Difference between revisions of "Evil Twin Attack via Kali on Raspberry Pi"
| Line 8: | Line 8: | ||
=== Evil Twin using native Kali Linux Tools === | === Evil Twin using native Kali Linux Tools === | ||
== Potential measures to protect against Evil Twins == | |||
Organisational measures are closely linked to personal measures. As an organisational measure, it can be established, for example, that different passwords must be used for different services and applications. This can prevent the same password being used for VPN access as for Wi-Fi access. In the corporate context, the operation of a structured and continuously improving information security management system can also be categorised as an organisational measure. | |||
In the client-side area, care can be taken to ensure that the devices are configured so that only that only TLS-encrypted connections (e.g. HTTPS) are permitted. are allowed. This at least prevents the rogue access point from accessing data in plain text or manipulate it unnoticed. | |||
The use of a VPN can also be recommended as a technical measure against MitM attacks. This is usually accompanied by increased information security through encryption of the traffic, which prevents transmitted data from being read or manipulated. In the context of a Wi-Fi MitM attack, a VPN hides the client's communication, encrypts the network traffic and hides metadata such as IP addresses or domain names. | |||
Personal measures focus on the end user. Awareness-raising measures in particular can be derived in this context. It is important to sensitise users to the existing risks, make them aware and motivate them to support and implement the technical and organisational security measures. An easy-to-understand personal measure can be, for example, to pay attention to Wi-Fi names and other irregularities and to report these to the relevant reporting centres in the event of anomalies. This allows a quick response in the event of an emergency. | |||
== References == | == References == | ||
[[Category:Documentation]] | [[Category:Documentation]] | ||
Revision as of 10:29, 4 January 2024
An Evil Twin is a rogue access point designed to imitate a legitimate access point in order to carry out malicious actions such as phising.Regular laptops and Wi-Fi adapters can be used to set up an Evil Twin, or Raspberry Pis, as these are quite small and can be easily packed into a bagpack when powered by a battery bank. This setup can then be left in one place for several days, for example, during which time the AP can phish information.
Kali Linux on Raspberry Pi
Field report
Evil Twin
Evil Twin using native Kali Linux Tools
Potential measures to protect against Evil Twins
Organisational measures are closely linked to personal measures. As an organisational measure, it can be established, for example, that different passwords must be used for different services and applications. This can prevent the same password being used for VPN access as for Wi-Fi access. In the corporate context, the operation of a structured and continuously improving information security management system can also be categorised as an organisational measure.
In the client-side area, care can be taken to ensure that the devices are configured so that only that only TLS-encrypted connections (e.g. HTTPS) are permitted. are allowed. This at least prevents the rogue access point from accessing data in plain text or manipulate it unnoticed.
The use of a VPN can also be recommended as a technical measure against MitM attacks. This is usually accompanied by increased information security through encryption of the traffic, which prevents transmitted data from being read or manipulated. In the context of a Wi-Fi MitM attack, a VPN hides the client's communication, encrypts the network traffic and hides metadata such as IP addresses or domain names.
Personal measures focus on the end user. Awareness-raising measures in particular can be derived in this context. It is important to sensitise users to the existing risks, make them aware and motivate them to support and implement the technical and organisational security measures. An easy-to-understand personal measure can be, for example, to pay attention to Wi-Fi names and other irregularities and to report these to the relevant reporting centres in the event of anomalies. This allows a quick response in the event of an emergency.