Chapter 4: Security and 802.11

Previous page
Table of content
Next page

Overview

Unlike wired systems, which can be physically secured, wireless networks are not confined to the inside of buildings. They can be picked up as far as 1,000 feet outside of the premises with a laptop and a gain antenna. This makes wireless local area networks (WLANs) inherently vulnerable to interception.

Knowing this, the 802.11 committee added a first line of defense called Wireless Equivalency Protocol (WEP). WEP is an encryption protocol that provides the same level of security that wired cables provide. The standard provides both 40- and 128-bit (really only 104-bit) encryption at the link layer using the RC4 algorithm, which is allowed for export by the U.S. government.

Amazingly, many users do not use this encryption at all. This has led to a new hobby called war driving or LAN jacking where people pack a wireless-equipped laptop and drive around looking for open networks to surf. However, some people take this same approach to spy on corporations and hack into networks.

Electronics retailer Best Buy Co. ran into trouble in the spring of 2002 when customers who had purchased WLAN cards from Best Buy installed the cards in their laptops before they left the parking lot. The customers noticed unencrypted WLAN traffic that contained customer information and possibly credit card numbers. The Best Buy case is an example of why enterprises should at least encrypt their WLAN traffic with WEP. By the end of 2002, it is expected that 30 percent of enterprises will suffer serious security exposures from deploying WLANs without implementing the proper security.[1]

Recently, several weaknesses have been discovered in the WEP protocol. The 802.11i Task Force is currently working on extensions that will help secure the protocol. According to the Wi-Fi Alliance, formally the Wireless Ethernet Compatibility Alliance (WECA), smaller organizations should at least turn on WEP, password protect shared drives and resources, change the network name from the default (the service set identifier [SSID]), use Media Access Control (MAC) address filtering, use session keys, and use a virtual private network (VPN) system. They also suggest that larger organizations should consider additional security methods.

This chapter seeks to define the risks and known problems with WEP as it has been implemented, and identify what needs to be done to secure a variety of installations based on the level of threat expected for the application.

[1]Martin Reynolds, "What's Up With Wep?" Strategy, Trends and Tactics, Gartner Group, August 9, 2001.


Previous page
Table of content
Next page
Wi-Fi Handbook(c) Building 802.11b Wireless Networks
Wi-Fi Handbook : Building 802.11b Wireless Networks
ISBN: 0071412514
EAN: 2147483647
Year: 2003
Pages: 96
Authors: Frank Ohrtman, Konrad Roeder
BUY ON AMAZON
Qshell for iSeries
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
C++ How to Program (5th Edition)
The Lean Six Sigma Pocket Toolbook. A Quick Reference Guide to Nearly 100 Tools for Improving Process Quality, Speed, and Complexity
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy