The security risks and ways to decrease vulnerabilities in a 802.11b wireless environment

Written by Richard Johnson

Continued from page 1

Insecure Network Configurations- Many companies think that if they are using a firewall or a technology such as VPN, they are automatically secure. This is not necessarily true because all security holes, big and small, can be exploited. Also if devices and technologies, such as VPNs, firewalls or routers, are mis-configured,repparttar network can be compromised.

Accidental Associations – This can happen if a wireless network is setup usingrepparttar 107830 same SSID as your network and within range of your wireless device. You may accidentally associate with their network without your knowledge. Connecting to another wireless LAN can divulge passwords or sensitive document to anyone onrepparttar 107831 neighboring network. Wireless LAN Security – What Hackers Know That You Don't Copyright 2002

Social Engineering – Social Engineering is one ofrepparttar 107832 most effective and scariest types of attacks that can be done. This type of attack really scares me and can be done for many other purposes besides compromising security in wireless networks. A scenario: Someone dressed up as a support person from Cisco entersrepparttar 107833 workplace. The secretary sees his fake credentials and lets him get passrepparttar 107834 front desk. The impersonator walks from cubicle to cubicle, collecting user names and passwords as he/she goes. After finding a hidden corner, which seems to be lightly traveled, he plugs an insecure Access Point intorepparttar 107835 network. Atrepparttar 107836 same time he configuresrepparttar 107837 Access Point to not broadcast its SSID and modifies a few other settings to make it hard forrepparttar 107838 IT department to find this Rouge Access Point. He then leaves without ever being questioned by anyone because it looks like he just fits in. Now, all he has to do is be within 300 feet fromrepparttar 107839 access point, (more if he added an antenna), and now has access to all kinds of secure documents and data. This can be a devastating blow to any corporation and could eventually lead to bankruptcy ifrepparttar 107840 secrets ofrepparttar 107841 company were revealed to competitors. Bruce Schneier came to my classroom and saidrepparttar 107842 following about Social Engineering, “Someone is just trying to do their job, and be nice. Someone takes advantage of that by targeting this human nature. Social Engineering is unsolvable.”

Securing Wireless Networks

According to Bruce Schneier and others such as Kevin Mitnick, you can never have a totally secure computing environment. What is often suggested is to try and controlrepparttar 107843 damage which can be done if security is breached. One can try many different tools onrepparttar 107844 market which can help prevent security breaches.

WEP – WEP supports both 64 and 128-bit keys. Both are vulnerable, however, becauserepparttar 107845 initialization vector is only 24-bits long in each case. Its RC4 algorithm, which is used securely in other implementations, such as SSL, is quite vulnerable in WEP. Http:// Wireless Insecurities By Dale Gardner. Different tools exist to break WEP keys, including AirSnort, which can be found at Although this method is not a secure solution, it can be used to help slowdown an attacker if other means are not possible financially or otherwise.

VPN and IPSec- IPSec VPNs let companies connect remote offices or wireless connections usingrepparttar 107846 public Internet rather than expensive leased lines or a managed data service. Encryption and authentication systems protectrepparttar 107847 data as it crossesrepparttar 107848 public network, so companies don't have to sacrifice data privacy and integrity for lower costs. A lot of VPN's exist onrepparttar 107849 market today. An important note about VPNs is, interoperability does not really exist, and whatever you use for your server has to berepparttar 107850 same brand as your clients most ofrepparttar 107851 time. Some VPNs include: Borderware BroadConnex Networks CheckPoint Cisco Computer Associates

DMZ – Adding this to your network enables you to put your wireless network on an untrusted segment of your network.

Firewalls – Firewalls are all overrepparttar 107852 place. Firewalls range from hardware to software versions. By adding a firewall betweenrepparttar 107853 wireless network and wired network helps prevent hackers from accessing your wired network. This paper doesn't go into specifics about different firewalls and how to set them up, but there are many. Some ofrepparttar 107854 firewalls include: - ZoneAlarm (an inexpensive based software firewall) - Symantec has many different firewalls depending what you require.

PKI - Public-key infrastructure (PKI) isrepparttar 107855 combination of software, encryption technologies, and services that enables enterprises to protectrepparttar 107856 security of their communications and business transactions onrepparttar 107857 Internet. What is PKI?

Site Surveys – Site Surveys involve using a software package and a wireless device to probe your network for Access Points and security risks.

Proactive Approaches Since wireless technology is insecure, companies or anyone can take a proactive approach to try and identify hackers trying to gain access via wireless networks.

Honeypots – are fake networks setup to try and lure in hackers. This enables administrators to find out more about what type of techniques hackers are using to gain access. One product is Mantrap created by Symantec. “ManTrap hasrepparttar 107858 unique ability to detect both host- and network-based attacks, providing hybrid detection in a single solution. No matter how an internal or external attacker tries to compromiserepparttar 107859 system, Symantec ManTrap's decoy sensors will deliver holistic detection and response and provide detailed information through its system of data collection modules.”

Intrusion Detection – Intrusion Detection is software that monitors traffic onrepparttar 107860 network. It sounds out a warning if a hacker it trying to accessrepparttar 107861 network. One such free product is Snort. “Before we proceed, there are a few basic concepts you should understand about Snort. There are three main modes in which Snort can be configured: sniffer, packet logger, and network intrusion detection system. Sniffer mode simply readsrepparttar 107862 packets off ofrepparttar 107863 network and displays them for you in a continuous stream onrepparttar 107864 console. Packet logger mode logsrepparttar 107865 packets torepparttar 107866 disk. Network intrusion detection mode isrepparttar 107867 most complex and configurable configuration, allowing Snort to analyze network traffic for matches against a user defined rule set and perform several actions based upon

RJ Computer Consulting

$5 for a brand new laptop?

Written by Charles

Continued from page 1

*Pentium 4 *Windows XP *40 GB harddrive *256 mb ram


    <Back to Page 1 © 2005
Terms of Use