The nature of wireless communications makes defending against attacks very difficult but extremely necessary. Threats come in many forms. The vulnerability and exposure of your network comes from inside and outside your network. Arguably, the internal troubles typically outnumber the external threats. Security threats surface as disruption in service, unintentional leaks, and industrial espionage. Both professionals and amateurs carry out attacks against WLAN security shortcomings, which is facilitated by a plethora of publicly available tools. Even then, it might not be a person but rather a byproduct of a careless design. The following describes three profiles of people who can compromise a network.
Now that we know who can carry out WLAN attacks, we will outline the different attack strategies that can be employed. The attack strategies are interception, rogue APs, and denial of service. InterceptionBecause there is no physical link in wireless and because radio transmissions are not contained by physical boundaries, data can be intercepted. Any data that is intercepted is compromised as it can be reassembled, resulting in loss of intellectual property or exploitation of other safeguards. You can, however, put security protocols into place to mitigate or thwart the threat of interception. This is covered in the next section. Interception provides a catalyst for malicious behavior in one of two ways:
Rogue APsRogue access points are by far the most elusive culprits in a WLAN deployment. Many vendors are building solutions that will tackle the problem of rogue APs. Basically, rogue APs are internal or external to your network and can either create a security hole or cause enough interference to disrupt service. Internal rogues usually occur when an employee introduces an AP to the internal network. Ongoing commoditization has resulted in a steep drop in the price of access points. As the cost barrier is removed, some people will not only purchase an AP, but also independently decide to "plug" the personal AP into the network in an attempt to gain more freedom and mobility. One way to thwart this problem is to provide ubiquitous WLAN coverage. However, you can't be sure that this solution will stop the practice entirely. Roque APs are typically not intentionally malicious, but require more effort to detect and mitigate. They threaten the network's well-being and the integrity of the wireless space. Because WLANs rely on the availability of channels of the RF spectrum, having competing devices in the same RF space will likely disrupt your WLAN service. Denial of Service AttackA sometimes overlooked security threat is the overloading of the network that results in the inability to access the network. This Denial of Service (DoS) is a very real threat and can be easily carried out against a WLAN. These attacks, although usually intentional, can sometimes happen by accident. DoS as a security concern can never be ruled out because it can never be completely avoided. DoS has one critical effect on the enterprise: the denial of access to the RF space and thus the lack of network access. You learned in Chapter 2 that there is an opportunity cost associated with unavailability of network access. As the organization becomes more dependent on information and network access, this opportunity cost can rapidly escalate with downtime. |