This document outlines how hackers are exploiting vulnerabilities in 802.11 wireless LANs and describes the widely available hacking tools. As a collection of already published risks to wireless LANs, this white paper is written to inform IT security managers of what they are up against.
White Pap
White Paper
Wireless LAN Security: What Hackers Know That You Don't
This white paper describes the methods, skills, and tools that hackers use to exploit vulnerabilities in 802.11 wireless LANs. A good understanding of hacker tools and techniques and the vulnerabilities they exploit enables security managers to take pro-active steps to properly secure their wireless networks and mitigate security risks.
1. The Challenge of Wireless LAN 2. Risks and Vulnerabilities of Wireless Security LANs Because of their flexibility, affordability, and ease Along with the many conveniences and cost-saving of installation, the use of wireless local area advantages to wireless LANs, there are also some networks (wireless LANS, WLANs, and Wi-Fi) inherent risks and vulnerabilities. are increasing at a tremendous rate. According to In-Stat MDR estimates, there are currently more "Wireless LANs are a breeding ground than 75 million wireless LANs in use worldwide, for new attacks because the technology with 40 million more estimated to begin operation is young and organic growth creates the this year. META Group and In-Stat/MDR estimate potential for a huge payoff for hackers." that 95% of corporate laptop computers that will be Pete Lindstrom, Spire Security shipped in 2005 will be equipped for wireless operation. An equal amount of wireless support devices, such as access points, routers, printers, scanners, and handhelds, are also being produced The Nature of the Wireless Medium to meet the demand for wireless. Traditional wired networks use cables to transfer information, which are protected by the buildings As wireless LAN deployments increase, so does that enclose them. To access a wired network, a the challenge to provide these networks with hacker must bypass the physical security of the security. Wireless LANs face the same security building or breach the firewall. challenges as their wired counterparts, and more. Because the medium for wireless is air, wireless On the other hand, wireless networks use the air, LANs have the added issue of securing data that which is an uncontrolled medium. Wireless LAN travels the airwaves. This has given momentum to signals can travel through the walls, ceilings, and a new generation of hackers who specialize in windows of buildings up to thousands of feet inventing and deploying innovative methods of outside of the building walls. hijacking wireless communications. Additionally, since the WLAN medium is Some enterprises believe they do not have to airwaves, it is a shared medium that allows any concern themselves with wireless security if they one in proximity to "sniff" the traffic. The risks of run non-mission-critical systems with non- using a shared medium is increasing with the sensitive information on their wireless LANs. This advent of readily-available "hacker's tools." A can be a costly mistake, since most enterprise variety of specialized tools and tool kits enable wireless LANs connect back to a wired network at hackers to "sniff" data and applications, and to some point. Hackers can use a user laptop as an break both the encryption and authentication of entry point into the entire enterprise network! wireless data.
Insecure Wireless LAN Devices Access points can also be reset to default settings Insecure wireless LAN devices, such as access by a power surge, system failure, or a reset button. points and user stations, can seriously compromise both the wireless network and the wired network, "As wireless networks become making them popular targets for hackers. ubiquitous extensions of wired networks, problems with rogue access points will Insecure Access Points wane - though accidental network Access points can be insecure, due to improper associations and attacks against mobile configurations and design flaws. laptops will increase. This makes it very important to understand the risks of Access points ship with default configurations that wireless LAN laptops and other devices are insecure. They are pre-configured with a that are present in every organization." default password; they broadcast service set Gartner identifiers (SSIDs); and they often require no encryption or authentication. If deployed with 3. Wireless LANs Allow Strangers Easy Access default settings, they become gateways that Accidental association takes place when a hackers use to access both the wir... [download for more]
