Wireless LAN :: Internet Technology Computers Essays

Wireless LAN discovery through the use of applications such as NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular technique for meshing penetration. The discovery of a radio set LAN might be used for seemingly innocuous Internet access, or to be used as a backdoor into a network to stage an attack. This paper reviews some of the tactics used in wireless LAN network discovery and attempts to identify some of the fingerprints left by wireless LAN discovery applications, focusing on the MAC and LLC degrees. This fingerprint information can then be incorporated into intrusion detection tools capable of analyzing data-link layer traffic.IntroductionThe growth of 802.11 networks has been met with the development of several wireless local atomic number 18a network (WLAN) discovery applications. These applications are designed to identify WLAN activity and network characteristics, providing enough information for an unauthorized user to gain access to the ta rget network. For obvious reasons, WLAN administrators should be concerned about unauthorized access to their networks and thereof should attempt to identify the applications used to discover their networks.WLAN intrusion analysis is not entirely unlike traditional intrusion analysis we are earlier concerned about the identification of traffic signatures or fingerprints that are unique to the applications we want to detect. Unlike traditional intrusion analysis however, we have additional challenges that are unique to wireless networks 1. Location of trafic capture station Where traditional intrusion detection systems can be location in a functional force field (DMZ, inside a firewall, outside a firewall, etc), a data collection agent (agent) capturing 802.11 frames must be installed in the same service area of individually wireless LAN we wish to monitor. The improper location of a wireless LAN agent will inevitably lead to false positive results. If the feel sensitivity of th e agent exceeds that of the monitored network, traffic may be characterized as WLAN discovery while being outside the cell range of the monitored network. Another elicit challenge is monitoring hidden node IBSS stations where the last wireless station to generate a beacon is responsible to reply to probe requests (ANSI/IEEE, 126). In these cases, the wireless LAN agent may not be within the coverage area necessary to collect responses or further solicitation of solicitude information from the responding hidden node station. 2. Identifying anomalous traficIn order for wireless clients to locate a network to join, the IEEE 802.11 specification made an accommodation for clients to broadcast requests for obtainable networks.