Document Overview (4) General Adversary Capabilities Passive adversaries (sniffers) Can observe and record (eavesdrop), but not interact with the traffic Active adversaries Pass-by can sniff, inject, replay, reflect (with duplication), cause redirection Inline (MiM) Can observe, inject, delete, replay, reflect, redirect, modify packets Vulnerabilities resulting from splitting AP function New exposures during session establishment Discovery Information leakage DoS potential (by injecting/modifying requests/responses) Redirection potential CAPWAP Session Establishment Various DoS opportunities Information leakage (identity, capabilities) New exposures while connected DoS on CAPWAP protocol endpoint(s) 802.11 mgmt frame attacks (on the wire) Application data exposure Information leakage (topology, applications, etc) |