ZyXEL Communications 2802HWL-IX User Manual

 

All contents copyright (c) 2007 ZyXEL Communications Corporation.   

159

WEP is turned on. The SSID goes over the air in clear text. This makes obtaining the SSID easy by 

sniffing 802.11 wireless traffic.   

 

 

Many APs by default have broadcasting the SSID turned on. Sniffers typically will find the SSID in the 

broadcast beacon packets. Turning off the broadcast of SSID in the beacon message (a common practice) 

does not prevent getting the SSID; since the SSID is sent in the clear in the probe message when a client 

associates to an AP, a sniffer just has to wait for a valid user to associate to the network to see the SSID. 

 

 

The insertion attacks are based on placing unauthorized devices on the wireless network without going 

through a security process and review. 

 

 

An attacker can sniff and capture legitimate traffic. Many of the sniffer tools for Ethernet are based on 

capturing the first part of the connection session, where the data would typically include the username and 

password. An intruder can masquerade as that user by using this captured information. An intruder who 

monitors the wireless network can apply this same attack principle on the wireless. 

 

 

Open System: 

The default authentication service that simply announces the desire to associate with another station or 

access point. A station can authenticate with any other station or access point using open system 

authentication if the receiving station designates open system authentication. 

 

Share Key: 

The optional authentication that involves a more rigorous exchange of frames, ensuring that the 

requesting station is authentic. For a station to use shared key authentication, it must implement WEP. 

 

IEEE 802.1x Port-Based Network Access Control is an IEEE (Institute of Electrical and Electronics 

Engineers) standard, which specifies a standard mechanism for authenticating, at the link layer (Layer 2),