Wireless networks are very common at the airports across the world. The wireless networks at the airports are typically to address the internal network connectivity requirements.
We do not intent to discuss the use case of the Wireless Networks at Airports; however, a break in would lead to the access to the internal networks. In our assessment, we were asked to break into the internal network from the airport lobby.
The scope of the assessment included:
- Physical security of wireless access points
- Wireless signal strength (heatmap)
- Encryption algorithms such as WEP, WPA, LEAP, PEAP
- Network architecture and security zones
- De-authentication vulnerabilities
- “Evil Twin” attacks
- Traffic overload via flooding
- Traffic replay / injection
A number of vulnerabilities were identified during the assessment. The airport IT team was quick to respond to the vulnerabilities. Configurations were modified and additional controls were implemented.
To conduct a Wireless LAN Penetration Testing services, contact us
