*EXECUTIVE SUMMARY*

EXECUTIVE SUMMARY

    Wireless networking technology is becoming increasingly popular but, at the same time, has introduced many security issues. The popularity in wireless technology is driven by two primary factors — convenience and cost. A wireless local area network (WLAN) allows workers to access digital resources without being tethered to their desks. Laptops could be carried into meetings or even out to the front lawn on a nice day. This convenience has become affordable. Vendors have begun to produce compatible hardware at a reasonable price with standards such as the Institute of Electrical and Electronics Engineers Inc.’s (IEEE’s) 802.11x.

 

However, the convenience of WLANs also introduces security concerns that do not exist in a wired world. Connecting to a network no longer requires an Ethernet cable. Instead, data packets are airborne and available to anyone with the ability to intercept and decode them. Traditional physical security measures like walls and security guards are useless in this new domain.

 

Several reports have discussed weaknesses in the Wired Equivalent Privacy (WEP) algorithm employed by the 802.11x standard to encrypt wireless data. This has lead to the development of automated tools, such as AirSnort and WEPCrack, that automate the recovery of encryption keys. The IEEE has organized the 802.11i Task Group to address 802.11x security, and hardware vendors are racing to implement proprietary solutions. Still, securing vulnerable networks could take some time. Beyond this, research has shown that that majority of networks use no encryption at all. WEP is far from perfect, but it does at least provide a deterrent to attackers.

 

WLANs introduce security risks that must be understood and mitigated. If not, vulnerable WLANs can compromise overall network security by allowing the following attack scenarios:

 

•  Vulnerable WLANs provide attackers with the ability to passively obtain confidential network data and leave no trace of the attack.

•  Vulnerable WLANs, positioned behind perimeter firewalls and considered to be trusted networks, may provide attackers with a backdoor into a network. This access may lead to attacks on machines elsewhere on the wired LAN.

•  Vulnerable WLANs could serve as a launching pad for attacks on unrelated networks. WLANs provide convenient cover, as identifying the originator of an attack is difficult if not impossible.

 

Tools to identify WLANs, break WEP encryption keys and capture network traffic are freely available. To protect against attacks, understand both the vulnerabilities that exist and how attackers employ these tools to exploit the vulnerabilities. Identify compensating controls and determine if the risks can be mitigated to an acceptable level to justify the introduction of wireless network technology.

 

This paper addresses how to find the vulnerabilities inherent in the WEP algorithm, how to determine if a WLAN is vulnerable using freeware tools and, most importantly, how to best secure WLANs.