Document Overview (8) There are some threats we cannot prevent or detect Passive monitoring Traffic analysis (actually, there are ways to prevent this, but not to detect it) Active MiM traffic interference Packet deletion, re-ordering Other active attacks ARP poisoning DNS poisoning Offline dictionary attacks on pre-shared keys Probably want to provide practical advice for when these are possible, and what can be done to mitigate them. |