And if you can, don’t give guests and visitors access to your main Wi-Fi network: use a Wi-Fi
access point that is capable of creating a Guest Wi-Fi with WPA2 encryption, a separate
password and network confinement.
A WiFi station is being attacked
Fingbox is detecting an abnormally high frequency of Wi-Fi de-authentication messages.
This can be due to a couple of causes:
1. One or more of your access points are not working properly and are continuously
telling clients to disconnect. Try restarting your access points and see if the alerts stop
coming.
2. Your network is getting a real Denial of Service (DoS) attack with a flood of
de-authentication messages. These messages are telling your devices to immediately
disconnect from the Wi-Fi access point. Because of this attack, your network
performance becomes very unstable and slowed down. Unfortunately, the Wi-Fi
standard makes networks vulnerable to this attack and there is not much to do.
Evil Twin attack
Fingbox detected a Wi-Fi “Evil Twin”: a malicious Wi-Fi access point acting as a “clone” of
another legitimate access point but on a different radio channel. It has been installed near your
network without explicit authorization. Attackers intent may be of inducing your devices to
connect to it and then intercept your data.
Default gateway has changed (different MAC address for network
gateway)
Fingbox noticed that the MAC address of the default gateway has changed. Because the default
gateway (i.e. the router) is a critical connectivity element, this is an important check.
If you installed a new router, just acknowledge this alert.
If you didn’t change your default gateway, then check immediately all the connections to see if
there is any “alien” equipment attached to any part of your network.
This may be a man-in-the-middle attack, where a computer is acting like a default gateway,
intercepting your traffic before sending it to the Internet via the legitimate router.
Fingbox User’s Guide - App v6.2.1 Page 50
To Next Page
Loading...