
Subscribe to
Computerworld
or
Other Networking and Internet Stories
January 26, 2006 (Computerworld) -- Wi-Fi networks use short-range radio frequencies to communicate between devices, eliminating the necessity for running cable. While operating without wires is an advantage, users and IT personnel need to be aware that Wi-Fi networks do not recognize walls as barriers. The challenge is that Wi-Fi networks extend outside of approved areas, leaving users with leaky Wi-Fi and in the position where someone else's Wi-Fi network may be present and beckoning.
Wi-Fi technology creates many opportunities for malicious hackers to compromise systems and gain access to private data. In addition, the most common safeguards to securing 802.11 wireless LANs -- authentication, encryption and virtual private networks (VPN) -- are insufficient.
Like a grass hut, WLANs have doorways that close, but the structure remains porous. In the same way that sunlight leaks into a grass hut, Wi-Fi signals leak into and out of a company, building, campus or military base. The door on the hut is akin to the complex encryption, authentication and VPN layers designed to keep wireless networks safe. However, strengthening the "steel door" will not minimize the hut's remaining weak defense. While enterprise security professionals are concerned with outsiders breaking in, Wi-Fi networks heighten this concern with outside networks that overlap physical space.
Security is fundamentally about assumptions, and the problem with Wi-Fi is that assumptions change. There is a threat of exposed data in the air in the 300-to-500-foot radius around all laptops and access points. Because hackers can "spoof" a Media Access Control address and remain anonymous, it's almost impossible to block them at the so-called steel door. In addition, Wi-Fi attackers can deploy their own networks into an office by using their access points to attack laptops and systems. And they don't even need to be in the building.
What can be done to stop Wi-Fi attackers? First, look at the genesis of attacks. The majority of these attacks fall into one of these categories: to crack, to compromise and to circumvent the existing wireless security. In this piece, we will examine these attacks and provide best practices to safeguard WLANs.
Cracking the code
"Cracks" are the most direct attacks on encryption algorithms and have been particularly successful within the Wi-Fi environment. A Wi-Fi attacker can sit outside of his target in a parking lot or across the street and unassumingly engage in active or passive attacks while trying to crack an organization's encryption.
In the 1990s, when Secure Sockets Layer (SSL) was introduced, hackers attacked it, not by going after the underlying encryption algorithm, but through random number generators. It was hard to break SSL, but because SSL was built on top of random number generation, attackers could guess for access. Similarly with other encryption standards, there will be flaws in the implementation, and it's a matter of time before attackers find and infiltrate WLANs.
Compromising security virtues
With more vulnerabilities present than in the wired world, Wi-Fi networks are ripe for attacks based on compromised security and the anonymous nature of the attack. Attackers target parts of the WLAN system where minimal security has been deployed using strategies such as the following:
|
|
Print this Story |
|
Send Us Feedback |
|
E-mail this Story |
|
Digg this Story |
|
Slashdot this Story |
|
|
|
|
|
|
|
|
All Zones Application Performance Zone Business Continuity Zone Data Center Management Zone Enterprise-Class Security Zone The File Data Management Zone Grid Computing on Windows Zone Security Management Zone ITIL Best Practices Zone The SAS Zone Storage Virtualization Zone Business Intelligence and Analytics Zone |
|
|
| ||||||||
| ||||||||
| ||||||||
|


| XenServer FREE trial Citrix XenServer is the simplest and most effective way to virtualize and provision servers. XenServer combines comprehensive server virtualization capabilities with unparalleled scalability, performance, economics, and ease-of-use. Based on the open source Xen hypervisor, XenServer delivers fast performance, easy management, and advanced features such as live migration. |

Who needs Mrs. Doubtfire? When it comes to spot-on "advice," we've got Aunt Donna.
|
Accelerate your pursuit of perfection For almost 80 years, Kodak has been helping banks, insurance companies, healthcare providers, government agencies and other businesses produce billions of document images. So Kodak is uniquely positioned to know and deliverwhat customers want: easy-to-use scanners that output the best possible image quality. Download this white paper now!
|

Networking Know-HowFor tips and best practices on building anything in the network, see Sandra Gittlen's regular column. Click here to read the latest column by Sandra Gittlen |
| |
![]()
Troubleshooting Remote Site Networks - Best Practices
Management and remote site employees expect the same level of network service as the headquarters site. However, when IT staff are faced with limited resources to support remote site networks, often the applications, services and performance at those sites is not as robust as the headquarters site. See how to deliver a high level of network service at remote sites using the best practices outlined in this white paper.Read whitepaper now ![]() |
![]()
Super-size your LAN with fiber
Fiber optic technology frees the Local Area Network (LAN) from the confines of a single building, allowing a LAN to extend across a campus or a metropolitan area. Read how the selection of fiber optic components affects repeaterless transmission distance and how one school district used fiber to build a more reliable and more cost effective high-speed, district-wide network. Also, read how Metropolitan Area Network (MAN) ownership may require self-assessment of network performance.Read whitepaper now ![]() |
![]()
Determining the cause of poor application performance
Are users constantly complaining that your network is too slow? Or that they canât connect or can't stay connected? Are network applications hanging and slowing productivity? Do you spend way too much time trying to isolate the source of the problem and to prove that often the issue isn't the network at all but the application? In this on demand webcast, learn best practices and common root causes of application problems using case studies and live network traffic.Watch webcast now ![]() |
| About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map |
|
CIO The Industry Standard |


