi network.
Objectives for performing these attacks
Hackers can have various objectives, some do it just to cause disruption and disconnect users from the WiFi network, while others perform it to hack the WiFi password.
What percentage of modems are vulnerable to DoS attacks?
Usually, all modems are vulnerable to these attacks by default if security settings are not configured on them. According to our research, almost 99% of WiFi networks are vulnerable to these attacks.
How can we prevent these attacks?
Some modems have settings for such situations, which may vary depending on the type and model of your modem. By accessing the settings of your modem and reading its instruction manual, you can review how to configure its security settings.
Protecting Wi-Fi against DOS attacks
At SPY24, we have taught various methods for wireless penetration testing that you can search and view. Implementing a DOS attack is often performed on wireless devices to obtain a handshake from the desired Wi-Fi. This method involves performing a DOS attack on the wireless network and then capturing its handshake by throwing out the connected user. With this approach, we obtain the encrypted password of the wireless device, which we can crack in later stages. However, in this tutorial, we want to teach you how to counteract this technique.
- DOS attacks have different modes and preventing them can be complicated and difficult.
- For this reason, we should prevent them as much as possible.
- To become professionally familiar with these attacks, we recommend the course “Preventing DDOS and DOS attacks” on SPY24.
- However, in this course, we will discuss methods of preventing attacks on Wi-Fi networks.
- Methods for protecting WIFI against DOS attacks.
- First of all, try to use the wireless device that you are using.
Only covers your limits.
- Refrain from using additional antennas to expand your coverage area further.
A very important and essential aspect that can help protect you against DoS attacks is to have a wireless device that has the ability to defend against such attacks or has a powerful firewall that can control these attacks. Advanced home routers currently have this capability, and you just need to configure them properly to work correctly.
Choosing the appropriate device
You can use up-to-date devices with modern technology so that the provider has very strong support to consider an update for you every few months and fix its security issues and add new security features to your device’s framework. In home modems, due to having their own specific framework and limited capabilities, you will have limited features. However, if you have one of the advanced devices using Mikrotik, you will have more control over the security aspects of your wireless device.
Summary of the Lesson
You may think that buying an expensive wireless device to protect your Wi-Fi against DOS attacks could be costly for you, but you should keep in mind that when a security problem arises, and for example, internet service consumes more than your budget, you may need to pay much higher costs. Therefore, prevention is better than cure. You should allocate an initial cost to this issue before any security problem arises so that you will not incur higher costs to solve security problems in the future, and your expenses will decrease.
Share your questions and observations with us in the comments section.