APPENDIX Wi-Fi VULNERABILITY ASSESSMENT CHECKLIST 1. Nearby wireless devices discovery The first step in any vulnerability assessment is identification of all wireless devices near the sites) under test. Document the following o Channels with active traffic in the 2.4 GHz band. o Channels with active traffic in the 5 GHz band. o Sources of noninterference in these frequency bands. o Document for each discovered 802.11 access point • Media Access Control (MAC) address • Extended service set identifier (ESSID) • Channel • Average/Peak signal-to-noise ratio (SNR) • Beaconed security parameters (i.e., WEP, TKIP or AES-CCMP) • Approximate location and probable owner o Document for each discovered 802.11 station • MAC address • Associated ESSIDs • Associated AP(s) or peer stations) • Average/Peak SNR • If visible, X identity • Approximate location and probable owner
