1. The Challenge o WirelessLAN Security
Because o their exibility, aordability, and ease oinstallation, the use o wireless local area networks(wireless LANS, WLANs, and Wi-Fi) are increasingat a tremendous rate. According to In-Stat MDRestimates, there are currently more than 75 millionwireless LANs in use worldwide, with 40 millionmore estimated to begin operation this year. METAGroup and In-Stat/MDR estimate that 95% ocorporate laptop computers that will be shipped in2005 will be equipped or wireless operation. Anequal amount o wireless support devices, suchas access points, routers, printers, scanners, andhandhelds, are also being produced to meet thedemand or wireless.As wireless LAN deployments increase, so does thechallenge to provide these networks with security.Wireless LANs ace the same security challengesas their wired counterparts, and more. Becausethe medium or wireless is air, wireless LANshave the added issue o securing data that travelsthe airwaves. This has given momentum to a newgeneration o hackers who specialize in inventingand deploying innovative methods o hijackingwireless communications.Some enterprises believe they do not have toconcern themselves with wireless security i theyrun non-mission-critical systems with non-sensitiveinormation on their wireless LANs. This can bea costly mistake, since most enterprise wirelessLANs connect back to a wired network at somepoint. Hackers can use a user laptop as an entrypoint into the entire enterprise network!
2. Risks and Vulnerabilitieso Wireless LANs
Along with the many conveniences and cost-savingadvantages to wireless LANs, there are also someinherent risks and vulnerabilities.
The Nature o the Wireless Medium
Traditional wired networks use cables to transerinormation, which are protected by the buildingsthat enclose them. To access a wired network, ahacker must bypass the physical security o thebuilding or breach the frewall.On the other hand, wireless networks use theair, which is an uncontrolled medium. WirelessLAN signals can travel through the walls, ceilings,and windows o buildings up to thousands o eetoutside o the building walls.Additionally, since the WLAN medium isairwaves, it is a
shared medium that allows any one in proximity to
“sni” the trafc
. The riskso using a shared medium is increasing with theadvent o readily-available “hacker’s tools.” Avariety o specialized tools and tool kits enablehackers to “sni” data and applications, and tobreak both the encryption and authentication owireless data.
Insecure Wireless LAN Devices
Insecure wireless LAN devices, such asaccess points and user stations, can seriouslycompromise both the wireless network and thewired network, making them popular targetsor hackers.
Insecure Access Points
Access points can be insecure, due to improperconfgurations and design aws.Access points ship with deault confgurationsthat are insecure. They are pre-confgured witha deault password; they broadcast service setidentifers (SSIDs); and they oten require noencryption or authentication. I deployed withdeault settings, they become gateways thathackers use to access both the wireless and thewired network.
3
WHITE PAPER: Wireless LAN Security: What Hackers Know That You Don’t
“Wireless LANs are a breeding ground or new attacks because the technology is young and organic growth creates the potential or a huge payo or hackers.”
Pete Lindstrom,Spire Security
Leave a Comment