| <<< Known Vulnerable SSIDs | Index | Qualitative Wireless Forensics Workflow >>> |
Technology advances made possible to create honeypot APs.
Mobile honeypot is a malicious AP trying to lure nearby clients with the following vulnerability:
Authorized corporate laptop connects to unauthorized AP -- at home or at a public hotspot network.
Such client is known as client in adhoc mode.
When the laptop is back in the office, it tries to reestablish connections.
The laptop is probing for unauthorized network names, including those with known-vulnerable SSIDs, such as Free Public Wi-Fi.
Some laptops can be probing for as many as 5 or more of the vulnerable SSIDs.
Honeypot AP captures user credentials!
| <<< Known Vulnerable SSIDs | Index | Qualitative Wireless Forensics Workflow >>> |