Implementation Countermeasures

Previous page
Table of content
Next page

Implementation countermeasures are the controls in the process. Controls in WLAN management allow or restrict an activity or event from occurring. Think of all wireless networking as unsecured and publicly available. If possible move the access point into a DMZ (a protected sub- network on the LAN) where sensitive data are not available to attackers . Implement firewall protection to protect you from attacks and log attack attempts.

  • Only use WAPs and NICs that support at least 64-bit (preferably a 128 bit) WEP.

  • Consider using third-party encryption tools and third-party authentication before you permit communication with your access point.

  • Try to physically locate the WAP so that its signal will be harder for a network sniffer to locate. Pay close attention to the orientation of the antenna; avoid locating the WAP near windows , or in a room adjacent to a street or parking lot.

  • Do a periodic assessment of wireless networks in and around your workplace/home using a sniffer or employing a consulting service. It is easy for an employee to buy an NIC and a WAP and install them on a workstation. Some operating systems automatically bridge a WAP with the wired network, providing network access (behind the firewall) and proprietary information to anyone with a wireless card. An assessment will determine if security measures are in place, or if there have been any changes to the configuration. An assessment will also show how far wireless signals will travel outside your building.

  • Purchase wireless technology that has flash upgradeable firmware. New security enhancements such as Wi-Fi Protected Access (WPA) are being developed, and with an upgradeable product, the likelihood of being able to use this technology is greater. Consider using WPA as it becomes available. WPA will have many new wireless security features, including authentication, key management, Temporal Key Integrity Protocol (TKIP), integrity checking, replay protection, and Advanced Encryption Standard (AES) encryption support.

  • Ensure that your computers are running at the most current software patch level. This makes it harder to attack your systems and information if hackers gain access to the wireless network.

  • Use an antivirus application with the most current virus and worm signature updates. This will help to prevent an attacker who has gained access to your network from installing a Trojan to gain backdoor access to your computer, and will protect your computer from other malicious code.

  • Restrict physical access to the access point; keep it out of sight and in a locked area. By restricting access to the WAP you will help to ensure that unauthorized persons are not able to physically reset, control, or reconfigure the device.



Previous page
Table of content
Next page
Information Technology Security. Advice from Experts
Information Technology Security. Advice from Experts
ISBN: 1591402484
EAN: N/A
Year: 2004
Pages: 113
BUY ON AMAZON
Agile Project Management: Creating Innovative Products (2nd Edition)
Inside Network Security Assessment: Guarding Your IT Infrastructure
Oracle Developer Forms Techniques
Java How to Program (6th Edition) (How to Program (Deitel))
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy