Wi-Fi Plays Defense

Joanie Wexler   Today’s Top Stories   or  Other Security Stories  

Web Threats Don't Discriminate The Secure Web Gateway. Mission Critical For Business Dynamic Data Center and Virtualization Drives Operational Excellence at Emory Healthcare Fast and Simple Recovery of Your Critical Microsoft® Applications with Symantec Backup Exec" Converging System and Data Protection for Complete Disaster Recovery Learn How to Think Ahead of Attacks and Protect your Data For the Future Compterworld Technology Briefing: Intelligent Users Use Business Intelligence Computerworld Report- Large Enterprises Pay More for IPAM An Apple for Your Enterprise? Sign up to receive Security Resource Alerts

August 23, 2004 (Computerworld) -- Unbounded by the physical constraints of cabling and walls, wireless LANs have proved tricky to secure. Now that the long-awaited 802.11i standard for enhanced WLAN security has been ratified, can IT assume that WLANs have grown as secure as their cabled counterparts?
Hardly.
It will take time for vendors to migrate their products to 802.11i, approved in June, and for IT organizations to adopt them. And the Wi-Fi Alliance won't even start interoperability testing of 802.11i products until next month.
More important, 802.11i represents just the finishing touch to a series of steps in wireless security standards development. Much of it has already been available for about 18 months in an 802.11i subset called Wi-Fi Protected Access (WPA). And while standards-based security technology plays a big part in protecting enterprises, the issues reach beyond a signed set of technical specs.
For example, there's a broad installed base of specialized client devices, such as bar code scanners, that run the MS-DOS operating system. They are not upgradable, even to earlier versions of authentication and encryption, let alone to 802.11i, which requires Advanced Encryption Standard protection. AES will require hardware upgrades - even for far newer products. As enterprises expand their WLANs, these legacy devices might well become the weakest link in the wireless security chain.
And some administrators lack confidence in their ability to properly implement the various pieces of WLAN security, particularly since new attacks regularly make headlines.
Asserts Pete Davis, assistant network engineer for the Spring Independent School District in Spring, Texas, "It requires much time and effort to determine what's real and what's market-speak. There's a lot of FUD [fear, uncertainty and doubt] being spread about wireless security."
Technology Headway
The formal 802.11i standard, which includes WPA, does bolster the confidentiality and integrity of WLANs. Tom Hagin, vice president of the wireless business practice at integrator NetXperts Inc. in San Ramon, Calif., says the standard has taken Wi-Fi security "from prepuberty to just past puberty."
"In the past six months, we haven't had anyone say they weren't going to install wireless because it isn't secure. Prior to that, we did," he says.
WPA, available in many WLAN network interface cards (NIC) and access points (AP), was developed after university researchers demonstrated the ease with which hackers could break static encryption keys in the 802.11's Wired Equivalent Privacy (WEP) mechanism in 2001. WPA requires products to rotate encryption keys on a per-packet basis so they are much harder to crack. WPA also uses the industry-standard 802.1x framework for strong user authentication.
And AES, the U.S. government block-cipher standard for 128-bit data encryption, replaces the RC4 stream-cipher encryption that WEP

Continued...
1 | 2 | 3 | NEXT  

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

Wi-Fi Plays Defense

Sidebar: Threats to Watch

"The recent attacks in Mumbai were carried out by assailants using high tech methods. It’s just another way in which..." Read more... Read more Security posts or See all Blogs

Virtually every Windows PC at risk, says Secunia License server glitch exposes SonicWall users to e-mail security threats Transmitting data from the middle of nowhere More top stories...

