beautypg.com

Weak iv detection, Wlan ids configuration task list, Configuring ap operating mode – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 151

background image

139

Weak IV detection

Wired Equivalent Privacy (WEP) uses an Initialization Vector (IV) to encrypt each frame. An IV and a key

are used to generate a key stream, and thus encryptions using the same key have different results. When
a WEP frame is sent, the IV used in encrypting the frame is also sent as part of the frame header.
However, if a WLAN device generates IVs in an insecure way, for example, if it uses a fixed IV for all

frames, the shared secret key may be exposed to any potential attackers. When the shared secret key is

compromised, the attacker can access network resources.
Weak IV detection counters this attack by verifying the IVs in WEP frames. Whenever a frame with a

weak IV is detected, it is immediately logged.

WLAN IDS configuration task list

Task Description

Configuring AP operating mode

Required

Configuring rogue device detection

Configuring rogue device detection

Optional

Taking countermeasures against
attacks from detected rogue devices

Displaying and maintaining rogue
detection

Configuring IDS attack detection

Configuring IDS attack detection

Optional

Displaying and maintaining IDS

attack detection

Configuring AP operating mode

A WLAN consists of various APs that span across the building offering WLAN services to the clients. The

administrator may want some of these APs to detect rogue devices. The administrator can configure an

AP to operate in any of the three modes, normal, monitor, and hybrid.

In normal mode, an AP provides WLAN data services but does not perform any scanning.

In monitor mode, an AP scans all 802.11 frames in the WLAN, but cannot provide WLAN services.

In hybrid mode, an AP can both scan devices in the WLAN and provide WLAN data services.

To configure the AP operating mode:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter AP template view.

wlan ap ap-name model
model-name

N/A