Wireless LANs utilize radio waves for transporting information, which results in security vulnerabilities that justifiably worry network managers. To assuage those worries, most companies implement authentication and encryption to harden security.
However, WLANs have a whole host of other vulnerabilities that can be more difficult to completely smother such as illicit monitoring, unauthorized access, and denial of service (DoS) attacks. For example, someone using a wireless sniffer, such as the freely-available NetStumbler, can easily monitor wireless traffic for fun or malicious intent while sitting in their car next to your office building.
Fortunately, intrusion detection systems (IDSs) can secure networks against these threats.
Effective encryption, such as that offered by 802.11i, is essential, of course, because it will keep hackers from deciphering the content of data. And authentication systems make sure that the person logging on to the network is who he or she claims to be.
However, a seasoned wireless hacker can still use monitoring and find valuable information regarding the network in order to possibly exploit security holes.
A potential, if unknowing, ally to that hacker could be an employee who installs an access point without setting any security controls. In my consulting work, I often find these types of rogue access points when performing security assessments for enterprises. The employee may not even think he or she is installing a rogue access point but, rather, is simply trying to gain access to data while away from their desk.
Read this full article at Security Pipeline
Powered by AkoComment! |
