User's Guide
AirTight Management Console User Guide
32
Wireless Threats
Following is a diagrammatic representation of the various wireless threats.
Wireless Threats
Non-authorized Associations: Non-authorized and Banned Clients that connect to Authorized APs; an
attacker can gain access to your network through Authorized APs if the security mechanisms are weak.
Non-authorized or Uncategorized Client connections to an Authorized AP using a Guest SSID are not
treated as unauthorized associations.
• Associations to Guest APs: External and Uncategorized Clients that connect to Guest APs are
classified as Guest Clients. The Clients connected to a wired network or a MisConfigured AP can be
specified as exceptions to this policy.
• Ad hoc Connections: Peer-to-peer connections between Clients; corporate data on the Authorized
Client is under threat if it is involved in an ad hoc connection.
• MAC Spoofing: An AP that spoofs the wireless MAC address of an Authorized AP; an attacker can
launch an attack through a MAC spoofing AP.
• Honeypot/Evil Twin APs: Neighboring APs that have the same SSID as an Authorized AP; Authorized
Clients can connect to Honeypot/Evil Twin APs. Corporate data on these Authorized Clients is under
threat due to such connections.
• Denial of Service (DoS) Attacks: DoS attacks degrade the performance of an official WLAN.
• WEPGuard TM: Active WEP cracking tools allow attackers to crack the WEP key and gain access to
confidential data in a matter of minutes or even seconds. Compromised WEP keys are used to gain
entry into the authorized WLAN by spoofing the MAC address of an inactive Authorized Client.
• Client Bridging/ICS: A Client with packet forwarding enabled between wired and wireless interfaces. An
authorized Client bridging and unauthorized/uncategorized bridging Client connected to enterprise
subnet is a serious security threat.
Activate Intrusion Prevention for Location