LEE 1

Security Issues with Wireless LANs

By: Bryan Lee CIS230 Networks, Telecommunication & Global Communication Mr. Campbell December 3, 2011

LEE 2

Introduction Wireless local area network (WLAN) has been widely used in many sectors. The popularity gained is due to many reasons, such as ease of installation, installation flexibility, mobility, reduced cost-of-ownership, and scalability. However, regardless of the benefits, WLAN have some security threats. Here is a brief list with descriptions of some of the primary threats:

Spoofing Internal Communications An attack from outside of the network can usually be identified as such. If an attacker can connect with your WLAN, they can spoof communications that appear to come from internal domains. This is where the attacker could gain access to privileged data and resources in the network by assuming the identity of a valid user.Users are much more likely to trust and act on spoofed internal communications.

Theft of Network Resources This involves attack against the privacy of the data that is being transmitted across the network. By their nature, wireless LANs intentionally radiates network traffic into space. This makes it impossible to control who can receive the signals in any wireless LAN installation. In the wireless network, eavesdropping by the third parties is the most important threat because the attacker can intercept the transmission over the air from a distance. Protection LAN segmentation is used by many organizations to break the network down into smaller, more manageable compartments. Using different LAN segments or virtual LAN (VLAN) segments has a number of advantages. It can enable an organization to expand their network, reduce network congestion, compartmentalize problems for more efficient troubleshooting, and improve security by protecting different VLANs from each other. The improved security is an excellent reason to set your WLAN up on its own VLAN. You can allow all of the wireless devices to connect to the WLAN, but shield the rest of your internal network from any issues or attacks that may occur on the wireless network. Using a firewall, or router ACL (access control lists), you can restrict communications between the WLAN and the rest of the network. If you connect the WLAN to the internal network via a web proxy or VPN, you can even restrict access by wireless devices so that they can only surf the Web, or are only allowed to access certain folders or applications.

Secure Access

LEE 3

Segmenting your WLAN from the rest of your network will help to protect the internal network from any issues or attacks on the wireless network, but there are still other steps you can take to protect the wireless network itself. By encrypting your wireless communications and requiring users to authenticate before connecting, you can ensure unauthorized users do not intrude on your WLAN and that your wireless data cannot be intercepted. Wireless Encryption

One of the ways to ensure unauthorized users do not eavesdrop on your wireless network is to encrypt your wireless data. The original encryption method, WEP (wired equivalent privacy), was found to be fundamentally flawed. WEP (also known as Wi-Fi networks) relies on a shared key, or password, to restrict access. Anyone who knows the WEP key can join the wireless network. There was no mechanism built in to WEP to automatically change the key, and there are tools available that can crack a WEP key in minutes, so it wont take long for an attacker to access a WEP-encrypted wireless network. Conclusion Wireless networks can increase efficiency, improve productivity and make networking more cost effective, but if they are not properly implemented they can also be the down fall of your network security and expose your entire organization to compromise. Take the time to understand the risks, and how to secure your wireless network so that your organization can leverage the convenience of wireless connectivity without creating an opportunity for a security breach. The general idea of WLAN is basically to provide a wireless network infrastructure comparable to the wired Ethernet networks. There will be no complete fix for the existing vulnerabilities. All in all, the very best way to secure WLAN is to have the security knowledge, proper implementation, and continued maintenance

LEE 4

References Terry, J., & Heiskala, J. (2002). OFDM Wireless LANs: A Theoretical and Practical Guide. Pearson Education, Inc.

Santamara, A. A., & Lpez-Hernndez, F. J. (2001). Wireless LAN Standards and Applications. Artech House, Inc.

Oppenheimer, P., & Bardwell, J. (2002). Troubleshooting Campus Networks: Practical Analysis of Cisco and LAN Protocols. John Wiley & Sons, Inc. (US). Computer Security Research Centre, National Institute of Standards and Technology. Announcing the Advanced Encryption Standard (AES).Federal Information Processing Standards Publications 197. 13 Dec. 2002. URL: http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf