Find White Papers
Home About Contact Help
Free Membership Member Login
Jul 5, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

Security for the Wireless Network

WatchGuard Technologies
By : WatchGuard Technologies
INFORMATION
Published : Sep 24, 2007
Length : 7
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :

 From businesses and homes to public spaces, it's easier than ever to work using Wi-Fi connections. Wi-Fi is convenient and cost-effective, but wireless networks' security implications can quickly nullify any benefits that they may offer: a business working with sensitive or private information and operating on an insecure network can open itself up to serious litigation in the event of a security breach.

This white paper examines common wireless security controls, current hacker tricks, and recent legislative responses to Internet crime. And so you're not left up the wireless security creek, we give you specific steps you can take to avoid the risks.
View All Items By This Company
Browse Related Categories :

Firewalls

,

Intrusion Prevention

,

Network Security

,

Network Security Appliance

,

VPN

,

Wireless Security
 
The Price Paid for Wireless
The results of a 2005 study done by The Diffusion Group found that one of the primary reasons small-to-medium businesses choose Wi-Fi is its cost-effectiveness. However, according to this study, the security implications of using wireless networks can quickly erase any benefits that Wi-Fi may offer. A business working with sensitive or private information and operating on an insecure network can open itself up to serious litigation in the event of a security breach. Even in 2007 this data remains consistent and therefore the threat persists, making it easier for more sophisticated attacks.
From a street in any metropolitan business district, it can be shockingly easy to access any number of wireless networks. In an unscientific “test drive” conducted by Computerworld New Zealand, a casual stroll through Wellington’s business district indicated that only about two-thirds of the business networks available were secured by any kind of encryption.
This cavalier attitude toward wireless security can lead to serious problems for any company in the long run.

Encryption in Action
There’s a lot of talk about encryption protocols and how important they are, but can they really keep a wireless network safe? The 802.11 specification is a family of protocols developed for wireless LAN technology. Let's look at the 802.11 protocols in use today, what they do, and how they stack up.
Wired Equivalent Privacy (WEP)
Designed for Wireless Local Area Networks (WLANs), WEP provides wireless security equivalent to that of a wired LAN. While it is still considered to be a basic deterrent, it has several known flaws that any moderately skilled hacker could exploit with just a little time and a few tools.
At the March 2005 meeting of the Information Systems Security Association (ISSA) in Los Angeles, a team of FBI agents was easily able to hack into a WEP-protected network in approximately three minutes.
While WEP is regarded as the baseline from which subsequent, more effective protocols were developed, today it is primarily used with older equipment. In order to avoid the security issues presented by WEP, a switch to either WPA or WPA2 is recommended.

Wi-Fi Protected Access (WPA)
Built upon the foundation of WEP, WPA was created in 2002 to bring enhanced LAN security to the wireless market. WPA uses Temporal Key Integrity Protocol (TKIP) encryption, using the same RC4 algorithm as WEP for encryption, but adding sophisticated key management and effective message integrity checking. Developed in conjunction with the IEEE 802.11 Standards Working Group for WLANs, WPA effectively replaced WEP and the other security features of the original 802.11 standard.
WPA offers dynamic key encryption and mutual authentication. It secures both email packet headers and their payloads, and provides a deterrent to replay attacks. WPA’s enhanced encryption is an ideal solution for wireless networks that deal with many different types of 802.11 radio Message Integrity Checks (MICs) such as public hotspots. Most leading wireless access point and chip set vendors have lent their support to WPA.
WPA is not a miracle cure however, and as with any new solution that addresses existing issues, new issues have emerged as a result. Like its predecessor WEP, WPA has been found to have weaknesses that can be used to bring down a network. Two attack techniques adept at exploiting WPA vulnerabilities are dictionary attacks and Denial of Service (DoS) attacks.
A dictionary attack tries to defeat an authentication mechanism by searching a large number of possibilities to determine its pass phrase. As a WPA-protected connection is being established, four data packets are exchanged. Once a hacker has access to those four packets, he or she can carry out a dictionary attack on the pass phrase. Pass phrases of 14 or more characters are least susceptible to a dictionary attack.
A DoS attack brings a network down by flooding it with useless traffic. Using an erroneous encryption key, a hacker transmitting two packets of unauthorized data during a one-second interval can fool the system into believing it’s under attack so that it will shut itself down, temporarily disabling all user connections on that access point.
WPA is most effective when supplemented with other wireless security precautions.
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map