The CIO was pleased to learn that a considerable amount of my discussion with the SMT positioned the WLAN problem as indicative of broader organizational issues, including insufficient IT governance by the SMT and the lack of a formal IT steering committee. Because he had recently raised the same issues, the CIO felt validated in his opinion: His IT organization wasn't consistently being put in a position to succeed.

Over time, we built our relationship with the CIO and established our team as a key asset to the client's information security efforts. Had we not taken steps to help bring the CIO along, it's doubtful that the client would have adopted most of our recommended changes.

WLAN security 101
The actual remediation efforts necessary to correct the WLAN vulnerabilities were fairly straightforward. We provided the client with some very basic guidelines for optimal WLAN deployment.

[an error occurred while processing this directive]

Reposition the access point or use a directional antenna: The access point (AP) had been placed toward the southeast corner of the building, where it broadcast a quality signal to the local interstate and a neighboring office building. Depending on the building's physical structure, additional walls can significantly reduce the distance the AP broadcasts beyond the building. Directional antennae can also be used on the AP to further restrict broadcasting.

Add an additional low-end firewall between the AP and the network: Using a firewall can provide basic authentication to WLAN users.

Test the perimeter: Identify locations, and their distances from the AP, where someone can connect to the network. Five hundred feet away in the middle of a cornfield is preferable to 100 feet away in a neighboring office building. In the case of NCTPTI, moving the AP successfully eliminated the ability to access the network from a neighboring building, but only minimally reduced the distance from which someone could connect on the interstate.

Enable Wired Equivalent Privacy: Wired Equivalent Privacy (WEP) is a mechanism that encrypts WLAN traffic to prevent unauthorized users from reading data captured in transit. WEP can be cracked, but it requires a more knowledgeable and determined individual than your average war driver to crack it. Most WEP-cracking tools, like Airsnort, run on Linux and require the user to gather approximately 4,000 packets with weak keys (keys being the secret keys used to generate the ciphertext) from packets of network traffic, which is usually enough of a deterrent to select another target (of which there are many).

Change AP's default settings: Default AP configurations--Service Set ID (SSID), SNMP Community String, Administrative Password--are widely known by war drivers, and it's relatively easy for a knowledgeable war driver to connect to the network and commandeer control of an AP with default passwords. (Sadly, default passwords aren't uncommon.)

Restrict access to key systems/data: Block WLAN access to the intranet server and other key data.

Disable SSID broadcasting: To prevent the AP from broadcasting the network name and associating with nodes that aren't configured with the WLAN's unique SSID, disable SSID broadcasting. While this will protect the network from rogue users, it will make WLAN deployment a more hands-on experience because WLAN clients will require that the network name be manually configured.
TechRepublic provides insight, advice, and technical information written by IT professionals for IT professionals.
Have the top IT experts by your side today--FREE!

Previous page |   1 2 3	| Next page

[an error occurred while processing this directive]

[an error occurred while processing this directive]