After a user performed a war driving attack, the network administrator noticed several similar markings
where WiFi was available throughout the enterprise. Which of the following is the term used to describe
these markings?
A.
IV attack
B.
War dialing
C.
Rogue access points
D.
War chalking
Explanation:
War chalking is the act of making chalk marks on outdoor surfaces (walls, sidewalks, buildings, sign posts,
trees) to indicate the existence of an open wireless network connection, usually offering an Internet
connection so that others can benefit from the free wireless access. The open connections typically come
from the access points of wireless networks located within buildings to serve enterprises. The chalk
symbols indicate the type of access point that is available at that specific spot.
Incorrect Answers:
A: An initialization vector is a random number used in combination with a secret key as a means to
encrypt data. This number is sometimes referred to as a nonce, or “number occurring once,” as an
encryption program uses it only once per session.
An initialization vector is used to avoid repetition during the data encryption process, making it
impossible for hackers who use dictionary attack to decrypt the exchanged encrypted message by
discovering a pattern. This is known as an IV attack.
A particular binary sequence may be repeated more than once in a message, and the more it appears, the
more the encryption method is discoverable. For example if a one-letter word exists in a message, it may
be either “a” or “I” but it can’t be “e” because the word “e” is non-sensical in English, while “a” has a
meaning and “I” has a meaning. Repeating the words and letters makes it possible for software to apply a
dictionary and discover the binary sequence corresponding to each letter.
Using an initialization vector changes the binary sequence corresponding to each letter, enabling the
letter “a” to be represented by a particular sequence in the first instance, and then represented by a
completely different binary sequence in the second instance.
An IV attack does not involve marking external surfaces to indicate open Wifi networks.B: War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually
dialing every number in a local area code to search for computers, Bulletin board systems and fax
machines. Hackers use the resulting lists for various purposes: hobbyists for exploration, and crackers –
malicious hackers who specialize in computer security – for guessing user accounts (by capturing
voicemail greetings), or locating modems that might provide an entry-point into computer or other
electronic systems. It may also be used by security personnel, for example, to detect unauthorized
devices, such as modems or faxes, on a company’s telephone network. War dialing does not involve
marking external surfaces to indicate open Wifi networks.
C: A rogue access point is a wireless access point that has either been installed on a secure company
network without explicit authorization from a local network administrator, or has been created to allow a
hacker to conduct a man-in-the-middle attack. Rogue access points of the first kind can pose a security
threat to large organizations with many employees, because anyone with access to the premises can
install (maliciously or non-maliciously) an inexpensive wireless router that can potentially allow access to
a secure network to unauthorized parties. Rogue access points of the second kind target networks that do
not employ mutual authentication (client-server server-client) and may be used in conjunction with a
rogue RADIUS server, depending on security configuration of the target network. This is not what is
described in the question.http://www.webopedia.com/TERM/W/warchalking.html
http://www.techopedia.com/definition/26858/initialization-vector
http://en.wikipedia.org/wiki/War_dialing
http://en.wikipedia.org/wiki/Rogue_access_point