9.5 Exploitable WLAN Configurations

It is important that network administrators learn to properly configure administrative passwords, encryption settings, automatic network connection functions, reset functions, Ethernet Medium Access Control (MAC) Access Control Lists (ACLs), shared keys, and Simple Network Management Protocol (SNMP) agents . Doing so will help eliminate many of the vulnerabilities inherent in a vendor's out-of-the-box default configuration settings. Network administrators should configure APs in accordance with established security policies and requirements. A description of each of the vulnerabilities that can result from one of these configuration problems was presented in Chapter 8. The following list will refresh your memory:

Default passwords not updated
WLAN encryption not set for the strongest encryption available
No controls over the reset function
MAC ACL functionality not in use
Not changing the SSID from its factory default
Not changing default cryptographic keys
Not changing the default SNMP parameter
Not changing the default channel
Not using DHCP

Now, let's look at how intruders use these WLAN weaknesses to exploit an organization.