June 10, 2002
  By Dave Molta

  >> continued from previous page

Executive Summary: WLAN Security

Issue TOC Print full article Print this page Download as PDF E-Mail this URL Flame the author     In this article APA ASAP Executive Summary WEP Has No Clothes Online Only: WLAN Security Research E-Poll Results WLAN Security Products Review Despite the demise of WEP as a wireless security standard, the wireless LAN industry has cleared many hurdles. WLANs are faster, more manageable and more interoperable than ever. But thanks to the demise of WEP, security remains an obstacle to this growing market. If you want a secure WLAN--and indeed, our research shows that you do--you need to invest in new hardware and software, and accept the complexity and cost of the new equipment. And you may need to sacrifice multivendor interoperability too. Nevertheless, you can implement a secure wireless LAN, with the appropriate levels of authentication, privacy and access control. One option is to implement a VPN; however, that solution is fraught with challenges. Recently, several vendors have come up with products that offer authentication, encryption and access-control services that make WLANs more feasible than ever. We tested six such solutions, from Bluesocket, Columbitech, Ecutel, NetMotion Wireless, ReefEdge and SMC. Bluesocket WG-1000 Wireless Gateway, ReefEdge Connect System and SMC EliteConnect WLAN Security System are hardware-based, while Columbitech Wireless VPN, Ecutel Viatores M-VPN and NetMotion Mobility are Microsoft Windows-based software--though the distinction had little effect on the outcome of our tests. Ultimately, SMC's product, which is manufactured and marketed under a different label by Vernier, impressed us as a secure solution with the best set of features, as well as top-notch configuration and management tools, and earned our Editor's Choice award.

WEP Has No Clothes

Wired Equivalent Privacy was the foundation for WLAN privacy services until its deficiencies were exposed. Here are pointers to some of the key research that burst the WEP bubble: • Nikita Borisov, Ian Goldberg and David Wagner paper, July 2001, documents flaws in WEP that the authors attribute to misapplication of cryptographic primitives. • Scott Fluhrer, Itsik Mantin and Adi Shamir paper, July 2001, describes weaknesses in the key-scheduling algorithm of RC4, using 802.11 as an example of an insecure RC4-based system. • Adam Stubblefield, John Ioannidis and Aviel D. Rubin paper, August 2001, documents passive attack, based on Fluhrer, Mantin and Shamir paper, on 128-bit WEP that can result in key retrieval within 15 minutes. Concludes "WEP is totally insecure."

Online Only: WLAN Security Research

Building Secure Wireless Local Area Networks Pierre Trudeau, Colubris Networks, 2001 This white paper provides an overview of the challenges faced to secure WLANs. Instead of having you place the burden on the physical layer, it advocates that network administrators concentrate on the network layer. The author establishes the need to create secure end-to-end connections between stations, instead of encrypting radio transmissions. VPN is chosen as the best solution to secure a WLAN, and specific implementation approaches are explained for enterprise, public and home/SOHO environments. Wireless 802.11 LAN Security: Understanding the Key Issues System Experts, January 2002 This white paper includes a basic view of the current stage of WLAN security. It addresses the individual security issues that affect each component of the network and provides real examples and practical recommendations to address these issues and make things better. Finally, it provides a brief safety statement about 802.11-based hot spots (public WLANs). Serious WLAN Security Threats Part I |Part II Gerry Blackwell, 80211-planet.com, January 7/14, 2002 A two-part guide that defines the major threats to 802.11 technology and provides the author's recommended techniques to make WLANs more secure. Blackwell security tips are classified in two categories: those that work on the enterprise network side (firewall, RADIUS, encryption and VPN); and those that work on the wireless LAN side (WEP, SSID, broadcast, access points, intrusion detection and DHCP). Wireless Insecurities Dale Gardner, Information Security Magazine, January 2002 After stressing the importance of securing the wireless LAN environment, the article analyzes what the author considers the weakest point in wireless network security: handheld devices. It contains information on both physical and operating system security. After his considerations on handhelds, Gardner then turns to the subject of how to protect WLAN. Here Gardner includes information on the tools used by wireless network crackers (he refers to them as "war drivers") and the tools available from different vendors to increase WLAN security. He also addresses the use of VPN as one of the most effective tools of protection in a WLAN environment. Finally he includes a section with recommendations to secure the network. Securing Air Andy Briney, Information Security Magazine, January 2002 This article is based on a personal experience by the magazine's editor trying to see how secure WLANs are. "Betcha didn't know that wireless networks in Seattle are more secure than those in Los Angeles. Why? Simple. When rainwater collects on a window, it essentially decreases the strength of a wireless signal. The glass becomes more like a mirror, deflecting packets and reducing the range and persistence of any wireless connection -- including rogue ones."