Computerworld - Wi-Fi networks use short-range radio frequencies to communicate between devices, eliminating the necessity for running cable. While operating without wires is an advantage, users and IT personnel need to be aware that Wi-Fi networks do not recognize walls as barriers. The challenge is that Wi-Fi networks extend outside of approved areas, leaving users with leaky Wi-Fi and in the position where someone else's Wi-Fi network may be present and beckoning.
Wi-Fi technology creates many opportunities for malicious hackers to compromise systems and gain access to private data. In addition, the most common safeguards to securing 802.11 wireless LANs -- authentication, encryption and virtual private networks (VPN) -- are insufficient.
Like a grass hut, WLANs have doorways that close, but the structure remains porous. In the same way that sunlight leaks into a grass hut, Wi-Fi signals leak into and out of a company, building, campus or military base. The door on the hut is akin to the complex encryption, authentication and VPN layers designed to keep wireless networks safe. However, strengthening the "steel door" will not minimize the hut's remaining weak defense. While enterprise security professionals are concerned with outsiders breaking in, Wi-Fi networks heighten this concern with outside networks that overlap physical space.
Security is fundamentally about assumptions, and the problem with Wi-Fi is that assumptions change. There is a threat of exposed data in the air in the 300-to-500-foot radius around all laptops and access points. Because hackers can "spoof" a Media Access Control address and remain anonymous, it's almost impossible to block them at the so-called steel door. In addition, Wi-Fi attackers can deploy their own networks into an office by using their access points to attack laptops and systems. And they don't even need to be in the building.
What can be done to stop Wi-Fi attackers? First, look at the genesis of attacks. The majority of these attacks fall into one of these categories: to crack, to compromise and to circumvent the existing wireless security. In this piece, we will examine these attacks and provide best practices to safeguard WLANs.
Cracking the code
"Cracks" are the most direct attacks on encryption algorithms and have been particularly successful within the Wi-Fi environment. A Wi-Fi attacker can sit outside of his target in a parking lot or across the street and unassumingly engage in active or passive attacks while trying to crack an organization's encryption.
In the 1990s, when Secure Sockets Layer (SSL) was introduced, hackers attacked it, not by going after the underlying encryption algorithm, but
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
