Introduction Of Wlan Security Should Be A Concern Whenever...

3.1 Introduction to WLAN Security Security should always be a concern whenever planning, designing, implementing, and maintaining a network infrastructure. This is especially true for wireless LANs, which present unique challenges to home users and IT administrators. Unlike traditional Ethernet LANs, 802.11 wireless LANs advertise their network names (SSID’s) into the air unencrypted. This makes it easy for a hacker to intercept by sniffing the Wireless LAN for SSID advertisements coming from the access point. Although it’s possible to disable SSID advertisements in the access point, someone very determined and with the right tools can still obtain this information. In addition, Wi-Fi signals often extend beyond the boundaries of†¦show more content†¦3.2 WLAN Security Attacks Attacks on wireless networks are generally designed to compromise the confidentiality and integrity of data, as well as reduce the availability of the network. Network attacks ess entially fit into two main categories: passive or active. Passive attacks are those in which an attacker obtains information as it is transmitted over the network for the express purpose of reading the message content, or for traffic analysis. These types of attacks are usually difficult to detect since there is no modification of the data by the attacker. On the other hand, active attacks consist of an attacker modifying data or even sometimes injecting fraudulent data packets into the network. These types of attacks can result in severe damage for the victims. The following figure represents a general classification of network attacks. Attacks follow a general structure that takes them from planning to execution and, if not detected, successful exploitation. Although the attack structure consists of multiple phases, the first phase usually involves some sort of reconnaissance. During the reconnaissance phase the main objective is to identify a target and then gather as much information about that target as possible. During the analysis of the collected information the attacker attempts to determine what protocols or security controls are being used so that they can select