will find the SSID in the broadcast beacon packets. Turning off the broadcast
of SSID in the beacon message (a common practice) does not prevent getting
the SSID; since the SSID is sent in the clear in the probe message when a client
associates to an AP, a sniffer just has to wait for a valid user to associate to the
network to see the SSID.
8. What are Insertion Attacks ?
The insertion attacks are based on placing unauthorized devices on the wireless
network without going through a security process and review.
9. What is Wireless Sniffer ?
An attacker can sniff and capture legitimate traffic. Many of the sniffer tools
for Ethernet are based on capturing the first part of the connection session,
where the data would typically include the username and password. An intruder
can masquerade as that user by using this captured information. An intruder
who monitors the wireless network can apply this same attack principle on the
wireless.
10. What is the difference between Open System and Shared Key of
Authentication Type ?
Open System:
The default authentication service that simply announces the desire to associate
with another station or access point. A station can authenticate with any other
station or access point using open system authentication if the receiving station
designates open system authentication.
Share Key:
The optional authentication that involves a more rigorous exchange of frames,
ensuring that the requesting station is authentic. For a station to use shared key
authentication, it must implement WEP.
11. What is 802.1x ?
IEEE 802.1x Port-Based Network Access Control is an IEEE (Institute of
Electrical and Electronics Engineers) standard, which specifies a standard
mechanism for authenticating, at the link layer (Layer 2), users' access to IEEE
802 networks such as Ethernet (IEEE 802.3) and Wireless LAN (IEEE 802.11).
For IEEE 802.11 WLAN, IEEE 802.1x authentication can be based on
username/password or digital certificate.
12. What is the difference between force-authorized, force-unauthorized
