Wireless LAN :: Internet Technology Computers Essays

Wireless local theater of operations network discovery through the use of applications such(prenominal) as NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular technique for network penetration. The discovery of a wireless LAN might be used for seemingly guileless Internet access, or to be used as a backdoor into a network to stage an attack. This paper reviews some of the tactics used in wireless LAN network discovery and attempts to give away some of the fingerprints leave by wireless LAN discovery applications, focusing on the macintosh and LLC layers. This fingerprint randomness can then be incorporated into infringement detection tools capable of analyzing information-link layer traffic.IntroductionThe growth of 802.11 networks has been met with the development of several(prenominal) wireless local atomic number 18a network (WLAN) discovery applications. These applications are designed to identify WLAN activity and network characteristics, pro viding enough information for an unofficial user to gain access to the target network. For obvious reasons, WLAN administrators should be concerned about unauthorized access to their networks and therefore should attempt to identify the applications used to discover their networks.WLAN infraction analysis is not completely unlike traditional intrusion analysis we are primarily concerned about the identification of traffic signatures or fingerprints that are unique to the applications we emergency to detect. Unlike traditional intrusion analysis however, we have additional challenges that are unique to wireless networks 1. Location of trafic capture station Where traditional intrusion detection systems can be posture in a utilitarian area (DMZ, inside a firewall, outdoor(a) a firewall, etc), a data collection agent (agent) capturing 802.11 frames must be installed in the same returns area of each wireless LAN we wish to monitor. The improper location of a wireless LAN agent will inevitably go to false positive results. If the receive sensitivity of the agent exceeds that of the monitored network, traffic may be characterized as WLAN discovery while being outside the cell range of the monitored network. Another interesting challenge is monitoring hide node IBSS stations where the last wireless station to generate a beacon is responsible to reply to probe requests (ANSI/IEEE, 126). In these cases, the wireless LAN agent may not be within the coverage area necessary to collect responses or further solicitation of management information from the responding hidden node station. 2. Identifying anomalous traficIn order for wireless clients to situate a network to join, the IEEE 802.11 specification made an accommodation for clients to broadcast requests for on hand(predicate) networks.