Q

IEEE 802.11: Handling the standard's wireless network vulnerabilities

IEEE 802.11 has several known vulnerabilities, so what's the best way for enterprises to handle them? Expert Anand Sastry explains.

What are the most serious vulnerabilities in the IEEE 802.11 standard, and how can we protect against them?

Many of the wireless network vulnerabilities associated with IEEE 802.11-based networks are related to lax configuration of the devices themselves. Some common configuration errors include missing or weak encryption (WEP – with weak initialization vector or weak pre-shared keys), default authentication credentials to the management stations, devices missing the latest firmware and security patches and incorrect signal tuning leading to signal leakage, among others. The issue is further exacerbated by insufficient monitoring of the wireless infrastructure. This hampers the ability of the enterprise to deal with rogue access points, thereby increasing the likelihood of man-in-the-middle or denial-of-service attacks.

A lot of these weaknesses can be addressed by a robust wireless device configuration, strong authentication/access requirements, real-time monitoring and regular wireless surveys. Use of EAP and 802.1x with the AAA protocol can help prevent the threat from man-in-the-middle and rogue access points. Use of sniffers and other monitoring devices can help track down other systems searching for connections on the wireless network. Periodic “walkabouts” with a signal analyzer or wireless intrusion prevention systems can also help isolate or triangulate rogue devices. They can also identify and tune sources of signal bleed, thereby containing the wireless network within physical locations that require it.

This was first published in August 2011

Dig deeper on Wireless Network Protocols and Standards

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close