WLAN Security Threats

Previous page
Table of content
Next page

The nature of wireless communications makes defending against attacks very difficult but extremely necessary. Threats come in many forms. The vulnerability and exposure of your network comes from inside and outside your network. Arguably, the internal troubles typically outnumber the external threats.

Security threats surface as disruption in service, unintentional leaks, and industrial espionage. Both professionals and amateurs carry out attacks against WLAN security shortcomings, which is facilitated by a plethora of publicly available tools. Even then, it might not be a person but rather a byproduct of a careless design. The following describes three profiles of people who can compromise a network.

  • The malicious hacker This is the person who actively tries to exploit security weaknesses of the network. This person's intent is to cause mischief, steal intellectual property, or cause business disruption.

  • The unaware employee The unaware employee is becoming more common. This is a person who has unintentionally opened a vulnerability either directly (such as by installing a rogue AP) or indirectly (such as acting as a catalyst for the spread of a computer virus).

  • The war driver War driving is when individuals or groups drive around and actively look for unprotected WLANs. In some cases, people mark the streets or sidewalks with chalk to indicate the presence of unprotected WLANs, which is also known as war chalking.

Now that we know who can carry out WLAN attacks, we will outline the different attack strategies that can be employed. The attack strategies are interception, rogue APs, and denial of service.

Interception

Because there is no physical link in wireless and because radio transmissions are not contained by physical boundaries, data can be intercepted. Any data that is intercepted is compromised as it can be reassembled, resulting in loss of intellectual property or exploitation of other safeguards.

You can, however, put security protocols into place to mitigate or thwart the threat of interception. This is covered in the next section. Interception provides a catalyst for malicious behavior in one of two ways:

  • Eavesdropping Data sent over a wireless medium can be captured over time. Given enough time, even encrypted data can be decrypted, although well-developed encryption techniques will extend this time from days to years.

  • Impersonation Commonly known as "man-in-the-middle" attacks, even when the data is sufficiently protected against prying ears, devices can be impersonated. This can lead to service availability attacks or inadvertent data capture with the latter leading to the possibility of encryption cracking.

Rogue APs

Rogue access points are by far the most elusive culprits in a WLAN deployment. Many vendors are building solutions that will tackle the problem of rogue APs. Basically, rogue APs are internal or external to your network and can either create a security hole or cause enough interference to disrupt service. Internal rogues usually occur when an employee introduces an AP to the internal network.

Ongoing commoditization has resulted in a steep drop in the price of access points. As the cost barrier is removed, some people will not only purchase an AP, but also independently decide to "plug" the personal AP into the network in an attempt to gain more freedom and mobility. One way to thwart this problem is to provide ubiquitous WLAN coverage. However, you can't be sure that this solution will stop the practice entirely.

Roque APs are typically not intentionally malicious, but require more effort to detect and mitigate. They threaten the network's well-being and the integrity of the wireless space. Because WLANs rely on the availability of channels of the RF spectrum, having competing devices in the same RF space will likely disrupt your WLAN service.

Denial of Service Attack

A sometimes overlooked security threat is the overloading of the network that results in the inability to access the network. This Denial of Service (DoS) is a very real threat and can be easily carried out against a WLAN. These attacks, although usually intentional, can sometimes happen by accident. DoS as a security concern can never be ruled out because it can never be completely avoided. DoS has one critical effect on the enterprise: the denial of access to the RF space and thus the lack of network access. You learned in Chapter 2 that there is an opportunity cost associated with unavailability of network access. As the organization becomes more dependent on information and network access, this opportunity cost can rapidly escalate with downtime.



Previous page
Table of content
Next page
The Business Case for Enterprise-Class Wireless Lans
The Business Case for Enterprise-Class Wireless LANs
ISBN: 1587201259
EAN: 2147483647
Year: 2004
Pages: 163
Authors: David Castaneda, Oisin Mac Alasdair, Christopher Vinckier
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
A+ Fast Pass
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
The Complete Cisco VPN Configuration Guide
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy