Honeypot" Attack; Figure 81 Rogue Ap: Example - ZyXEL Communications NWA-3500 User Manual
802.11a/b/g wireless access point
Hide thumbs
Also See for NWA-3500:
- User manual (408 pages) ,
- Quick start manual (130 pages) ,
- Specifications (2 pages)
Table of Contents
Advertisement
Chapter 11 Rogue AP
Figure 81 Rogue AP: Example
11.2.1 "Honeypot" Attack
Rogue APs need not be connected to the legitimate network to pose a severe security threat. In
the following example, an attacker (X) is stationed in a vehicle outside a company building,
using a rogue access point equipped with a powerful antenna. By mimicking a legitimate
(company network) AP, the attacker tries to capture usernames, passwords, and other sensitive
information from unsuspecting clients (A and B) who attempt to connect. This is known as a
"honeypot" attack.
If a rogue AP in this scenario has sufficient power and is broadcasting the correct SSID
(Service Set IDentifier) clients have no way of knowing that they are not associating with a
legitimate company AP. The attacker can forward network traffic from associated clients to a
legitimate AP, creating the impression of normal service. This is a variety of "man-in-the-
middle" attack.
This scenario can also be part of a wireless denial of service (DoS) attack, in which associated
wireless clients are deprived of network access. Other opportunities for the attacker include
the introduction of malware (malicious software) into the network.
142
ZyXEL NWA-3500 User's Guide
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
