Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Prudence Over Paranoia: Using Wireless LANs Securely

Wireless local area networks (LANs) are proliferating both within enterprises and in public spaces, giving employees far greater flexibility and availability to company systems. Those benefits carry risks with them, of course, but a prudent approach to wireless LAN can neutralize the threats.

Since wireless LANs ease the availability of data, they create a security exposure; but this is true of any networking technology.

"You could get so carried away that the only thing you would allow were desktops hard-wired into a LAN and you wouldn't permit employees to bring in floppy disks or have any means of communicating with the outside world," argues David Cottingham, product director, managed security services, AT&T. "If you put the right pieces in place, the benefits of being able to take advantage of the mobility that wireless affords far outweighs the security risks."

Some of the paranoia surrounding wireless LANs is rooted in the aggressive way hackers -- malicious and otherwise -- have sought to break into such networks for their own purposes. A large portion of that culture has been recognized as benign and actually encouraged to grow through the provision of open wireless "Wi-Fi hotspots," such as those available at many Starbucks locations. Among more sinister developments have been efforts to overcome the WEP (wireless equivalency protocol) encryption measures deployed by private LANs.

"Shortly after that standard [WEP] was initially put out there, articles were published showing how you could crack it," Cottingham relates. "There are also downloadable tools, such as WEPCrack; in theory, if they sit there long enough and watch your traffic going by, they can crack the encryption keys that are used to set up the session, and thereby hijack its traffic." Later versions of WEP -- specifically WAP, or Wi-Fi protected access -- have addressed that vulnerability by providing constantly changing encryption keys, which made it extremely difficult for hackers to collect sufficient packet information in order to break the encryption, according to Cottingham.

  • 1