State of Secure Wireless Networking?
Mr. Sketch asks: "At my office, they want me to add a wireless network and it seems like it could be possible to do it in a secure way, but I'm not 100% confident. The setup I was thinking of was 802.11g only (no backward 802.11b compatibility), WPA-PSK with AES encryption with a 15 character password consisting of upper and lower case letters and numbers and special characters, MAC filtering, no ssid broadcast, and no default anything (ssid, passwords, etc). How secure would this network be? What type of attacks would it be vulnerable to? I haven't found any tools to crack AES, only WEP, does that mean it's secure or I just that I haven't looked hard enough? I want the wireless computers to still be able to access the computers on our network, in fact ideally, I just want it to be a wireless extension of our wired network, but only if it's secure enough. I'm sure there are plenty of other companies who want to add wireless to their network, but want to be reasonably confident that it will be secure and are unsure of the current state of wireless security."
and address. I will tell you if its secure ;)
I do some wardriving and I can tell you that I wouldn't even attempt to break into what you just described wirelessly. If I did want in, it would be much easier to walk in the front door and socially engineer the secretary. WEP has been broken, I seem to thing one form of WAP has been, not sure which, but it is so difficult that a physical attack would be much more likely. Is your wired network that secure or can anyone plug into an open port and have full access?
You should map the network, understand where the signal reaches and try to tune the power to only go where you want it.
If you are paranoid enough to want to try all of the layers of encryption, and you should be, its fun to do. Then go with the setup you have and put IPSEC on top, that will make it at least as secure as your wired side. Be aware that you won't get anywhere near 54MBs with all of the encryption loading down the system, so it will be slow.
I am not aware of any attacks that could brute force this setup, but it would be easier for someone to socially engineer it, MAC addresses can be cloned, VPN logins stolen, so some form of automated monitoring would be nice, checking for duplicate logins, unauthorized times. Why is Bob trying to authenticate at 3AM? That kind of stuff.