Design And Implementation Of Wireless Network Security Detection System Based On Openwrt

With the rapid development of wireless network technology and the extensive use of mobile intelligent terminal equipment, more and more public places, home and office environment choose to use wireless network. With the concept of "wireless campus", "wireless city","wireless rural" and "wireless subway", WLAN hotspots in public places have been gradually realized and become an important part of people's daily life. However, a large number of wireless access points, or even free wireless access points, to provide people with convenient, high-speed network services at the same time, the existence of security risks can not be ignored.In this paper, we analyze and study common security threats, attack principle and detection technology principle in wireless LAN, and propose and design a wireless network security detection system based on OpenWrt. The main work is as follows:(1) Analyze the common security threats and the main wireless attack technologies in wireless LAN. In-depth analysis of the WEP protocol, WPA / WPA2-PSK protocol security flaws and the key to crack the principle of the wireless network for DoS attack using the principle of pseudo-AP attack principle, wireless network through HTTP / HTTPS protocol data transmission The process of intercepting the principle of information.(2) Designed a set of Open Wrt system as the kernel, the bottom of the integrated uhttpd, Aircrack-ng, Ngrep, SSLStrip, iptables, python and other software packages, top using php, html and other programming languages to ordinary router hardware infrastructure Wireless network security detection system. Based on Aircrack-ng, an open source wireless network security assessment tool suite, a rule database of wireless DoS attack is established, and a rule base of legitimate AP's SSID and MAC address is built. Combined with open source software Ngrep, SSLStrip and iptables, , WPA / WPA2-PSK protocol keys, wireless DoS attacks,pseudo AP attacks, HTTP / HTTPS sensitive data, traffic redirection and other detection functions.(3) By setting up wireless LAN testing environment of different scenarios to simulate different attack scenarios, the wireless weak password detection, wireless DoS attack detection, wireless pseudo AP detection, HTTP / HTTPS sensitive data detection and traffic redirection Detection function to test.Based on OpenWrt, a custom router with security detection function can detect the wireless network environment surrounding the router and the behavior of the HTTP application layer network connecting users.The wireless router can be used as an portable, convenient and multi-functional network layer wireless network security detection platform.