Will securing a wireless LAN make the data link layer vulnerable?

Even when an organization uses a VPN to secure a wireless LAN and users' transmitted data, there are still vulnerabilities. In this expert Q&A, network pro Mike Chapple explains what security issues can arise at the data link layer.

University of Notre Dame

If a VPN is used to secure a wireless LAN, is the data link layer vulnerable? If so, what can be done to protect the data link layer?

It depends upon your perspective. If you're an individual user of the wireless LAN, and you consistently use a VPN connection that tunnels all of your traffic back to a secure network, you have nothing to worry about.

When an organization runs a wireless LAN, however, issues can arise at the data link layer, even though the confidentiality...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

of VPN users' transmitted data is secure.

For example, consider DNS traffic. Wireless networks using the VPN security model must allow unauthenticated users' DNS traffic through the firewall so that VPN clients may verify and locate their endpoints. A few years ago at DefCon, a popular hackers' convention, security researcher Dan Kaminsky introduced a technique called DomainCasting. Such a hacking method allows individuals to gain free Internet access by using DNS traffic as a covert channel. Individuals can use this technique to gain unauthorized entry into a wireless network.

An access control technique, like the 802.1X networking standard, can extend protection to the data link layer. To learn more about implementing 802.1x on your wireless network, read the Information Security magazine article: The X Factor.

More information:

Learn how VPNs can address WiPhishing threats.

Find out how to combine 802.1X and VLANs for wireless LAN authorization.

This was last published in July 2007

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

Related Resources

Dig Deeper on Wireless network security

Related Q&A from Mike Chapple

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.