Understanding Wireless LAN Vulnerabilities
by Lisa Phifer

Published September 2002

 

Abstract:

 

War driving...Air tapping...Drive-by Wi-Fi.... Call it what you will, exploiting the broadcast nature of 802.11 "Wi-Fi" to find and use unprotected networks is fast becoming a national pastime among wireless enthusiasts and hackers.

 

Alternately overhyped and underestimated, war driving is the proverbial canary in the coal mine. Accordingly, this article will discuss some of the myths and realities of WLAN security.

 

bullet

Myth #1: War Driving Is Hard

bullet

Myth #2: War Driving Is Much Ado About Nothing

bullet

Myth #3: If I Can See It, I Can Use It

bullet

Myth #4: Wireless Risk Outweighs The Reward

 

Shunning wireless LANs now would be akin to banning Internet access a decade ago. Rather, companies should cautiously tap the rewards of Wi-Fi while taking appropriate steps to understand and mitigate associated risks.

 

After WLANs are deployed, continued vigilance is necessary. Perform regular site surveys to find unknown or misconfigured access points (APs) and stations. Conduct penetration tests (attempt to break into your own hardened stations, APs and wired network) to validate the security measures you have implemented. Use log monitoring and intrusion detection systems to spot unusual behavior originating from your WLAN. Knowledge is power—use it to keep your wireless LAN secure.

 

About the author:

Lisa Phifer is vice president of Core Competence, Inc., a consulting firm specializing in network and security technologies. She has been involved in the design, implementation and evaluation of internetworking products for more than 20 years.

 

bullet

Access paper
bullet

Approx. 186 kB

bullet

For help with .pdf file downloads, please check out the help topic.

bullet

Return to Business Communications Review Gold Sponsor Archives

bullet

Return to Wireless menu

bullet

Return to Security menu


This article is reproduced by special arrangement with our partner, Business Communications Review.

 

Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information.  Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site.  Please encourage colleagues to download their own copy after registering at http://www.webtorials.com/reg/.