
	Home > Ask the Security Experts > Questions & Answers > Securing traffic at endpoints of a WLAN

Ask The Security Expert: Questions & Answers

EMAIL THIS

Securing traffic at endpoints of a WLAN

EXPERT RESPONSE FROM: Stephen Mencik

		Pose a Question

		Other Security Categories

		Meet all Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 04 January 2002
On the wireless LAN tip, using a VPN is great, but what about the possibility of a "hijacked" connection? The traffic in the VPN pipe is secure, but what about the endpoints?

EXPERT RESPONSE
With a VPN covering the wireless connection, it would be impossible to "hijack" the connection in the classical sense. For those not familiar with the term, a "hijacked" session is one in which the the attacker can take over the connection of a legitimate user, after the legitimate user has completed the authentication process.

The VPN prevents this, because the encrypted channel essentially provides continuous authentication. That is, there is no way for the attacker to insert himself into the middle of that stream without having the same encryption algorithm and key.

Now, as you point out, security at the endpoints is critical. Your endpoints are your mobile user and whatever server is on the far side of the VPN. Whatever security you would normally provide for those units if connected by a wired LAN is the minimum you would want in the wireless environment. Because the mobile user may have additional security concerns due to location, the security required may need to be greater than for a wired LAN.

One other note, a VPN will provide protection for confidentiality and integrity, but will do nothing for availability. If an attacker just wants to keep your access points from providing service, he just needs to generate enough requests for connection. Even though the connections won't go through, as he won't be able to create the proper VPN tunnel, it could cause a denial of service for your access point. How likely this scenario is for your environment is something that should be assessed during a security assessment of your network.

For more information on this topic, visit these other searchSecurity resources:
Best Web Links: Infrastructure and Network Security

Digg This!

StumbleUpon

Del.icio.us

RELATED RESOURCES

	2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
	Search Bitpipe.com for the latest white papers and business webcasts
	Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

Find Security Solutions for Your Business
Targeted Security Channel Tips for Resellers, Integrators and Consultants

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Advanced Search | Site Index

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2003 - 2008, TechTarget \| Read our Privacy Policy