ZyXEL NWA3550 User Manual Page 146
- Page / 344
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
Chapter 12 Rogue AP
NWA3550 User’s Guide
146
Figure 80 Rogue AP: Example
12.2.1 “Honeypot” Attack
Rogue APs need not be connected to the legitimate network to pose a severe security threat. In
the following example, an attacker (X) is stationed in a vehicle outside a company building,
using a rogue access point equipped with a powerful antenna. By mimicking a legitimate
(company network) AP, the attacker tries to capture usernames, passwords, and other sensitive
information from unsuspecting clients (A and B) who attempt to connect. This is known as a
“honeypot” attack.
If a rogue AP in this scenario has sufficient power and is broadcasting the correct SSID
(Service Set IDentifier) clients have no way of knowing that they are not associating with a
legitimate company AP. The attacker can forward network traffic from associated clients to a
legitimate AP, creating the impression of normal service. This is a variety of “man-in-the-
middle” attack.
This scenario can also be part of a wireless denial of service (DoS) attack, in which associated
wireless clients are deprived of network access. Other opportunities for the attacker include
the introduction of malware (malicious software) into the network.
A
R
X
C
B
Internet
- User’s Guide 1
- About This User's Guide 3
- Document Conventions 4
- Icons Used in Figures 5
- Safety Warnings 6
- Safety Warnings 7
- Contents Overview 10
- NWA3550 User’s Guide 10
- Table of Contents 11
- Chapter 6 13
- Chapter 7 13
- List of Figures 19
- List of Tables 27
- Introduction 31
- CHAPTER 1 33
- 1.2.1 Access Point 34
- 1.2.2 Bridge / Repeater 34
- 1.2.3 AP + Bridge 35
- 1.2.4 MBSSID 36
- 1.3 CAPWAP 38
- M1 M2 M3 M4 39
- 1.7 Hardware Connections 40
- CHAPTER 2 43
- CHAPTER 3 47
- Chapter 3 Status Screens 48
- Table 1 The Status Screen 48
- Chapter 3 Status Screens 49
- CHAPTER 4 51
- 4.1.2 CAPWAP and DHCP 52
- 4.1.3 CAPWAP and IP Subnets 52
- 4.1.4 Notes on CAPWAP 53
- Chapter 4 Management Mode 54
- CHAPTER 5 55
- Chapter 5 Tutorial 56
- SSID Profile 57
- 5.1.3 Further Reading 58
- Chapter 5 Tutorial 61
- Figure 35 Tutorial: Warning 72
- 5.3.3 Set Up E-mail Logs 73
- 5.3.5 Test the Setup 75
- 5.4.1 Scenario 75
- 5.4.2 Your Requirements 76
- 5.4.3 Setup 76
- Filtering field. Click Apply 78
- The Web 83
- Configurator 83
- CHAPTER 6 85
- Chapter 6 System Screens 86
- Chapter 6 System Screens 87
- Table 11 Password 87
- CHAPTER 7 91
- 7.2 Wireless LAN Basics 92
- 7.3 Quality of Service 92
- 7.3.2 ATC 93
- 7.3.3 ATC+WMM 94
- 7.3.4 Type Of Service (ToS) 95
- 7.4.1 Rapid STP 96
- 7.4.2 STP Terminology 96
- 7.5 DFS 97
- 7.6 Wireless Screen Overview 98
- 7.7.2 Bridge/Repeater Mode 101
- AP Bridge 102
- Ethernet 103
- 7.7.3 AP+Bridge Mode 106
- 7.7.4 MBSSID Mode 108
- CHAPTER 8 109
- 8.1.3 User Authentication 110
- 8.1.4 Encryption 110
- 8.2 Security Modes 111
- 8.3 Configuring Security 111
- 8.3.1 Security: WEP 112
- 8.3.2 Security: 802.1x Only 113
- 8.3.4 Security: WPA 116
- 8.4 Introduction to RADIUS 119
- 8.5 Configuring RADIUS 119
- Table 33 RADIUS 120
- CHAPTER 9 121
- Chapter 9 MBSSID and SSID 123
- Chapter 9 MBSSID and SSID 124
- 9.2 SSID 125
- Figure 67 SSID 126
- Table 35 SSID 126
- 9.2.2 Configuring SSID 127
- Table 36 Configuring SSID 128
- CHAPTER 10 129
- 10.4 The MAC Filter Screen 134
- Table 40 MAC Address Filter 136
- 10.5 Configuring Roaming 137
- Figure 77 Roaming Example 138
- Figure 78 Roaming 139
- CHAPTER 11 141
- Chapter 11 IP Screen 142
- Figure 79 IP Setup 142
- Table 42 IP Setup 142
- Chapter 11 IP Screen 143
- CHAPTER 12 145
