Problem solve Get help with specific problems with your technologies, process and projects.

Securing traffic at endpoints of a WLAN

On the wireless LAN tip, using a VPN is great, but what about the possibility of a "hijacked" connection? The traffic in the VPN pipe is secure, but what about the endpoints?

With a VPN covering the wireless connection, it would be impossible to "hijack" the connection in the classical sense. For those not familiar with the term, a "hijacked" session is one in which the the attacker can take over the connection of a legitimate user, after the legitimate user has completed the authentication process.

The VPN prevents this, because the encrypted channel essentially provides continuous authentication. That is, there is no way for the attacker to insert himself into the middle of that stream without having the same encryption algorithm and key.

Now, as you point out, security at the endpoints is critical. Your endpoints are your mobile user and whatever server is on the far side of the VPN. Whatever security you would normally provide for those units if connected by a wired LAN is the minimum you would want in the wireless environment. Because the mobile user may have additional security concerns due to location, the security required may need to be greater than for a wired LAN.

One other note, a VPN will provide protection for confidentiality and integrity, but will do nothing for availability. If an attacker just wants to keep your access points from providing service, he just needs to generate enough requests for connection. Even though the connections won't go through, as he won't be able to create the proper VPN tunnel, it could cause a denial of service for your access point. How likely this scenario is for your environment is something that should be assessed during a security assessment of your network.

For more information on this topic, visit these other searchSecurity resources:
Best Web Links: Infrastructure and Network Security

This was last published in January 2002

Dig Deeper on Wireless network security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.