Security issues ranging from misconfigured wireless access points (WAPs) to session hijacking to Denial of Service (DoS) can plague a WLAN.
Wireless networks are not only susceptible to TCP/IP-based attacks native to wired networks, they are also subject to a wide array of 802.11-specific threats.
The standard 802.11 encryption method, Wired Equivalent Privacy (WEP) is weak.
Rogue WAPs can also be introduced by users.
The point is that the threats are real, they can cause extensive damage, and they are becoming more prevalent as the 802.11 technology grows in popularity.
Without some sort of detection mechanism, it can be difficult to identify the threats to a WLAN.
Traditional wired based Intrusion detection systems (IDSs) attempt to identify computer system and network intrusions and misuse by gathering and analyzing data.
More recently, IDSs have been developed for use on wireless networks. These wireless IDSs can monitor and analyze user and system activities, recognize patterns of known attacks, identify abnormal network activity, and detect policy violations for WLANs.
Wireless IDSs gather all local wireless transmissions and generate alerts based either on predefined signatures or on anomalies in the traffic. A Wireless IDS is similar to a standard, wired IDS, but has additional deployment requirements as well as some unique features specific to WLAN intrusion and misuse detection.
A centralized wireless IDS is usually a combination of individual sensors which collect and forward all 802.11 data to a central management system, where the wireless IDS data is stored and processed.
[url=http://www.securityfocus.com/infocus/1742]http://www.securityfocus.com/infocus/1742[/url]