Proximity Attack

Information is literally bursting out of some wireless networks. Many
people equip their laptops with 802.11b cards and attach small antennas
only a few centimeters long to the external ports of the wireless network
cards to give the signal some gain. With this type of setup, the
hacker can walk or drive outside a building that houses an 802.11b network,
set his card to promiscuous mode, and then from the street pick
up the signal and access the wireless network without anyone in the
company even realizing it!
Many department stores set up wireless cameras to transmit digital
images of different sections within the store to a main computer to monitor
everything going on in the store. These types of cameras are easy to
set up because they have no wires to install. Unfortunately, the same
type of proximity attack used to access a wireless LAN can be used to
intercept the video feeds of these wireless cameras. Potential thieves
can literally case the routine of the store and its workers to devise a
method for stealing from the store without anyone knowing.
When a hacker tries to sign onto the network, his first step is to try to
determine your service set identifier (SSID), which corresponds to the
name of your wireless network. The hacker can then use that SSID to
access your wireless LAN by having your router assign him an address
through DHCP. In most cases, however, it is not even necessary for the
hacker to know your SSID to gain access and get a dynamically assigned
IP address. Most wireless routers are so “user friendly” that whenever a
mobile device has a blank entry for the SSID it is to lock onto, it will look
for any SSID in range of the device and roam right onto the LAN.

You can impose specific restrictions on your network by assigning
wireless users a predefined media access control (MAC) address (which
essentially is a unique number that identifies your network card) such
that only machines you want to have access can gain entry into your
LAN. But, like most technology items today, that too can be easily
spoofed. Mobile devices now have the ability to copy the MAC address
and use the number they copy as their own. For all intents and purposes,
it is always possible to gain access into your wireless LAN if there is
enough time, motivation, and desire to get there.
The MAC address is a hardware address that uniquely identifies each
node of a network. In 802.11 networks, the data link control (DLC) layer
of the OSI reference model is divided into two sublayers:
1. The logical link control (LLC) layer
2. Media access control (MAC) layer
The MAC layer interfaces directly with the network media. Consequently,
each different type of network media requires a different MAC
layer. 221