The following threats are present wherever wireless networks exist:Attacks can be of any type that Windows XP Professional could be launched from a wired connection, including password-cracking attacks, attempts to find weak controls, broadcast monitoring(whereby an attacker sniffs data as it traverses your network), or even the launching of a worm, virus, or Trojan horse attack. While use of a switch instead of a hub as a connection point for the wireless AP might prevent casual listening to all traffic on the network, Address Resolution Protocol (ARP) spoofing can be used to trick the switch into routing data through the intruder's client.Even if the intruder means no harm and is just seeking free access to the Internet, if his computer is infected with a worm or virus, he might spread it to your network.This type of attack might be accomplished by an attacker against wireless networks that rely on SSL VPNs for access security. In this attack, the intruder uses an ARP sp oofing technique and attempts to substitute his server credentials. The client gets a warning that the credentials have changed and is asked to accept them. If a user accepts the credentials, the communications destined for the client's internal network are now redirected to the attacker's rogue server.Unauthorized connections by anyone with a computing device and a wireless network card to an unsecured wireless access point Access to the wireless network does not require a wired connection MCP certification.A connection to your wireless network might be made just as easily from the parking lot of your building, thesidewalk outside its front door, or the offices on the floor above as it is from your business offices. While a wireless connection does not remove the protections you have in place using authentication, access controls, and encryption, a wireless connection does allow unauthorized individuals access to your network, inside your firewall. Any connection to your in side network is a potential threat.Attacks on your wireless clients from other wireless clients Joining your wireless client to an unsecured wired network places you on a network withunknown participants. This is like being connected to the Internet without a firewall. Any attack that might be mounted over the Internet can also be used against clients on a wireless network.Attacks from rogue access points that have created unauthorized access points to the network Employees might connect a wireless access point totheir authorized network connection. They do this to make it easier to move around the general area of their office without a wire or to allow visitors to their area to connect to the network. An intruder might seek to connect a rogue wireless access point to an unattended network jack. If the intruder is successful, he now has a connection to your network from outside your facilities.An attacker might attempt to capture logon credentials by placing a fake access po int near the legitimate one. If her access point has a stronger signal, she can entice clients to attempt to log on to her wireless network instead of the real one. When clients attempt to log on, she might be able to capture logon credentials that can be used in an attack on the client's real networks.
access point vs router
Niciun comentariu:
Trimiteți un comentariu