Forum

Hi All,

In the CWSP study guide, chapter 3 question 1 is written that a hacker would prefer using a FHSS rogue AP instead of DSSS in a WLAN, because FHSS equipment may not be noticed by DSSS scanning software.

My question is:

Why the hacker would place a FHSS AP in a DSSS WLAN?
I always thought that the FHSS and DSSS are incompatible...

Thanks for the help.

That is exactly why a hacker would use an fhss ap. If the WLAN administrator uses netstumbler or what have you, with a DSSS card it will not detect the fhss signal. The spread spectrum technology does not matter on the LAN side of the AP. If the rouge ap is fhss and the hackers wifi card is fhss then he has a wireless fhss link to the wired network that will not be detected other than any interference that fhss will cause dsss. hope that answers your question.

Thanks for your reply locowav!

When the attacker uses a different spread spectrum tecnology than the one used by the victim, it is only to get access to the wired part of the LAN, and not to listen the wireless traffic... right?

Thanks

Begginer Escribió:

Thanks for your reply locowav!

When the attacker uses a different spread spectrum tecnology than the one used by the victim, it is only to get access to the wired part of the LAN, and not to listen the wireless traffic... right?

Thanks

Rogue AP can be used in two ways:

Trying to impersonate a valid AP in order to acquire information on the wireless portion of the network.You can also get a few UID and password as a bonus.

Gaining access to the wire network, which is actualy the ultimate goal. There is a lot of interesting information on a wireless network, but the jackpot (Servers, Internet access, lots of workstations..., MASS quantity of DATA) is on the wired network.

So I am a litle surprise when you say
"it is only to get access to the wired part of the LAN,"

Guy