Types of Confidentiality Attacks and Tools Used to Prevent Them
It does not matter to the attacker whether the packets are sent as plain text or in encrypted form, "Confidentiality Attacks" will intercept the data packets sent over the wireless network.
Types of Confidentiality Attacks:
Eavesdropping. This is a technique used to intercept unsecured connections in order to steal personal information.
Tools Used: Wireshark, bsd-airtools, Kismet and Ettercap
Cracking WEP Key. As the name suggests, various different tools are used to capture the WEP key in order to gain access to the wireless network.
Tools Used: Chopchop, WepDecrypt, Aircrack-ng, AirSnort, airway, wesside, WepAttack, dwepcrack and WepLab
Evil Twin AP. Personating as an authorized access point by directing the wireless LAN’s SSID to ensnare users.
Tools Used: HermesAP, WifiBSD, cqureAP, Rogue Squadron and D-Link G200
Access Point Phishing. Running a fake web server and acting as an authorized web server in order to steal user credentials, credit card numbers and other personal or financial information.
Tools Used: Hotspotter,Airsnarf, Airpwn, RGlueAP and Karma
Man-in-the-Middle Attack. It is one of the widely adapted techniques of attackers to intercept secure web connections. A proxy is installed in between the user and the web server, and then the connection is directed to the proxy instead of the web server. However, user is lured to believe that the connection still exists with the web server.
Tools Used: Ettercap-NG, dsniff and sshmitm