http://techupdate.zdnet.com/techupdate/stories/main/need_wireless_security.html By David Berlind May 16, 2004 It was nearly impossible to traverse a significant part of the show floor at this year's Networld+Interop without encountering solutions that dealt with the thorny issue of wireless security. Indeed, when it comes to the threat matrix associated with wireless security, there are many issues demanding attention: everything from keeping unauthorized wireless users off wireless local area networks (WLANs) to making sure that the traffic flowing through a WLAN is encrypted in a way that keeps the payloads safe from prying eyes. Although most wireless security solutions target organizations that have deployed wireless networks, there is a class of solutions that target all companies--even those that haven't deployed wireless networks. These solutions detect the existence of rogue access points. (An access point is a transceiver that connects devices on a wireless LAN to the wired infrastructure. A rogue access point is not authorized by an organization's IT department for operation.) Setting up an access point is child's play. In addition to plugging the access point into a power source, all one has to do is connect one end of an Ethernet cable to an available Ethernet port, connect the other end to an access point and voila! A new Wi-Fi WLAN is born. Not all rogue access points are malicious. Until my IT department found out about it and asked me to shut it down, I ran a rogue access point for almost two years (long before Wi-Fi was popular). So early was it in the history of Wi-Fi, that the software for setting up, managing, and securing my Lucent-based 802.11b WLAN was both proprietary and not very user friendly. Knowing that hardly anyone was using Wi-Fi at the time, I didn't bother securing it. Eventually, the company standardized on a single vendor's technology for deploying and securing WLANs and, knowing about my access point through the grapevine, the IT department saw my rogue WLAN for what it was: a back door that bypassed all of the hard work and planning that went into building a secure Wi-Fi network. Nick Miller, CEO of wireless management solution provider Cirond, put the problem in simple terms. "Companies spend thousands upon thousands of dollars and man-hours on network security," said Miller, "and all it takes is a $30 access point to render that investment useless." Why set up a rogue access point in the first place? I can imagine at least three scenarios that could result in rogue access points. The first of these is where people with wireless networks at home and at work are having difficulty with home-work interoperability. Though software is making it easier to move back and forth between the two, I've had this problem and I also know that the easiest solution is to have the same kind of access point in both locations. In the second scenario, people have a wireless network at home, but none at work. Once people catch wireless fever at home, they want it at work, too. If, for security or budgetary reasons, their company's IT department is unwilling to provide it, many overzealous workers are willing to install one for themselves. In the third scenario, someone outside the organization--usually someone with malicious intent--gains access to a physical Ethernet port on the company's network and surreptitiously connects an access point to it. Depending on where that port is (for example, underneath a desk in an unused cubicle), such "deployments" can easily escape physical detection. The last two scenarios are particularly noteworthy since they could introduce wireless security problems to companies that have, for whatever reasons, no deployments of wireless technology. [...] _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Mon May 17 2004 - 04:31:59 PDT