Table of Contents
Advertisement
05-4055A01, Rev. E
Table 1-2. Security Risk Management
Security Risk
Denial of service, where Remote radios
could be reconfigured with bad
parameters, bringing the network down
Airsnort and other war-driving intruders in
parking lots, near buildings, and so on
Eavesdropping, intercepting messages
Key cracking
Replaying messages
Unprotected access to configuration using
SNMP
Potential, ongoing attacks
1.4.1 Intrusion Detection using SNMP Traps
In addition to the operative tools and techniques, the entraNET system
provides an SNMP-based network management system with traps
(alarms) that report suspicious activities or events. These include:
• Log-in attempt limit exceeded (accessed using HTTP)
• Successful log-in or logout (accessed using HTTP)
MDS entraNET Technical Manual
The MDS entraNET Solution
Remote log-in
Local console log-in
HTTP (Hypertext Transfer
Protocol) and Telnet disabled,
enabling only local management
services
Frequency-hopping spread
spectrum (FHSS) does not talk
over the air with standard 802.11b
cards
The transceiver cannot be put in a
"promiscuous" mode
Proprietary data framing
128-bit encryption
Automatic Key Rotation algorithm.
In addition, a Force Key Rotation
command is available to
immediately rotate the keys of the
AP and synchronize all Remotes
with it.
128-bit encryption with rotating
keys
Non-secure SNMP versions can be
enabled or disabled at will.
SNMPv3 password protection
Provides early warning using
SNMP through critical event
reports of unauthorized log-in
attempts and suspicious activities
11
- Quick Links:
- Log-In and Configuration
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
