Wireless Hacking Tools
Figure 3 - Beacon Flooding
Figure 3 shows an example of the beacon flooding attack. The legitimate AP emits a legitimate beacon signal that the user will look for. The fake AP is emitting many fake beacon signals. The user has a much better chance of trying to connect to one of the fake beacon signals rather than the one legitimate one. This leads to a DoS since the user cannot connect to the legitimate AP.
Another type of DoS attack is radio frequency jamming. In this case the attacker jams the frequency of the Wireless Local Area Network (WLAN); most likely with a much higher power level allowed by the regulation. This will not allow anyone access to the WLAN.
Again the idea of a DoS attack is to prevent the user from gaining access to the network. This is done by attacking certain pieces of the network usually those needed to connect to the network. Flooding and RF jamming are two examples of DoS attacks.
4.1 Availability Attack Tools
The list of attack tools for availability is similar to that of integrity. Many of the same tools can be used because of the similarity in the attacks. Many of the flooding attacks can be accomplished by using the injection attack tools on top of the flooding tools. To execute an authentication flooding attack, you could use frame injection to inject many authentication frames from different MAC addresses. This will fill up the authentication table of the AP and make it difficult for a legitimate user to connect.
There are, however, some specific tools available to launch these attacks that are separate from the integrity attack tools. FakeAP  generates thousands of 802.11 APs or more specifically it generates thousands of 802.11 beacon signals that can be used for the beacon signal flooding attack.
7 of 12
12/19/2007 5:16 PM