Summary

In this chapter, we have made some key observations about WLAN protocols.

Management, control, and data frames are unencrypted and thus can be easily read by someone who is monitoring the airspace. It is important to note here that the data packet payload can be protected using encryption to keep it confidential. We will talk about this in the next chapter.

We can sniff the entire airspace in our vicinity by putting our card into monitor mode.

As there is no integrity protection in management and control frames, it is very easy to inject these packets by modifying them or replaying them as-is using tools such as aireplay-ng.

Unencrypted data packets can also be modified and replayed back to the network. If the packet is encrypted, we can still replay the packet as-is, as WLAN by design does not have packet replay protection.

In the next chapter, we will look at different authentication mechanisms that are used in WLANs such as MAC filtering and shared authentication, and understand the various security flaws in them through live demonstrations.