I am currently trying to better understand this attack.
If the network is open ie, not password, I would assume that it would be super easy for the evil twin to work. If I understand correctly, wireless clients won’t be able to tell the difference both the legit and twin would look the same. Likely causing the evil twin and legit network to show up as one network name when people look.
So if the same thing is done on a wifi network with, say wpa2/ccmp I am assuming if I set up the evil twin I would have to know the password in order to get other wifi clients to show it as one ssid. If I did not know it, I guess the evil twin would cause wireless clients to show two different ssids?
Is this correct?