Find White Papers
Home About Contact Help
Free Membership Member Login
Oct 12, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

Wireless LAN Security: What Hackers Know That You Don't

AirDefense
By : AirDefense
INFORMATION
Published : Apr 05, 2006
Length : 10
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :

This document outlines how hackers are exploiting vulnerabilities in 802.11 wireless LANs and describes the widely available hacking tools. As a collection of already published risks to wireless LANs, this white paper is written to inform IT security managers of what they are up against. In order to effectively secure their wireless LANs, enterprises must first know the potential dangers. Information security managers and executives will gain an understanding of sophisticated attacks and the latest threats to wireless LANs.

This paper advocates a layered approach to wireless LAN security that goes beyond new encryption and authentication standards to include 24x7 monitoring to identify rogue wireless LANs, detect intruders and attacks, enforce network security policies and monitor the health of the wireless LAN.
View All Items By This Company
Browse Related Categories :

802.11

,

Hacker Detection

,

Intrusion Prevention

,

Monitoring

,

WLAN

,

Wireless Security
 
1. The Challenge of Wireless LAN Security
Because of their flexibility, affordability, and ease of installation, the use of wireless local area networks (wireless LANS, WLANs, and Wi-Fi) are increasing at a tremendous rate. According to In-Stat MDR estimates, there are currently more than 75 million wireless LANs in use worldwide, with 40 million more estimated to begin operation this year. META Group and In-Stat/MDR estimate that 95% of corporate laptop computers that will be shipped in 2005 will be equipped for wireless operation. An equal amount of wireless support devices, such as access points, routers, printers, scanners, and handhelds, are also being produced to meet the demand for wireless.
As wireless LAN deployments increase, so does the challenge to provide these networks with security. Wireless LANs face the same security challenges as their wired counterparts, and more. Because the medium for wireless is air, wireless LANs have the added issue of securing data that travels the airwaves. This has given momentum to a new generation of hackers who specialize in inventing and deploying innovative methods of hijacking wireless communications.
Some enterprises believe they do not have to concern themselves with wireless security if they run non-mission-critical systems with nonsensitive information on their wireless LANs. This can be a costly mistake, since most enterprise wireless LANs connect back to a wired network at some point. Hackers can use a user laptop as an entry point into the entire enterprise network!
2. Risks and Vulnerabilities of Wireless LANs
Along with the many conveniences and cost-saving advantages to wireless LANs, there are also some inherent risks and vulnerabilities.
The Nature of the Wireless Medium
Traditional wired networks use cables to transfer information, which are protected by the buildings that enclose them. To access a wired network, a hacker must bypass the physical security of the building or breach the firewall.
On the other hand, wireless networks use the air, which is an uncontrolled medium. Wireless LAN signals can travel through the walls, ceilings, and windows of buildings up to thousands of feet outside of the building walls.
Additionally, since the WLAN medium is airwaves, it is a shared medium that allows any one in proximity to "sniff" the traffic. The risks of using a shared medium is increasing with the advent of readily-available "hacker's tools." A variety of specialized tools and tool kits enable hackers to "sniff" data and applications, and to break both the encryption and authentication of wireless data.
Insecure wireless LAN devices, such as access points and user stations, can seriously compromise both the wireless network and the wired network, making them popular targets for hackers.
Insecure Access Points
Access points can be insecure, due to improper configurations and design flaws. Access points ship with default configurations that are insecure. They are pre-configured with a default password; they broadcast service set identifiers (SSIDs); and they often require no encryption or authentication. If deployed with default settings, they become gateways that hackers use to access both the wireless and the wired network.
Intruders can convert laptops into "soft" access points (APs) by either using a variety of software programs, such as HostAP, Hotspotter, or Airsnark, or, by simply using a USB wireless adapter. Using soft APs, a hacker can cause a legitimate user to connect to the hacker's own laptop, compromising that user's machine.
Insecure User Stations
Insecure wireless user stations such as laptops or bar code scanners pose even a greater risk to the security of the enterprise network than insecure access points. The default configuration of these devices offer little security and can be easily misconfigured. Intruders can use any insecure wireless station as a launch pad to breach the network.
Access points can also be reset to default settings by a power surge, system failure, or a reset button.
3. Wireless LANs
Allow Strangers Easy Access Accidental association takes place when a wireless laptop running the LAN-friendly Windows? XP or a misconfigured client automatically associates and connects to a user station in a neighboring network. This enables a hacker to connect to a legitimate user's computer, often without their knowledge. This compromises sensitive documents on the user station, and exposes it to even further exploitation.
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map