Understanding Wireless LAN Vulnerabilities
by Lisa Phifer
Posted: 12/11/2002
Abstract:
War driving...Air tapping...Drive-by Wi-Fi.... Call it what you will, exploiting the broadcast nature of 802.11 "Wi-Fi" to find and use unprotected networks is fast becoming a national pastime among wireless enthusiasts and hackers.
Alternately overhyped and underestimated, war driving is the proverbial canary in the coal mine. Accordingly, this article will discuss some of the myths and realities of WLAN security.
|
Myth #1: War Driving Is Hard |
|
Myth #2: War Driving Is Much Ado About Nothing |
|
Myth #3: If I Can See It, I Can Use It |
|
Myth #4: Wireless Risk Outweighs The Reward |
Shunning wireless LANs now would be akin to banning Internet access a decade ago. Rather, companies should cautiously tap the rewards of Wi-Fi while taking appropriate steps to understand and mitigate associated risks.
After WLANs are deployed, continued vigilance is necessary. Perform regular site surveys to find unknown or misconfigured access points (APs) and stations. Conduct penetration tests (attempt to break into your own hardened stations, APs and wired network) to validate the security measures you have implemented. Use log monitoring and intrusion detection systems to spot unusual behavior originating from your WLAN. Knowledge is power—use it to keep your wireless LAN secure.
About the author:
Lisa Phifer is vice president of Core Competence, Inc., a consulting firm specializing in network and security technologies. She has been involved in the design, implementation and evaluation of internetworking products for more than 20 years.
http://www.webtorials.com/main/resource/papers/BCR/paper41.htm