2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet453/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   449   450   451   452   453   454   455   456   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

Rogue Access Points
A security concern commonly discovered during a site survey is the presence of 
rogue wire-
less access points
. A rogue WAP may be planted by an employee for convenience, or it may 
be operated externally by an attacker.
A wireless access point planted by an employee can be connected to any open network 
port. Such unauthorized access points usually aren’t configured for security or, if they are, 
aren’t configured properly or in line with the organization’s approved access points. Rogue 
wireless access points should be discovered and removed in order to eliminate an unregu-
lated access path into your otherwise secured network.
It’s common for an attacker to find a way to visit a company (via a friend who is an 
employee or by going on a company tour, posing as a repair technician or breakfast taco 
seller, or even breaking in at night) in order to plant a rogue access point. After a rogue 
access point is positioned, an attacker can gain entry to the network easily from a modest 
distance away from your front door.

Wireless Networks 
485
A rogue WAP can also be deployed by an attacker externally to target your existing 
wireless clients or future visiting wireless clients. An attack against existing wireless clients 
requires that the rogue WAP be configured to duplicate the SSID, MAC address, and wire-
less channel of the valid WAP, although operating at a higher power rating. This may cause 
clients with saved wireless profiles to inadvertently select or prefer to connect to the rogue 
WAP instead of the valid original WAP.
The second method focuses on attracting new visiting wireless clients. This type of 
rogue WAP is configured with a social engineering trick by setting the SSID to an alternate 
name that appears legitimate or even preferred over the original valid wireless network’s 
SSID. For example, if the original SSID is “ABCcafe,” then the rogue WAP SSID could be 
“ABCcafe-2,” “ABCcafe-LTE,” or “ABCcafe-VIP.” The rogue WAP’s MAC address and 
channel do not need to be clones of the original WAP. These alternate names may seem like 
better network options to new visitors and thus trick them into electing to connect to the 
false network instead of the legitimate one.
The defense against rogue WAPs is to be aware of the correct and valid SSID. It would 
also be beneficial for an organization to operate a wireless IDS to monitor the wireless sig-
nals for abuses, such as newly appearing WAPs, especially those operating with mimicked 
or similar SSID and MAC values.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   449   450   451   452   453   454   455   456   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish