- Helps understand the security vulnerabilities in current WLAN setup
- Helps to fix those issues
- Helps to get more control over wireless network
- Helps in increasing productivity
Wireless Security Threats
What are the threats that we face today with regards to wireless networks? An informative list has been compiled by the National Institute of Standards and Technology as part of their documentation on Wireless Security. Hereunder is an extract from that document.
To date, the list below includes some of the more salient threats and vulnerabilities of wireless systems:
- All the vulnerabilities that exist in a conventional wired network apply to wireless technologies.
- Malicious entities may gain unauthorized access to an agency’s computer or voice (IP telephony) network through wireless connections, potentially bypassing any firewall protections.
- Sensitive information that is not encrypted (or that is encrypted with poor cryptographic techniques) and that is transmitted between two wireless devices may be intercepted and disclosed.
- Denial of service (DoS) attacks may be directed at wireless connections or devices.
- Malicious entities may steal the identity of legitimate users and masquerade them on internal or external corporate networks.
- Sensitive data may be corrupted during improper synchronization.
- Malicious entities may be able to violate the privacy of legitimate users and be able to track their physical movements.
- Malicious entities may deploy unauthorized equipment (e.g., client devices and access points) to surreptitiously gain access to sensitive information.
- Handheld devices are easily stolen and can reveal sensitive information.
- Data may be extracted without detection from improperly configured devices.
- Viruses or other malicious code may corrupt data on a wireless device and be subsequently introduced to a wired network connection.
- Malicious entities may, through wireless connections, connect to other agencies for the purposes of launching attacks and concealing their activity.
- Interlopers, from inside or out, may be able to gain connectivity to network management controls and thereby disable or disrupt operations.
- Malicious entities may use a third party, un-trusted wireless network services to gain access to an agency’s network resources.
- Internal attacks may be possible via ad hoc transmissions.
Wireless Security Considerations
The following are a few things you need to ask yourself when implementing security for your wireless network.
- Do I have some form of logging enabled? Logging is important as it will help you to trace who is trying to gain unauthorized access to your network. It will also act as evidence when prosecuting a suspected intruder in court.
- Do I allow guest access? If you do then be sure to separate your corporate network from the WLAN by placing the WLAN in your DMZ or outside the network and implement a firewall between them. Also, don’t forget to log and audit guest user activity so that you can see if any abuse is taking place.
- Where does my wireless signal end? Perform a site survey and find out exactly where the signal starts and ends; know your boundary.
- Do I know what’s on the network? Document everything and when a new access point is attached to the current network make sure you know about it. In larger companies, departments implement their own WLAN by adding an access point to the network and not informing the administration department, thus potentially opening up a hole in the network.
- Have I performed a Wireless LAN security audit? Make sure you scan your network to identify known vulnerabilities, and if any are found, take action as soon as possible!
- Are the wireless clients safe? Introduce, or amend a current security policy that will require mobile users to keep their laptops protected with antivirus and firewall software.
Tips for Securing your Wireless Network
There are a numbers of things you can keep in mind which will help to lessen the likeliness of a breach of security in your wireless network. I have compiled a list of tips that I think will be of use to anyone who has a wireless network.
- As should be the case with a wired network, only share what is needed. Don’t share entire partitions, share folders instead. Also, depending on the level of confidentiality, you should always password protect anything that is shared using an archive tool.
- If you’ve implemented the WEP authentication method, be sure to use the Shared Key method, every so often change your WEP keys and make them as difficult as possible.
- Be sure to secure your wireless access point with a strong password; don’t just leave the default one in place!
Disable access point administration via wireless clients. This means that any changes to the access point configuration would have to be done from a machine attached to the wired network.
- On smaller networks, use MAC address filtering as an added means of security. Don’t rely on this feature alone but use it in conjunction with another security
- Change the default SSID to something that is understandable to you but not to outsiders. This will make it slightly more difficult for people to connect to your network. Be sure to change it to something that won’t give too much information away about your network.
- Disable SSID broadcasting. This feature is meant to make it easier for clients to connect to the network because the network name can be automatically discovered by the client operating system. This means anyone in range of your access point will automatically know your network exists.
- If you need wireless access in your building alone, try putting the access point in the centre of the building to decrease the chance of a wardriver* being in range of your signal.
- If you’re willing to see a dip in speed then using a VPN would be the more secure option for a wireless network. This is fairly quick and easy to setup and has great benefits, as opposed to other means of security.
* A wardriver is a person who roams around with his/her laptop to gather information about a wireless system.