Wi-Fi deauthentication attack

CybersalCybersal Member, Beta Tester Posts: 14
10 Comments Name Dropper 5 Likes Photogenic
A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point.
If someone is trying to deauthentice one of my devices on the network, will my Fingbox be able to let me know?
I tested this on my network and there is no indication that anything has happened or red flags.




niknickkltaylor

Answers

  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    Fingbox is detecting de-authentication flood attacks through its WiFi Intrusion Protection feature. 
    https://help.fing.com/knowledge-base/wifi-intrusion-protection/
    Do you have your access points protected with WiFi intrusion? 
    And did you receive any alert for another access point?
    Could you tell us more about how you tested this? (Don't have to give instructions about how to do this attack - but anymore info on if another access point was used would be helpful.) 

    Community Manager at Fing

    kltaylorRobinMarcHronos
  • CybersalCybersal Member, Beta Tester Posts: 14
    10 Comments Name Dropper 5 Likes Photogenic

    Hi ,I do see see that it protects against this attack, but how does it warn you?

    I used Kali Linux and wifite to deauth.

    I can try it again when I have time and look to see if the Fingbox warns me or give me any indication.

    kltaylor
  • RobinRobin Administrator Posts: 2,081
    100 Answers 1000 Comments 250 Likes 25 Agrees
    admin
    Hi @Cybersal
    To get the alerts for the attack, Can you please try to pass the minimum threshold and see if the Fingbox is able to provide you with an alert or not.

    In order to avoid false alarms, there are minimum thresholds to raise an alarm:
    - the minimum duration of attack: 10-30 seconds
    - minimum deauth packets per second: 30/sec
    Our Engineers have tested deauth attack with aircrak several times and the attack was detected and was reported within 5 minutes with mail and event in fingbox logs.
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
    kltaylorHronos
  • CybersalCybersal Member, Beta Tester Posts: 14
    10 Comments Name Dropper 5 Likes Photogenic

    Hi Robin

    Thanks for the feedback. Can you tell me where to set the minimum threshold. I went through the Fing app settings and cannot find it.

    kltaylorVioletChepil
  • RobinRobin Administrator Posts: 2,081
    100 Answers 1000 Comments 250 Likes 25 Agrees
    admin
    Hi @Cybersal
    There is no setting on the Fing app to set the minimum threshold. I shared the minimum threshold already set by default for any attacks like deauth attacks to be notified. The device from which you are trying to send De-auth packets needs to pass this minimum threshold so that Fingbox can alert you for the attack.
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
    kltaylorMarcVioletChepil
  • kltaylorkltaylor Moderator, Beta Tester Posts: 1,188
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    Great suggestions, @Robin!
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    VioletChepil
  • VioletChepilVioletChepil London, UKMember Posts: 2,471
    100 Answers 500 Likes 1000 Comments 100 Agrees
    ✭✭✭✭✭✭
    @Cybersal let us know anything else you need! 

    Community Manager at Fing

Sign In or Register to comment.