Recently, it seems as if theres a wireless LAN (WLAN) everywhere you look, and under the circumstances, its not surprising. With the emergence of IEEE 802.11 as the de facto standard for wireless networking, and the free fall in hardware prices over the last year, wireless deployments have become extremely inexpensive and easy—well within the reach of even the average home user. Moreover, while slower than many wired networks, WLANs provide more than enough bandwidth for the average office worker, making them an attractive option for desktop PCs, laptops and potentially even handheld computers.
As we all know by now, however, most new functionality comes with a price tag in terms of reduced security, and WLANs are no exception. The unfortunate fact is that once you start broadcasting signals through the air, you sacrifice a great deal of control over who can send or receive those signals. A companys wireless access point has very limited capacity to distinguish between the CEOs laptop in the conference room and an intruders machine in the parking lot.
The IEEE attempted to address that problem by building an encryption and authentication protocol, known as the Wired Equivalency Protocol (WEP), into the 802.11 standard.
A number of different cryptographic papers released within the past nine months, however, have shown the WEP to be seriously broken. A group of cryptographers from AT&T and Rice University recently broke the strongest WEP implementation currently available in a matter of hours. While they were careful not to release the software they wrote to implement the attack, they warn that a moderately competent attacker could replicate their attack from scratch in less than a week.
In truth, however, only a very small percentage of users even bother to turn WEP on at all. In effect, the bulk of all WLANs are wide open to the public. Take a laptop with an 802.11 card on a walk through the financial district of most major American cities, and you can easily access several dozen commercial networks in a matter of hours. Indeed, the practice of “War Driving”—using car-mounted, long-range antennas to randomly scan large areas for vulnerable WLANs—is rapidly becoming a popular pastime in some circles. The development of wireless sniffing software promises to make that sort of thing even easier. Several open-source packages are already available, as is a commercial network management product from Sniffer Technologies.
There are a number of steps that companies can take to shore up their WLAN security. The most secure solution is to limit a wireless deployment to those machines that require mobility, and treat those machines as remote users. Place your wireless access points outside your firewall perimeter, and require your WLAN boxes to use a VPN to access your network. If that is impractical, encrypt all wireless traffic and implement the strongest possible authentication tools for every accessible network resource. Keep an eye out for unauthorized and/or unmonitored access points; the low price points and ease of use has made “rogue” WLANs an increasingly common phenomenon in many offices.
WLANs are a wonderful tool and can prove to be a great money saver, but only if all of their costs—including security—are properly accounted for.