- 12.2.1 “Honeypot” Attack 146
- Chapter 12 Rogue AP 147
- Figure 81 “Honeypot” Attack 147
- 12.3.2 Rogue AP: Friendly AP 148
- 12.3.3 Rogue AP List 149
- Chapter 12 Rogue AP 150
- CHAPTER 13 151
- 13.2 SSH 152
- 13.3 How SSH Works 152
- 13.5 Configuring Telnet 153
- 13.6 Configuring FTP 155
- 13.7 WWW (HTTP and HTTPS) 156
- 13.8 Configuring WWW 157
- 13.9 HTTPS Example 158
- 13.9.4 Login Screen 160
- 13.10 SNMP 162
- 13.10.1 Supported MIBs 164
- 13.10.2 SNMP Traps 164
- 13.11.1 SNMP v3 and Security 165
- 13.11.2 Configuring SNMP 165
- CHAPTER 14 169
- 14.3 Trusted AP Overview 171
- 14.4 Configuring Trusted AP 172
- Table 55 Trusted AP 173
- Table 56 Trusted Users 174
- CHAPTER 15 177
- 15.3 Verifying a Certificate 178
- 15.4 Configuration Summary 179
- 15.5 My Certificates 179
- Chapter 15 Certificates 180
- Figure 106 My Certificates 180
- Table 57 My Certificates 180
- Chapter 15 Certificates 181
- 15.7 Importing a Certificate 182
- 15.8 Creating a Certificate 183
- 15.9 My Certificate Details 185
- 15.10 Trusted CAs 188
- Table 61 Trusted CAs 189
- Table 62 Trusted CA Import 190
- Table 63 Trusted CA Details 191
- CHAPTER 16 195
- Chapter 16 Log Screens 196
- Table 64 View Log 196
- Chapter 16 Log Screens 197
- Figure 114 Log Settings 197
- Table 65 Log Settings 197
- 16.3 Example Log Messages 198
- Table 67 ICMP Notes 199
- 16.4 Log Commands 200
- 16.5 Log Command Example 201
- CHAPTER 17 203
- 17.2 Configuring VLAN 204
- ZyXEL Device 205
- 17.2.2 RADIUS VLAN 206
- Chapter 17 VLAN 207
- Table 71 RADIUS VLAN 207
- Figure 121 VLAN Setup 209
- Chapter 17 VLAN 210
- • Click the Close button 217
- Internet 218
- CHAPTER 18 221
- 18.2.1 System Statistics 222
- 18.3 Association List 223
- 18.4 Channel Usage 224
- 18.5 F/W Upload Screen 225
- Chapter 18 Maintenance 226
- Figure 142 Firmware Upload 226
- Table 77 Firmware Upload 226
- 18.6 Configuration Screen 227
- 18.6.1 Backup Configuration 228
- Chapter 18 Maintenance 229
- 18.7 Restart Screen 230
- PART III 231
- CHAPTER 19 233
- V I forgot the password 234
- V I cannot access the SMT 235
- Chapter 19 Troubleshooting 236
- CHAPTER 20 237
- Compatible ZyXEL Antennas 240
- 123456 78 241
- Appendices and 243
- APPENDIX A 245
- Windows Vista 248
- Mac OS X: 10.3 and 10.4 252
- Verifying Settings 255
- Mac OS X: 10.5 256
- Linux: Ubuntu 8 (GNOME) 259
- Linux: openSUSE 10.3 (KDE) 262
- APPENDIX B 269
- Appendix B Wireless LANs 270
- Appendix B Wireless LANs 271
- Fragmentation Threshold 272
- Preamble Type 273
- IEEE 802.11g Wireless LAN 273
- Wireless Security Overview 273
- IEEE 802.1x 274
- Types of EAP Authentication 275
- PEAP (Protected EAP) 276
- Dynamic WEP Key Exchange 277
- WPA and WPA2 277
- Encryption 278
- User Authentication 278
- Security Parameters Summary 280
- Antenna Overview 280
- Antenna Characteristics 281
- Types of Antennas for WLAN 281
- Positioning Antennas 281
- APPENDIX C 283
- JavaScripts 286
- Java Permissions 287
- JAVA (Sun) 288
- APPENDIX D 289
- 6 Next, click OK 305
- Konqueror 308
- APPENDIX E 313
- Subnet Masks 314
- Notation 315
- Subnetting 316
- Example: Four Subnets 317
- Example: Eight Subnets 318
- Subnet Planning 319
- Configuring IP Addresses 320
- APPENDIX F 321
- Auto Configuration by DHCP 322
- Manual Configuration 322
- Configuration Via SNMP 322
- Configuration File Format 323
- Configuration File Rules 324
- APPENDIX G 329
- ZyXEL Limited Warranty 331
- Appendix G Legal Information 332
- APPENDIX H 333
- Appendix H Customer Support 334
- Appendix H Customer Support 335
© 2020, manymanuals.com. All rights reserved. | 4.042 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals