Wireless attack detection
Before we talk about protecting the infrastructureI it is imperative to understand a few detection techniques. rnlike wired networksI a wireless network signal can be FRPSURPLsHd HasLOy, wKLFK PaNHs dHWHFWLRn dLIfiFXOW EXW certainly not impossible.
AP monitoring: As wH OHaUnW, sHFXULng WKH SS,D of an Am or wireless router is very important. fn a large RUganLsaWLRn, NHHSLng WUaFN RI SS,Ds Fan EH a FKaOOHngH; henceI this information should be programmatically stored in a sHFXUH daWaEasH. 2WKHU FUXFLaO dHWaLOs, sXFK as WKH 0AC ,D, fm restrictionsI the wireless channel usedI the beacon settingsI wireless signal strength and bandwidth type are stored for HaFK FRUUHsSRndLng SS,D. A wLUHOHss PRnLWRULng dHYLFH, or a mobile device running monitoring softwareI is used to detect all stations and Ams periodicallyI and the results are compared with the baseline database created earlier. puch routine audits ensure the integrity of router settings and thus the overall wireless network security.
Wi-Fi node monitoring: Along with the AmsI each node needs to be monitored too. qhe technique is a bit differentI though. cor the nodesI a jAC-based security on the Ams Fan EH FRnfigXUHd, wKHUHEy a SaUWLFXOaU AP wRXOd sXSSRUW only a set of jAC addresses. qhis ensures that the wireless FOLHnW nRdH FannRW URaP aURXnd EHyRnd WKH FRnfigXUHd zRnH, and LI sXFK a nHHd aULsHs WKH UHTXHsW Fan EH IXOfiOOHd YLa an authorisation and approval process. cor large organisationsI this can result in systems administration overheadI in which case the nodes can be allowed to connect to all Ams; howeverI each connection and disconnection can be logged and parsed for anomalous behaviour.
TraIfiF PoniWoring: Besides the above techniquesI network administrators can periodically take samples of data from each AmI and check for denial of service and pvk