Securing Network from Attacks

Securing Network from Attacks” To safeguard our network from the pre-connection attacks mentioned in the previous section, we must access the router’s settings page. This can be done by accessing the WEP page of the router, which is typically located at the IP address of the router. Initially, we must obtain the IP address of the computer by running the command “ifconfig wlan0.” The highlighted portion in the screenshot below demonstrates the computer’s IP address.

Next, we must open a browser and type in the IP address 192.168.1.1. In the given example, the computer’s IP address is 16, and typically, the IP of the router is the first IP of the subnet. Thus, the IP of the router is 192.168.1.0, and adding the number 1 to it will take us to the router settings page. Once on the settings page, the user will be prompted to enter their username and password. By providing the correct login credentials, access can be granted to the router settings.

To defend against deauthentication attacks, one can take several precautions. One effective measure is to connect to the router using an Ethernet cable and make necessary security modifications, such as changing the encryption, password, and other recommended settings to enhance the overall security. By implementing these measures, the attacker would be unable to access the network or acquire the encryption key.

The configuration settings of routers vary depending on the router model. However, the process for altering the settings is typically the same. It is usually the case that the router is situated at the first IP of the subnet, and we can locate our IP address by utilizing the ifconfig command, which we previously used in this section. In this instance, our IP address was determined to be 192.168.1.16, and by changing the last digits from 16 to 1, we were able to access the first IP, which corresponds to the router’s IP address.

Upon accessing the Wireless Network Settings, a plethora of options become available to modify the network. These settings offer a wide range of options to enhance and customize the network to better suit specific needs and preferences.

The provided screenshot indicates that the wireless feature is currently Enabled, and it is possible to modify network details such as the name of the network under SSID, and adjust settings like the Channel Number and Band.

Upon navigating to the WPS option, it is evident that the WPS feature is currently Disabled. Additionally, since the network is not employing WEP encryption, potential attackers will not be able to exploit any known WEP vulnerabilities to crack the encryption.

We have taken measures to enhance the security of our network by disabling WPS and instead implementing WPA, which is known to be more secure. This move makes it difficult for attackers to use tools like reaver to discover the WPS PIN and then figure out the password. Instead, an attacker would need to obtain the network’s handshake and use a wordlist to crack the password. However, since we have chosen a highly randomized password that does not include numbers or digits, the chances of someone successfully guessing it are minimal.

We also noticed that our Access Control features allow us to include different modes, such as the Allow List or Deny List. This added security feature helps us to better manage who can access our network, making it harder for attackers to gain unauthorized entry.

In order to control network access, it is possible to specify the MAC addresses of devices that are either permitted or prohibited from connecting to the network. This is useful in scenarios where only certain authorized devices are allowed to connect, such as in a company where a specific set of computers are approved. By adding the MAC addresses of approved devices to an Allow or Whitelist, even someone with the correct key will be unable to access the network if their device is not on the list. Conversely, by adding a suspicious device or person’s MAC address to a Deny List, they will be prevented from connecting to the network.

Thank you for choosing this platform to learn about Securing Network from Attacks. For further valuable insights on ethical hacking, we encourage you to follow us regularly @ tutorials.freshersnow.com to stay updated and informed.