IEEE 802.11: Handling the standard's wireless network vulnerabilities

What are the most serious vulnerabilities in the IEEE 802.11 standard, and how can we protect against them?

    Requires Free Membership to View

Many of the wireless network vulnerabilities associated with IEEE 802.11-based networks are related to lax configuration of the devices themselves. Some common configuration errors include missing or weak encryption (WEP – with weak initialization vector or weak pre-shared keys), default authentication credentials to the management stations, devices missing the latest firmware and security patches and incorrect signal tuning leading to signal leakage, among others. The issue is further exacerbated by insufficient monitoring of the wireless infrastructure. This hampers the ability of the enterprise to deal with rogue access points, thereby increasing the likelihood of man-in-the-middle or denial-of-service attacks.

A lot of these weaknesses can be addressed by a robust wireless device configuration, strong authentication/access requirements, real-time monitoring and regular wireless surveys. Use of EAP and 802.1x with the AAA protocol can help prevent the threat from man-in-the-middle and rogue access points. Use of sniffers and other monitoring devices can help track down other systems searching for connections on the wireless network. Periodic “walkabouts” with a signal analyzer or wireless intrusion prevention systems can also help isolate or triangulate rogue devices. They can also identify and tune sources of signal bleed, thereby containing the wireless network within physical locations that require it.

This was first published in August 2011

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: