Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »


 
NetNews
N E W S / A N A L Y S I S  


New Worries About WLAN Security

  September 2, 2002
  By Dave Molta


Wireless LAN security continues to be a major thorn in the side of everyone who promotes, sells or installs WLANs. WEP (Wired Equivalent Privacy) is easily compromised with relatively simple tools, forcing vendors and IT managers to look elsewhere for encryption solutions. Likewise, there's no real standard for authentication. Yes, 802.1x may work eventually, but today it almost always requires the implementation of a proprietary authentication framework. And authorization, including the ability to assign granular levels of access rights once users attach to the network, is an afterthought (see our June 10 evaluation of WLAN security overlay products.)

Even if vendors address privacy, authentication and authorization services, your security headaches won't end. Other problems are looming, the most pernicious of which are DoS (denial of service) attacks. While DoS is a fact of life on all networks, it's worse on wireless networks because not only do you need to guard against attacks at Layer 2 and above, you're also extremely vulnerable to physical-layer attacks to the medium.

At a recent Defcon convention in Las Vegas, engineers from AirDefense (www.airdefense.net), a purveyor of intrusion-detection systems (IDSs) for WLANs, detected 807 attacks over the course of two hours. More than half the attacks were probes from tools like Netstumbler, which are used by hackers and administrators to detect vulnerabilities in WLAN environments. Another quarter of the attacks were identity thefts, including MAC (Media Access Control) address spoofing. But about 125 attacks represented more sophisticated threats unique to WLANs. These included RF jamming at the physical layer, attacks on specific stations that continually disconnected them from access points, rerouting of traffic through hostile stations, and a new set of attacks that use wireless management frames to launch attacks.

As WLANs become increasingly mainstream, we expect to see IDSs that address many facets of the problem. For IT managers, it's just one more issue that requires their diligent attention.


Research and Reports

Hypervisor Derby
August 2011
Network Computing: August 2011

Video


WATCH: Box.net CEO Aaron Levie Takes On Microsoft

WATCH: HP Chairman Ray Lane: Focus On Innovation

WATCH: How OpenFlow Changes Networking


View All Videos
Previous Page First Page Second Page Third Page Next Page

Most Popular

Stories Blogs

More Stories »

Featured Whitepapers

Featured Reports

BlogRoll

TechWeb Careers