Wireless offers the possibility of always-on, instant mobile communications. However, the vulnerabilities inherent to wireless computing present daunting hurdles. These vulnerabilities -- eavesdropping, session hijacking, data alteration and manipulation, in conjunction with an overall lack of privacy -- are major challenges posed by wireless technologies.
Fortunately steps can be taken to lessen the impact of these threats. Securing wireless networks includes adopting a suitable strategy as MAC address filtering, firewalling or a combination of protocol-based measures. A few specific steps are:
- Change the AP's default admin password
- Change the access point's default SSID
- Disable the "Broadcast SSID" function on the AP
- Enable WEP and the stronger 128-bit encryption, not the breakable 40-bit
- Employ MAC address filtering
- Implement an authentication server to provide strong authentication
- Physically locate the AP in an area that limits its radio emanations
- Logically put the AP in a DMZ with the firewall between the DMZ and the internal network
- Implement VPN tunnels
- Disable DHCP and assign static IP addresses
- Penetration test regularly
- Research migrating to 802.11i technologies and new WEP encryption workarounds
In our
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
sixth and last installment, we'll look at social engineering, intrusion detection systems (IDS) and Honeypots. Stay tuned.
Penetration testing -- Securing wireless access points
Introduction
War walking and war driving
WLAN vulnerabilities, SSID issues, WEP weakness
WLAN DoS attacks, MAC address vulnerabilities
Wireless testing tools
WLAN security countermeasures
About the author
Russell Dean Vines is a bestselling author, Chief Security Advisor for Gotham Technology Group, LLC, and former President of the RDV Group. His most recent book is The CISSP and CAP Prep Guide, published by John S. Wiley and Sons.
This was first published in February 2007