Basics
Wireless Security: The Basics
Encryption and authentication are the fundamentals of wireless security - here's your guide.
By Galen Gruman
Block intruders before they connect
At Southeastern Polytechnic, Gruzka noticed that hackers would spoof the access points' SSIDs — the names that identify them and their VLANs to computers seeking to connect to the right network. The idea was to fool a user into logging onto the hacker's computer and capturing the user's' credentials and data. On a campus, the signals of access points' reach into the open, so there was no physical way to keep hackers out. So Gruzka used dual-radio access points from Meru Networks. One radio handles the connections to users, while the other scans for rogue access points. The Meru access points "know" each other and can thus identify rogues, Gruzka says, and when they detect one, they use the second radio to send a data pulse that essentially obscures the rogues' spoofed SSID so users can't see it and connect to it. All of this happens in a fraction of a second.
IANS's Carey says Southeastern Polytechnic is by no means alone in facing the threat of rogue access points. It's easy to put such an access point in a potted plant or bring one into a lobby, he notes. And because PCs and laptops can be set to operate in ad hoc mode — making one computer a virtual access point — almost anyone with a PC can be a rogue. IT can ensure that its users' computers are set in such a way that they don't connect via ad hoc mode, eliminating this latter threat, he says. But the actual rogue access point that is snuck into the building — or in a location near enough for its signal to penetrate your walls — is harder to deal with. Using wireless sniffers to conduct periodic sweeps is one approach, as is using interconnected access points that can detect rogues.
Despite these threats, the good news is that there are proven techniques to protect your wireless and mobile environments. The bad news is that many organizations haven't done so yet. ##
Galen Gruman, a freelance writer based in San Francisco, can be reached at ggruman@zangogroup.com.
wireless security
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- The Strategic Advantage of Cloud-Based Email and BlackBerry Services
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- Managing A Growing Threat: An Executive's Guide to Web Application Security
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