Moving to a start-up? Fasten your seatbelt In high-tech schools of the future, Facebook in class is boosted -- not banned Clues point to Jan. 13 release of Windows 7 beta

Review: The new MacBook Air, now with extra SSD goodness Thin as ever, the latest Air offers up to twice the storage and snappy performance. Cool Stuff: Your 2008 Holiday Gift Guide We've got an array of economical, expensive, and just plain weird tech gifts for your friends and family. Massive botnet returns from the dead, starts spamming The spam-spewing 'Srizbi' botnet that was shut down two weeks ago has been resurrected and is again under criminal control, say security researchers. Elgan: Why you can't trust 'friends' on Facebook Facebook is popular and growing -- especially with criminals. Here's why they love it. Windows 7 Get the latest news, reviews and more about Microsoft's newest desktop operating system More Continuing Coverage Windows 7 Voting Technology Google's Chrome browser Economy in turmoil: Latest news and tips iPhone 3G Bill Gates moves on Windows Vista A to Z Mac A to Z 2008 Salary Survey Find wage data for 50 IT job titles. More Special Reports 2008 Premier 100 IT Leaders 2007 Premier 100 IT Leaders 2008 Best Places to Work in IT 2007 Best Places to Work in IT 2008 Salary Survey 2007 Salary Survey 2006 Salary Survey 2008 IT Forecast 2007 IT Forecast 40 Years of Computerworld Top 12 Green-IT Users The FAQs About Going Green IT Schools to Watch iPhone: One Year Later Global Mobile Your Next Data Center Management: Reinventing IT Stop Data Leaks Web 2.0 Security Surviving Disasters Managing Storage Virtualization The Lean Storage Machine Storage on Trial Can Web 2.0 Save BI? Bypass These BI Potholes All Zones Business Continuity Zone The File Data Management Zone Security Management Zone The SAS Zone Business Intelligence and Analytics Zone The Enterprise Search Zone Software as a Service Zone The Security Zone See your link here

Moving to Windows Vista: The Promise, The Reality Moving to Windows Vista: The Promise, The Reality View this exclusive webcast today! Go to the webcast  Computerworld Executive Bulletin: Building a Robust Antivirus Defense Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs. (Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more. Download this executive briefing  Record Capacity for Microsoft� Exchange 2007 With VMware and IBM System x3850 M2 Download this white paper today! (Source: VMware) The more that e-mail becomes an entrenched IT infrastructure application, the more that messaging administrators face numerous--sometimes conflicting--demands in the categories of availability, flexibility and cost. Employing a virtual solution can help avoid expensive over-provisioning of server computing resources, while improving management and disaster recovery. And ultimately, it can more than double the number of supportable Exchange 2007 users, as compared to a non-virtualized environment. This whitepaper explains how to break down the scalability barrier and respond faster to your mail system needs. Download this white paper  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. The Importance of Application Management Dell Client Migration and Deployment Services Windows� Enterprise Data Protection with Symantec Backup Exec" View more whitepapers

• Wi-Fi Plays Defense
• Sidebar: Threats to Watch

• Virtually every Windows PC at risk, says Secunia
• Moving to a start-up? Fasten your seatbelt
• License server glitch exposes SonicWall users to e-mail security threats
• More top stories 

The Security Zone With the mobility of employees and the ease with which external devices can be brought in and out of a network, continuing to build your security plan for network servers and clients is a must. Fortunately, there is much that organizations can do to protect themselves from attacks - internal and external. Having the right policies, procedures and server configurations is critical... Learn more in The Security Zone See All Zones

Fired up about IT? Join Sharkbait and share your true tales of IT. SharkBait is the place for you to sound off about everything IT – the good, the bad, and the rest of the weird stuff you deal with every day. New baits

"Turning information into a Competitive Advantage" Companies today are realizing that competitive advantage is harder to sustain when based solely on gains in productivity and cost efficiency. The focus is shifting to invest more in business optimization initiatives which rely on trusted information to develop new insights that deliver better business results. But how can this be done efficiently in a business environment across multiple applications and processes. The answer is an Information Agenda - an innovative approach to transforming business information into a strategic asset for competitive advantage. View this webcast now!  See more Webcasts

Dan Tynan Today's Internet has been brought to you by porn YouTube and Ning are trying to shed adult-oriented content to appeal to mainstream advertisers. Will it work? ... [more]