Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wireless Security Attacks and Defenses

Posted by ryuzaki0 on from the keeping-the-aether-safe dept.

An anonymous reader writes "IT-Observer is running a comprehensive overview of wireless attacks and defenses. From the article: 'Wireless technology can provide numerous benefits in the business world. By deploying wireless networks, customers, partners, and employees are given the freedom of mobility from within and from outside of the organization. This can help businesses to increase productivity and effectiveness, lower costs and increase scalability, improve relationships with business partners, and attract new customers.'"

3 of 120 comments (clear)

  1. Re:Duh! by Silver+Sloth · · Score: 4, Insightful

    Which is a very good reason for not implementing it. I would strongly advise any business not to install IT which they don't understand how to implement and secure it properly because they would be, unwittingly, leaving the door open.

    Here in the rarified atmosphere of /. we may laugh at the lamers and their pathetic inability to utilise IT. Out there in the real world people are simply getting on with it. Maybe they have better things to spend their time and money on than installing all the latest geek toys.

    As a frinstance, my brother is a very successful salesman. He doesn't even own a laptop and can see no reason to do so. He's too busy earning a great deal more money than I do to bother about it.

    --
    init 11 - for when you need that edge.
  2. Re:The article is 100% wrongheaded by Anonymous Coward · · Score: 4, Insightful

    Yeah, 'cause setting up a VPN or ssh tunnels is something EVERYONE can do.

    Oh wait, they can't... following the techniques outlined in the article won't stop someone who is determined to get somewhere, just like locking your door won't keep someone who really wants to get into your house out, but as a general deterrant works pretty well.

    If you're that bloody paranoid about someone scooping your shemale porn downloads, just stay on the wire.

  3. Hardly comprehensive...barely even useful by sarkeizen · · Score: 5, Insightful

    I maintain a wireless network of over 40 AP's for a college campus. This article spends much time on nothing.

    a) 'default' SSIDS are irrelevant. It doesn't make the networks easier to find. It's not like when I ask windows to "View Wireless Networks" it only shows me the ones called "linksys". Perhaps at one time seeing a router called 'linksys' might have made me think that the user is less likely to be running encryption but under XP it tells me right away which ones are encrypted and which aren't.

    b) Warchalking - old hat. Perhaps before it was feasable to simply leave my PDA running as I walk around and report all the AP's it sees this might have been useful.

    c) WEP - You've got to be joking. The article mentions the 'newer 128-bit specification' doesn't mention DWEP using 802.1x or WPA. Either make it much harder to crack.

    d) IDS - Possibly useful but really only once someone is accessing your system via your wireless.

    e) MACs - The article seems to vassilate here, on one hand saying that MAC isn't meant for access control and on the other saying that you should use them for ACLs. MAC authentication is useless, it's trival to find a useful MAC address on any network that's used regularly.

    f) DHCP - Stupid. Disabling it stops very little for very long. The vast majority of WLANs are using one of the three non-routable IP ranges. It wouldn't take me long to find one that's accessable. It also introduces a serious pain for the maintainers for the network.

    What it should mention are the following:

    a) Authentication - 802.1x preferably. I personally don't like web portals as it makes it easier to fool users with "evil twin" attacks.

    b) WPA2, using WEP or idealy AES.

    c) For corporate WLANs use a system that can use your own wireless networks to detect rogue AP's. I'm using Nortel (now cisco) 2270 (with 2230 aps) and I have SNMP traps which warn me when someone in the WLAN starts up an AP.

    d) VLANS - keep the WLAN traffic restricted to particular ports, destinations.

    e) Have a written policy for your users. Make them understand that adding their own wireless equipment is forbidden.

    f) Using some kind of authentication on your ethernet jacks helps - it's hard to find an AP that will do 802.1x on the WAN side. Even so, it would be tied to a particular user. Using the information from (c) you can just disable their account.

    f) Invest in a solution that keeps users OS and Virus software up-to-date.