Wireless threats
The following are security threats when using wireless networks:
- Rogue access point: At times, a penetration tester will need to check the security posture of a company's wireless network and the security awareness of the employees. A rogue access pointis where a penetration tester would set up afakeaccess point with an SSID to trick users into establishing a connection. Imagine creating an SSID on a rogue access point, naming it Company XYZ VIP Access, and leaving it open. A lot of people seeing this name will think there are special resources on this wireless network. This technique will allow the pentester to sniff traffic easily and obtain sensitive data:
- Evil twin: The evil twinsetup is a bit similar to the rogue access point configuration. However, with an evil twin, the penetration tester deploys an access point within the corporate network using the same SSID as the actual organization. When users connect, they will be able to access the local resources without realizing...