Further Obscuring the Presence of a Wireless Network
Question
The SSID broadcast for a wireless router has been disabled but a network administrator notices that unauthorized users are accessing the wireless network.
The administer has determined that attackers are still able to detect the presence of the wireless network despite the fact the SSID has been disabled.
Which of the following would further obscure the presence of the wireless network?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The SSID (Service Set Identifier) is the name of a wireless network. When the SSID broadcast is enabled, the wireless network is visible to devices within range, and they can connect to it. However, when the SSID broadcast is disabled, the wireless network is hidden from the view of casual users.
But it is possible for an attacker to detect a hidden wireless network by sniffing wireless packets, analyzing network traffic, or by sending probe requests. A probe request is a request sent by a wireless device to discover nearby wireless networks. When a device sends a probe request, it includes the SSID of the network it is looking for. An attacker can detect a hidden wireless network by analyzing these probe requests.
To further obscure the presence of the wireless network, the network administrator can perform the following steps:
A. Upgrade the encryption to WPA or WPA2: Upgrading the encryption to WPA or WPA2 can prevent attackers from eavesdropping on wireless traffic and gaining unauthorized access. WPA and WPA2 use stronger encryption algorithms than WEP and are less vulnerable to attacks.
B. Create a non-zero length SSID for the wireless router: Creating a non-zero length SSID for the wireless router can make it difficult for attackers to detect the presence of the wireless network. The network administrator can create a unique SSID that is not easily guessable, and this can help to obscure the network.
C. Reroute wireless users to a honeypot: A honeypot is a system that is designed to lure attackers into a trap. Rerouting wireless users to a honeypot can help to identify attackers and prevent them from accessing the network. A honeypot can be used to capture information about the attacker, such as IP addresses and attack methods.
D. Disable responses to a broadcast probe request: Disabling responses to a broadcast probe request can prevent an attacker from detecting the presence of the wireless network. When a wireless device sends a probe request, it expects a response from nearby wireless networks. If the wireless router is configured to not respond to broadcast probe requests, it can help to obscure the network.
Out of the options given, options A, B, and D can help to further obscure the presence of the wireless network. Option C is not directly related to obscuring the presence of the wireless network, but it can help to identify and prevent attackers from accessing the network.
