Mojo Networks Inc. SS300AT Manual Do Utilizador
Setting
ȱupȱtheȱServerȱConsoleȱ
SpectraGuard
®
ȱEnterpriseȱInstallationȱGuideȱ
73
ȱ
Figure 100.
Intrusion Prevention Policy
Youȱcanȱenableȱintrusionȱpreventionȱagainstȱtheȱfollowingȱthreats:ȱ
x
Rogue
ȱAPs:ȱAPsȱthatȱareȱconnectedȱtoȱyourȱnetworkȱbutȱnotȱauthorizedȱbyȱtheȱadministrator;ȱanȱattackerȱcanȱgainȱ
accessȱtoȱyourȱnetworkȱthroughȱtheȱRogueȱAPs.ȱYouȱcanȱalsoȱautomaticallyȱquarantineȱUncategorizedȱIndeterminateȱ
andȱBannedȱAPsȱconnectedȱtoȱtheȱnetwork.ȱ
andȱBannedȱAPsȱconnectedȱtoȱtheȱnetwork.ȱ
x
Mis
ȬconfiguredȱAPs:ȱAPsȱthatȱareȱauthorizedȱbyȱtheȱadministratorȱbutȱdoȱnotȱconformȱtoȱtheȱsecurityȱpolicy;ȱanȱ
attackerȱcanȱgainȱaccessȱtoȱyourȱnetworkȱthroughȱmisconfiguredȱAPs.ȱThisȱcouldȱhappenȱifȱtheȱAPsȱareȱreset,ȱ
tamperedȱwith,ȱorȱifȱthereȱisȱaȱchangeȱinȱtheȱsecurityȱpolicy.ȱ
tamperedȱwith,ȱorȱifȱthereȱisȱaȱchangeȱinȱtheȱsecurityȱpolicy.ȱ
x
Client
ȱMisȬassociation:ȱAuthorizedȱClientsȱthatȱconnectȱtoȱRogueȱorȱExternalȱ(neighboring)ȱAPs;ȱcorporateȱdataȱonȱ
theȱAuthorizedȱClientȱisȱunderȱthreatȱdueȱtoȱsuchȱconnections.ȱAirTightȱrecommendsȱthatȱyouȱprovideȱautomaticȱ
intrusionȱpreventionȱagainstȱAuthorizedȱClientsȱthatȱconnectȱtoȱExternalȱAPs.ȱ
intrusionȱpreventionȱagainstȱAuthorizedȱClientsȱthatȱconnectȱtoȱExternalȱAPs.ȱ
x
Unauthorized
ȱAssociations:ȱUnauthorizedȱandȱBannedȱClientsȱthatȱconnectȱtoȱAuthorizedȱAPs;ȱanȱattackerȱcanȱgainȱ
accessȱtoȱyourȱnetworkȱthroughȱAuthorizedȱAPsȱifȱtheȱsecurityȱmechanismsȱareȱweak.ȱUnauthorizedȱorȱ
UncategorizedȱClientȱconnectionsȱtoȱanȱAuthorizedȱAPȱusingȱaȱGuestȱSSIDȱareȱnotȱtreatedȱasȱunauthorizedȱ
associations.ȱ
UncategorizedȱClientȱconnectionsȱtoȱanȱAuthorizedȱAPȱusingȱaȱGuestȱSSIDȱareȱnotȱtreatedȱasȱunauthorizedȱ
associations.ȱ
x
Ad
ȱhocȱConnections:ȱPeerȬtoȬpeerȱconnectionsȱbetweenȱClients;ȱcorporateȱdataȱonȱtheȱAuthorizedȱClientȱisȱunderȱ
threatȱifȱitȱisȱinvolvedȱinȱanȱadȱhocȱconnection.ȱ
x
MAC
ȱSpoofing:ȱAnȱAPȱthatȱspoofsȱtheȱwirelessȱMACȱaddressȱofȱanȱAuthorizedȱAP;ȱanȱattackerȱcanȱlaunchȱanȱattackȱ
throughȱaȱMACȱspoofingȱAP.ȱ
x
Honeypot/Evil
ȱTwinȱAPs:ȱNeighboringȱAPsȱthatȱhaveȱtheȱsameȱSSIDȱasȱanȱAuthorizedȱAP;ȱAuthorizedȱClientsȱcanȱ
connectȱtoȱHoneypot/EvilȱTwinȱAPs.ȱCorporateȱdataȱonȱtheseȱAuthorizedȱClientsȱisȱunderȱthreatȱdueȱtoȱsuchȱ
connections.ȱ
connections.ȱ
x
Denial
ȱofȱServiceȱ(DoS)ȱAttacks:ȱDoSȱattacksȱdegradeȱtheȱperformanceȱofȱanȱofficialȱWLAN.ȱ
x
WEPGuard
ȱ
TM
:
ȱActiveȱWEPȱcrackingȱtoolsȱallowȱattackersȱtoȱcrackȱtheȱWEPȱkeyȱandȱgainȱaccessȱtoȱconfidentialȱdataȱ
inȱaȱmatterȱofȱminutesȱorȱevenȱseconds.ȱCompromisedȱWEPȱkeysȱareȱusedȱtoȱgainȱentryȱintoȱtheȱauthorizedȱWLANȱ
byȱspoofingȱtheȱMACȱaddressȱofȱanȱinactiveȱAuthorizedȱClient.ȱ
byȱspoofingȱtheȱMACȱaddressȱofȱanȱinactiveȱAuthorizedȱClient.ȱ