ZyXEL Communications NWA-3500 User Manual page 189
802.11a/g dual radio wireless business ap 802.11a/g dual radio outdoor wlan business ap
Hide thumbs
Also See for NWA-3500:
- User manual (324 pages) ,
- Quick start manual (130 pages) ,
- Specifications (2 pages)
Table of Contents
Advertisement
Chapter 15 Rogue AP Detection
The friendly AP list displays details of all the access points in your area that you
know are not a threat. If you have more than one AP in your network, you need to
configure this list to include your other APs. If your wireless network overlaps with
that of a neighbor (for example) you should also add these APs to the list, as they
do not compromise your own network's security. If you do not add them to the
friendly AP list, these access points will appear in the Rogue AP list each time the
NWA scans.
"Honeypot" Attack
Rogue APs need not be connected to the legitimate network to pose a severe
security threat. In the following example, an attacker (X) is stationed in a vehicle
outside a company building, using a rogue access point equipped with a powerful
antenna. By mimicking a legitimate (company network) AP, the attacker tries to
capture usernames, passwords, and other sensitive information from
unsuspecting clients (A and B) who attempt to connect. This is known as a
"honeypot" attack.
Figure 107 "Honeypot" Attack
If a rogue AP in this scenario has sufficient power and is broadcasting the correct
SSID (Service Set IDentifier) clients have no way of knowing that they are not
associating with a legitimate company AP. The attacker can forward network
traffic from associated clients to a legitimate AP, creating the impression of normal
service. This is a variety of "man-in-the-middle" attack.
189
NWA-3500/NWA-3550 User's Guide
- Quick Links:
- Wireless Configuration
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
