ZyXEL Communications P-334WT Support Notes page 49

broadcast beacon packets. Turning off the broadcast of SSID in the beacon message (a common practice)
does not prevent getting the SSID; since the SSID is sent in the clear in the probe message when a client
associates to an AP, a sniffer just has to wait for a valid user to associate to the network to see the SSID.
8. What are Insertion Attacks?
The insertion attacks are based on placing unauthorized devices on the wireless network without going
through a security process and review.
9. What is Wireless Sniffer ?
An attacker can sniff and capture legitimate traffic. Many of the sniffer tools for Ethernet are based on
capturing the first part of the connection session, where the data would typically include the username and
password. An intruder can masquerade as that user by using this captured information. An intruder who
monitors the wireless network can apply this same attack principle on the wireless.
10. What is the difference between Open System and Shared Key of Authentication Type?
Open System:
The default authentication service that simply announces the desire to associate with another station or
access point. A station can authenticate with any other station or access point using open system
authentication if the receiving station designates open system authentication.
Share Key:
The optional authentication that involves a more rigorous exchange of frames, ensuring that the
requesting station is authentic. For a station to use shared key authentication, it must implement WEP.
11. What is 802.1x?
IEEE 802.1x Port-Based Network Access Control is an IEEE (Institute of Electrical and Electronics
Engineers) standard, which specifies a standard mechanism for authenticating, at the link layer (Layer
2), users' access to IEEE 802 networks such as Ethernet (IEEE 802.3) and Wireless LAN (IEEE 802.11).
For IEEE 802.11 WLAN, IEEE 802.1x authentication can be based on username/password or digital
certificate.
12. What is the difference between force-authorized, force-unauthorized and auto ?
force-authorized—disables 802.1X and causes the port to transition to the authorized state without any
authentication exchange required. The port transmits and receives normal traffic without 802.1X-based
authentication of the client.
force-unauthorized—causes the port to remain in the unauthorized state, ignoring all attempts by the
client to authenticate. The switch cannot provide authentication services to the client through the
interface.
auto—enables 802.1X and causes the port to begin in the unauthorized state, allowing only EAPOL
frames to be sent and received through the port. The authentication process begins when the link state of
the port transitions from down to up, or when an EAPOL-start frame is received. The switch requests the
identity of the client and begins relaying authentication messages between the client and the
authentication server. Each client attempting to access the network is uniquely identified by the switch
by using the client's MAC address.