Wireless Network Disconnection Issues

Introduction

• Sudden disconnection from a wireless network can occur repeatedly without warnings.
• This disconnection is often due to a wireless deauthentication attack, a type of denial of service.

Deauthentication Attack

• Cause: Exploits the lack of security in management frames in earlier 802.11 specifications.
  • Management frames connect, manage, and disconnect devices from the network.
  • These frames are unencrypted and visible to attackers.
• Attack Mechanism:
  • Requires knowledge of the MAC address of the target device.
  • Uses tools like aero dump-ng to list access points and connected devices.
  • Uses airreplay-ng to send deauthentication frames to disconnect the target device.

Vulnerability and Security Updates

• Earlier 802.11 specs had vulnerabilities due to unencrypted management frames.
• 802.11ac and newer: Encrypt critical management frames to prevent attacks.
  • Encrypted frames: disassociate, deauthenticate, and channel switch announcements.
  • Some frames remain unencrypted for essential network operations: beacons, probes, authentication, and association.

Radio Frequency (RF) Jamming

• Another Denial of Service Method: Affects all devices on a frequency.
• Method:
  • Interference with wireless signals to lower signal-to-noise ratio.
  • Common culprits include microwave ovens and fluorescent lights.
  • Deliberate jamming by attackers increases noise to obstruct communication.
• Detection:
  • Requires proximity to the access point by the attacker.
  • Detection through techniques like fox hunting using a directional antenna.

Conclusion

• Wireless deauthentication attacks and RF jamming are significant threats to network stability.
• Understanding these threats and advancements in wireless security can help mitigate these risks.