Quiz Entry - updated: 2026.07.14
What are the four main WLAN security threats, and what makes wireless networks inherently more vulnerable than wired?
The four main threats are: data interception (sniffing), wireless intruders, Denial of Service (DoS), and rogue APs. WLANs are more vulnerable because the medium (radio waves) is open to anyone within range — there's no physical cable to protect.
| Threat | Description | Mitigation |
|---|---|---|
| Data Interception | Attacker passively captures wireless frames using monitor mode | Encryption (WPA2/WPA3) |
| Wireless Intruders | Unauthorized users connect to the network | Strong authentication (802.1X, WPA3) |
| DoS Attacks | Deauthentication floods, RF jamming, misconfigured devices | WPA3 PMF (Protected Management Frames), WIPS |
| Rogue APs | Unauthorized AP connected to corporate network | WLC rogue AP detection, WIPS monitoring |
Why wireless is inherently more vulnerable:
- Radio waves travel through walls — anyone within range can receive signals
- No physical access needed — an attacker in the parking lot can reach the WLAN
- The wireless medium is shared — all clients and APs on the same channel can hear each other
- Management frames (deauth, disassociation) were historically unencrypted — WPA3 fixes this with PMF
Rogue AP — the insider threat:
- An employee brings a personal wireless router and plugs it into the corporate LAN
- This creates an uncontrolled entry point into the network
- The rogue AP likely has weak security (or none), bypassing all corporate security policies
- Even well-intentioned: "I just wanted better Wi-Fi in my office" → security nightmare
Evil Twin attack:
- Attacker sets up an AP with the same SSID as the corporate network
- Clients automatically connect (thinking it's the real network) → attacker intercepts all traffic → man-in-the-middle
Go deeper:
Wireless security (Wikipedia) — interception, DoS, rogue APs, MAC spoofing alongside the WEP→WPA3 countermeasures.
Evil twin (wireless networks) (Wikipedia) — the same-SSID rogue-AP man-in-the-middle attack.