With the deployment of wireless LANs in almost any type of environment, the risk of attacks occurring on wireless networks goes up. A number of different reasons are behind this, but it mainly stems from a lack of wireless network knowledge.
Unlike a wired network which requires physical access to a device, a wireless network can be targeted and exploited from a distance. This article reviews some basic wireless security fundamentals and reviews some of the most common threats that exist when deploying wireless networks.
Wireless Security Basics
There are a number of basic fundamentals that a person or company needs to be aware of when deploying a wireless network. The first is a basic understanding of what frequencies will be used by the equipment being deployed; this is very important when deploying a wireless network as it affects the amount of interference that the network will be subject to depending on the specific environment.
At this point in time, there are two main frequency bands that are used for wireless LANs (802.11); these include the 2.4 GHz and 5 GHz bands. From a security perspective, the choice of frequency does not greatly affect the security risk of the network. What it does affect is the number of available non-overlapping channels that are available on the network; for the most part this will not affect security except when an attacker is attempting to jam or block a specific frequency to force wireless endpoints to switch Access Points (AP).
Endpoint devices identify wireless networks using a service set identifier (SSID) along with a set of security parameters. On most wireless deployments, the SSID is broadcast from the APs allowing the clients the ability to easily associate. It is possible to not broadcast the SSID which provides a little protection from those wireless network attackers with little operating knowledge; however for an experienced wireless attacker this is not a very effective security measure.
The real security for a wireless network comes from the selection of a proven security technique, there have been a number of different security techniques deployed that have been broken. As of this writing the most secure technique is IEEE 802.11i which is also known as WPA2. This standard provides two different modes of operation including one typically referred to as Personal or Pre-Shared Key (PSK) and Enterprise:
- WPA2-Personal - utilizes a shared key that is communicated to both sides (AP and client) before establishing a wireless connection; this key is then used to secure the traffic.
- WPA2-Enterprise - utilizes the IEEE 802.1x protocol to authenticate a wireless client using an authentication server before traffic is allowed.
Common Wireless Threats
There are a number of main threats that exist to wireless LANS, these include:
- Rogue Access Points/Ad-Hoc Networks
- Denial of Service
- Configuration Problems (Mis-Configurations/Incomplete Configurations)
- Passive Capturing
Let's go through each of these in more detail
No comments:
Post a Comment