ZyXEL Communications 320W User Manual

 

All contents copyright (c) 2005 ZyXEL Communications Corporation.   

69

WEP, the encryption standard for 802.11, only encrypts the data packets not the 802.11 management 

packets and the SSID is in the beacon and probe management messages. The SSID is not encrypted if 

WEP is turned on. The SSID goes over the air in clear text. This makes obtaining the SSID easy by 

sniffing 802.11 wireless traffic.   

Many APs by default have broadcasting the SSID turned on. Sniffers typically will find the SSID in the 

broadcast beacon packets. Turning off the broadcast of SSID in the beacon message (a common practice) 

does not prevent getting the SSID; since the SSID is sent in the clear in the probe message when a client 

associates to an AP, a sniffer just has to wait for a valid user to associate to the network to see the SSID.   

The insertion attacks are based on placing unauthorized devices on the wireless network without going 

through a security process and review. 

An attacker can sniff and capture legitimate traffic. Many of the sniffer tools for Ethernet are based on 

capturing the first part of the connection session, where the data would typically include the username and 

password. An intruder can masquerade as that user by using this captured information. An intruder who 

monitors the wireless network can apply this same attack principle on the wireless. 

The default authentication service that simply announces the desire to associate with another station or 

access point. A station can authenticate with any other station or access point using open system 

authentication if the receiving station designates open system authentication. 

The optional authentication that involves a more rigorous exchange of frames, ensuring that the 

requesting station is authentic. For a station to use shared key authentication, it must implement WEP.