Wireless network reviews enable a client to evaluate the security posture of the organisation’s wireless networks.
Typically, such an engagement would be driven from the need to determine if the company’s wireless network(s) are secure.
Testing is usually staged in the following way:
Reconnaissance: Consultant will use an external wireless transceiver and begin monitoring the available wireless networks
De-Authentication: Wireless networks using WPA-PSK or WPA2-PSK can be sent a de-authentication packet so that a handshake can be captured and then later cracked
Cracking the Handshake: Off-site cracking of the handshake will be done to determine the Pre-Shared Key (password)
Documentation and Reporting
Client-side testing can also be conducted to ensure that the clients standard builds are secured to ensure that their laptops etc cannot be tricked into joining rogue networks
