Archive for December, 2008

Challenges to securing wireless LANs

Posted in School with tags , , , on December 1, 2008 by Lance Strzok

There are a great many security issues surrounding the use of wireless networks (WLANs). Although the use of wireless networks at home may be reasonably safe, WLANs in a business environment may be a more difficult decision considering the risks involved and the likelihood of people trying to exploit it. Some of the risks related to wireless security are: rogue access points, the use of unauthorized devices and denial of service attacks. These threats can undermine trust and security of the network and impact business. Many wireless networks use the IEEE 802.11 standard, and this standard has been shown to be weak and in need of improvement. A comprehensive and thurough approach will need to be used if the security of your business network is a great concern to you.

Planning of the wireless network will need to be addressed in the requirements for the network. What kind of information and users will be on the network, and what resources will be linked to that network. These requirements will help in determining the required amount of security. If you want to offer wifi as a service to clients, that is a totally different security setup from if you are conducting business and sales on your network.

Some good practices to consider will also include the position and strength of transmitting access points. Where you place these devices will have an impact on “parking lot hackers”. You will want to research current wireless suppliers for updated technologies, and keep track of firmware and software updates to your equipment. You should also configure your network settings with great care and understand each setting as well as the impact it has on your network. Upon setting up your configuration, always change the default configurations to other names immediately.  The default system names are usually a dead give away to the equipment in use and is a starting point for attackers. Additionally, you may want to have a list of MAC addresses for all the equipment that is going to be allowed to access the network, this is MAC address filtering and it only allows access by machines that have proper MAC addresses. A note of caution on this is that there are programs that can detect and copy MAC addresses and this feature makes it less convenient to attack. Enabeling encryption will also be something that needs to be considered if you are going to use the wireless network for business or banking. Business and homeowners with wifi networks should consider moving to WPA2 compatible devices as soon as possible if they want to have secure networks. The original WEP encryption standards have identifiable weaknesses that have been written about and are routinely exploited with easily accessable tools. For those businesses that wish to have empoyees access their work from home, consider using virtual private networks (VPNs).

There is a great deal more on this issue, and your network security specialists will need to stay aware of and on top of changes in these areas to ensure network security and the vitality of your business or personal home network needs.