The Wireless Penetration Testing Lingo
In a wireless penetration assessment, it is helpful to know the terms used by industry professionals:
802.11a, b, g and n Standards used in wireless LANs.
Client-side attack An attack against the devices that connect to the network, such as notebooks or mobile phones, rather than an attack against the network infrastructure.
DECT Digital Enhanced Cordless Telecommunications is a digital communications standard used by cordless telephones.
HIDS A host-based IDS monitors the behavior and state of a system to identify anomalous circumvention of security policies.
IDS/WIDS Intrusion detection systems and wireless IDSes are appliances or programs that monitor for malicious activities and produce reports.
Infrastructure attack An attack against the network itself — such as access points, switches and routers — exploiting the network configuration.
IPS Intrusion prevention systems are security appliances that monitor for, identify, log, report and attempt to block malicious activity on a network.
PEAP The Protected Extensible Authentication Protocol protects the EAP (commonly used as an authentication framework in wireless networks) with an encrypted and authenticated TLS tunnel.
RADIUS Remote Authentication Dial-In User Service provides centralized authentication for computers connecting to a network.
Rogue access point An AP added to a network without permission. Sometimes these are placed by attackers, but more commonly by users seeking convenience. They pose an extreme danger, as they are not configured by agency IT staff.
Sniffing Intercepting traffic passing over a network. This traffic often contains information valuable to an attacker to strategize attacks against networks and systems.
TLS Transport Layer Security is the successor of Secure Sockets Layer and encrypts segments of certain network connections.
USRP Universal Software Radio Peripheral is a USB board for building software radios. With freely available schematics, USRPs are a low-cost way to create tools for attacking wireless networks.
WEP Part of the original 1997 802.11 protocol, Wired Equivalent Privacy was intended to provide security, as the name suggests, comparable to a wired network. WEP is now considered deprecated and can be cracked with freely available software in a few minutes.
ZigBee It’s becoming prevalent as a low-power consumption protocol for wireless control and monitoring of devices such as light switches and HVAC.