Subscribe

Security

Dependency on a wired LAN system has lessened in recent years as intrusion of this system is relatively easy compared to WLAN as hackers can simply connect to an unoccupied access point.

However, having security when using a WLAN is just as important as the actual hardware you are using. Companies can come under attack from either inside or outside the company. This can be a potentially dangerous situation if the wireless network is left unprotected as sensitive information can be accessed.

 

WLAN Security - What Hackers Know That You Don't

Ensuring Compliance with DoD Wireless Policies

Best Practices for Wireless Security SOX Compliance

Dedicated Distributed Sensing: The Right Approach to Wireless Intrusion Prevention

PCI Wireless Compliance Demystified: Best Practices for Retail

Enterprise Class Wireless Intrusion Prevention Systems: Requirements and Figure of Merit

Wireless Intrusion Protection System

A Manager’s Guide To Wireless Hotspots

Bluetooth Networks: Risks and Defenses

Beyond Corporate Walls: Motorola Enterprise Mesh Networks

Protection comes in the form of numerous defence mechanisms which restrict use of the network from unauthorised users (rogue wireless) and also protects users from each other e.g. viruses that may be present on individual computers or restrict users seeing documentation present on other computers. Solutions for Detecting Eliminating Rogue Wireless Networks.pdf

Due to the high risk of intrusion, a number of techniques have been developed to detect rogue WLANs:

  • Wired-side Intrusion Detection system –This alerts IT security managers when the intruder tests wired-side security measures. Fails to detect rogue WLAN’s as it cannot identify APs attached to wired network, soft APs, accidental associations and ad-hoc networks.
  • Wired-side SNMP Polling – Simple Network Management Protocol (SNMP) is used to query information from IP devices attached to the wired network, such as router, stations and authorised AP. Not effective to detecting rogue WLANs as the IT security manager needs to know the IP address of all devices being polled.
  • Wireless Scanners and Sniffers – These capture and analyse WLAN packets from the air. By monitoring the airwaves for all WLAN activity, wireless sniffers and scanners detect most APs and active wireless stations within range. They can also provide detailed information about the configuration and security employed by each device.
  • Wired-side Traffic Injection – These devices inject special broadcast frames over the wired network segment. These broadcast frames are then transmitted over the air by any wireless APs present on the same network segment. By detecting these frames over the air, using wireless sniffers, and analysing the transmitter’s media access control (MAC) address, the user is able to determine if any unauthorised APs are connected to that network segment.
  • Wired-side Network Scanners – These are similar to SNMP polling as they identify IP devices attached the network. Theses scan are extremely intrusive and require that an IT security manager have access to all the IP devices on the network and know all IP addresses.
  • Wireless Traffic Injection – This method is similar to wired traffic injection except it relies on a wireless device to inject a special frame over the air. If a sniffer sees an unauthorised AP, it tries to connect to it wirelessly and subsequently inject a frame that can be traced on the wired-side by a server or by another sniffer connected on the wired-side.
  • AirDefense 24/7 Centralised Wired and Wireless Monitoring

go to previous article: Wireless - Sectors Dependent on WLAN

go to next article: Wireless - Protection

Twitter   LinkedIn  YouTube   Blog   Facebook
Quick links:   Zebra Printer | Barcode Scanner |  Handheld Computers |  Mobile Computer |  Tablet PC |  Barcode Printer |  Wireless Switch |  RFID Reader |  Touch Screen Computer |  ATEX Intrinsically Safe