I recently took a practice exam question and it asked this as a true or false question:
The term "Evil twin" refers to a rogue Wireless Access Point (WAP) set up for eavesdropping or stealing sensitive user data. The Evil twin replaces the legitimate access point and by advertising its own presence with the same Service Set Identifier (SSID, a.k.a. network name) appears as a legitimate access point to connecting hosts. True or False.
I guess I overthought this question and got it wrong by putting FALSE. My reasoning had to do with the wording of "The Evil twin replaces the legitimate access point". Is this really fair to say? If two access points have the same SSID wouldn't you still see both? I mean yes, the point is to trick someone into picking the wrong one but they both still exist right? What happens when two APs have the same SSID and are configured the same? do they just fight over who is closest? Would both still be visible on my phone?
No comments:
Post a Comment