A good place to start with penetration testing is to attempt to connect unauthorized devices to the private side of the network, which should be configured with encryption and authentication mechanisms that only allows authorized client devices to successfully connect. Assume that you know the SSID of the private network because that can be easily found by monitoring 802.11 association requests from client device radios. Configure an unauthorized client device with this SSID and verify that you cannot connect to the network. Of course if it is possible to connect to the private side of the network without applicable encryption passwords, there are major problems with the security of the network. In this case, review the security settings on the access point.
Leave a Reply
You must be logged in to post a comment.