What Is a Wireless Penetration Test?

Wireless networking makes communicating and connecting to the Internet convenient and easy, but it can be a problem to keep it secure because of the open availability of the signal. The way to test that security is though a wireless penetration test. By running a spectrum of tests that emulate the different types of possible attacks, a wireless penetration test, often called a pen test, can determine the weak spots of a wireless network.

By sending out a signal through the atmosphere similar to a radio signal, it is hard to limit the distance of a wireless signal. This is the main problem when it comes to wireless security, as virtually anybody within a certain radius of the signal can access it, including non-authorized users, unless certain measures are taken. This is why wireless penetration tests came about, although in many cases the tests were created by non-authorized users, referred to as hackers, for the purpose of infiltrating a network.

Wireless penetration tests vary in both the type of tools used and the tests run, but several basic tests are usually included. The most common types of tests run in a wireless penetration test include denial of service attacks, man-in-the-middle-attacks, security leaks, and address spoofing. Denial of service attacks are run to emulate a hacker who would flood the network with traffic to effectively shut it down, while man-in-the-middle attacks are essentially ways to eavesdrop into the network and monitor information. Security leaks test for ways a hacker could get it by stealing authentication keys, and address spoofing tests wireless networks to see if it’s easy for someone to pretend as if they are actually on the network legitimately.

In addition to tests that look for security loopholes, a wireless penetration test can look for rogue access points. These are physical connections to a network that someone, usually a hacker, installed without the knowledge of the person running the network, allowing unfettered access to an otherwise secure network. Large companies are particularly prone to rogue access points.

Professional networking security companies run wireless penetration tests for their clients, but independent users, usually hackers, create many of the tools available in an open-source format, which means anyone can use them or modify them. Although it does require some knowledge of computer networks to run a wireless penetration test, many of the tools used to run the tests are simple and small, which means they can fit on a small, portable drive, making them accessible to smaller companies and home users.