Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection

Wireless LAN discovery through the use of applications such as
NetStumbler, DStumbler, Wellenreiter and others is an increasingly
popular technique for network penetration. The discovery of a
wireless LAN might be used for seemingly innocuous Internet access,
or to be used as a “backdoor” into a network to stage
an attack. This paper reviews some of the tactics used in wireless
LAN network discovery and attempts to identify some of the fingerprints
left by wireless LAN discovery applications, focusing on the MAC
and LLC layers. This fingerprint information can then be incorporated
into intrusion detection tools capable of analyzing data-link
layer traffic.

Pretty good whitepaper by Polarcove.


Author: Xavier Ashe

Entrepreneur, Infosec Executive, CISSP, CISM, Ironman triathlete, traveler, UU, paleo, father of 8, goyishe, gamer, & geek.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s