Why does all network traffic go through the attacker after poisoning the network?
If the attacker has successfully used spoofed ARP replies to record false entries in the ARP tables for all internal hosts and the gateway, all traffic sent from internal hosts to the gateway will go to the attacker (Step 4). All traffic from the gateway will also go through the attacker and is now redirected through the computer as part of a MITM attack (Step 5).
Learn More :
Corporate Computer Security
- How do wireless IDSs get their data?
- What is the purpose of a wireless IDS?
- How long must passphrases be for adequate security?
- How are PSK/personal keys generated?
- Why is using a shared initial key not dangerous?
- How do users in this mode authenticate themselves to the access point?
- What mode was created for homes or very small businesses with a single access point?
- Despite its security weaknesses, why do many companies continue to use WPA instead of 802.11i?
- What does the Wi-Fi Alliance call 802.11i?
- Compare WPA and 802.11i security.
- What prompted the Wi-Fi Alliance to create WPA?
- Should corporations today use WEP for security today?
- How long may WEP take to crack today?
- What mistake did the 802.11 Working Group make in selecting the length of the IV?
- What per-frame key does a WEP computer or access point use to encrypt when it transmits?
- Why are permanent shared keys undesirable?
- What encryption algorithm does it use?
- What was the first core wireless security standard?
- Is 802.11i security strong? Explain.
- Distinguish between their options for inner authentication.
- What two extended EAP protocols are popular today?
- What authentication method or methods does outer authentication use?
- For 802.11i, distinguish between outer and inner authentication.
- What standard did the 802.3 Working Group create to extend 802.1X operation to WLANs with security for EAP?
- Why is it impossible to extend 802.1X operation using EAP directly to WLANs?