Communication Security: Wireless • Chapter 4  197


                 Figure 4.9 Discovering Wireless LANs Using NetStumbler
































                    As can be seen in Figure 4.9, NetStumbler displays information on the SSID,
                 the channel, and the manufacturer of the wireless AP.There are a few noteworthy
                 things about this session.The first is that some of the APs are still configured with
                 the default SSID supplied by the manufacturer, which should always be changed to
                 a non-default value upon setup and configuration.Another is that at least one net-
                 work uses a SSID that may provide a clue about the entity that implemented it.
                 Again, this is not a good practice when configuring SSIDs. Finally, you can see
                 which of these networks implemented WEP.
                    If the network administrator was kind enough to provide a clue about the
                 company in the SSID or is not encrypting traffic with WEP, the potential eaves-
                 dropper’s job is made a lot easier. Using a tool such as NetStumbler is only a pre-
                 liminary step for an attacker.After discovering the SSID and other information, an
                 attacker can connect to a wireless network and sniff and capture network traffic.
                 This network traffic can reveal a lot of information about the network and the
                 company that uses it. For example, looking at network traffic, an attacker can deter-
                 mine what domain name system (DNS) servers are being used, the default home
                 pages configured on browsers, network names, logon traffic, and so on.The attacker
                 can use this information to determine if a network is of sufficient interest to pro-




                                                                              www.syngress.com