NIS Chapter 08 Flashcards
(44 cards)
What are rouge access devices?
this is a WLAN radio that is connected to the wired infrastructure but is not managed by the network administrators
In simple terms?
Any device with unauthorised WLAN portal to network resources
What is the mosr overlooked rogue access device?
the IBSS or ad hoc WN
Why are even printers a risk of being a rogue device?
they now come with 802.11 radios with adhoc mode and hackers can connect to these printers
What are the 5 risks associated with rogue devices?
- Data theft
- data destruction: db being erased
- loss of services: disabling services
- Malicious data insertion: uploading viruses and malicious sw
Third-PartyAttacks: the attacker can use the rogue AP as a lauching pad for 3rd party attacks
How can rogue APs be prevented?
- banning the use of ad hoc networks
- settings to diable adhoc on enterprise client devices
- wired port control using 802.1X/EAP : (does not allow upper layer communication unless credentials are provided in the 2nd layer)
Why are WIDS/WIPS used in businesses?
- most businesses do not use 802.1X/EAP wired port control. Gives more information
What is port suppression
Another method of restriction rogue APs by using SNMP to disable the switch port connected to the rogue AP
What are the 2 types of eaves dropping?
casual and malicious
How does C.E happen?
it is often referred to as WLAN discovery. This discovery can either be passive or active.
Active: have a probe request and listening back for a response
Passive: listening for beacon managment frames being broadcasted by APs
What information can be found from the beacon management frames?
service set identifier (SSID), MAC
addressing, supported data rates, and other basic service set (BSS) capabilities
Give names of tools used to discover WLAN networks
- NetStumbler
What is malicious eavesdropping
this is the the use of protocol analysers to capture communication without authority. It is illegal
What is a protocol analyser?
it is a passive devuces that operates in an RF monitoring mode and captures 802.11 frames within its range.
- can also be used to listen in on exchanges like the 4way handshake
What are the risks associated with ED?
- because it is passive, it cannot be picked up by WIPS/WIDS therefore the attack can not be stopped neither can the attacker be located
- All layer 2 data is in clear text and that can be a passage way to an attack. Even layer 3-7 data can be revealed if encryption is not used
What is wired leakage?
This is a security risk associated with ed. It is a type of info an attacker can use to gain access to your network or data. It can reveal information about
the wired network as well as what can be seen wirelessly
How can ed be controlled? (4)
- By using encryption to protect the MSDU
- RFID shielding can be used. Mylar films can be put on windows to stop signals from escaping
- Special paint/ wallpapers
- faraday cage:expensive
What is the most deployed 802.1X/EAP solution and what is the problem with it?
LEAP, offline dictionary attacks because hashed pwd is crackable
What are the risks associated with auth attakcs
- Data theft
- Data destruction
- Loss of services
- Malicious data
- Third - party attacks
how can these risks be mitigated?
- secure the corporate WLAN
infrastructure properly with an 802.1X/EAP solution that uses a RADIUS server and the
tunneled authentication EAP protocols - Multifactor authentication,
also known as two - factor authentication
What attack is PSK with WPA/WPA2Personal vulnerable
offline brute-force dictionary attacks
What can be to mitigate these risks?
- policy mandating 20 char pswd
- only admins to knoe static pphrase
What are the 2 divisions of layer 1 DoS attacks?
- intentional
-unintentiona
what are dos unintentional attacks?
through devices like baby monitors, microwaves 2.4GHz waves are transmitted and cause interference
