Wireless LAN :: Internet Technology Computers Essays

Wireless LAN breakthrough through and through the use of applications such as NetStumbler, DStumbler, Wellenreiter and others is an increasingly popular technique for meshing penetration. The discovery of a wireless LAN might be apply for seemingly innocuous Internet access, or to be used as a backdoor into a network to stage an attack. This paper reviews some of the evasive action used in wireless LAN network discovery and attempts to tell some of the fingerprints left by wireless LAN discovery applications, instruction on the MAC and LLC layers. This fingerprint information can then be incorporated into intrusion detection tools capable of analyzing data-link layer traffic.IntroductionThe ontogenesis of 802.11 networks has been met with the development of several wireless local bea network (WLAN) discovery applications. These applications are designed to identify WLAN activity and network characteristics, providing comely information for an unauthorized user to gain access to the target network. For self-evident reasons, WLAN administrators should be concerned about unauthorized access to their networks and thereof should attempt to identify the applications used to discover their networks.WLAN intrusion analytic thinking is not entirely unlike traditional intrusion analysis we are primarily concerned about the identification of traffic signatures or fingerprints that are unique to the applications we want to detect. Unlike traditional intrusion analysis however, we take for additional argufys that are unique to wireless networks 1. Location of trafic capture berth Where traditional intrusion detection systems can be location in a functional area (DMZ, inside a firewall, outside a firewall, etc), a data collection element (agent) capturing 802.11 frames must be installed in the same service area of each wireless LAN we desire to monitor. The improper location of a wireless LAN agent result inevitably lead to false positive results. If the receive sensitivity of the agent exceeds that of the monitored network, traffic may be characterized as WLAN discovery firearm being outside the cell range of the monitored network. Another interesting challenge is monitoring hidden node IBSS stations where the last wireless station to generate a beacon is responsible to reply to probe requests (ANSI/IEEE, 126). In these cases, the wireless LAN agent may not be within the coverage area necessary to collect responses or further solicitation of management information from the responding hidden node station. 2. Identifying anomalous traficIn ready for wireless clients to locate a network to join, the IEEE 802.11 specification made an allowance for clients to broadcast requests for available networks.