Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

GIAC Exam GSNA Topic 3 Question 22 Discussion

Actual exam question for GIAC's GSNA exam
Question #: 22
Topic #: 3
[All GSNA Questions]

You work as a Network Administrator for Infosec Inc. Nowadays, you are facing an unauthorized access in your Wi-Fi network. Therefore, you analyze a log that has been recorded by your favorite sniffer, Ethereal. You are able to discover the cause of the unauthorized access after noticing the following string in the log file:

(Wlan.fc.type_subtype eq 32 and llc.oui eq 0x00601d and llc.pid eq 0x0001)

When you find All your 802.11b are belong to us as the payload string, you are convinced about which tool is being used for the

unauthorized access. Which of the following tools have you ascertained?

Show Suggested Answer Hide Answer
Suggested Answer: D

NetStumbler, a war driving tool, uses an organizationally unique identifier (OID) of 0x00601d and a protocol identifier (PID) of 0x0001. Each version has a typical payload string. For example, NetStumbler 3.2.3 has a payload string: 'All your 802.11b are belong to us'. Therefore, when you see the OID and PID values, you discover that the attacker is using NetStumbler, and when you see the payload string, you are able to ascertain that the attacker is using NetStumbler 3.2.3.


Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel