|
Login Form
Upcoming
There are no upcoming events!
|
Home  Articles Is Your Wireless Network Secure?
|
Is Your Wireless Network Secure? |
|
|
|
Networking professionals are encouraging people to think twice
about wireless network security. You might be thinking I use
WEP-128 bit encryption with MAC address filtering, I’m safe. Or
you may be you’ve never even heard of WEP, if this is the case
you might want to unplug your wireless access point
immediately. But then again look at the bright side at least
you don’t have the false sense of security that your network is
secure. Perhaps you are the smart guy who knows how insecure
wireless networks are. You too are at just an equal risk!
Your computer consultant might be partially right when they say
WEP will protect your network. It will protect your network from
casual snooping but that is about it. Last year the FBI was able
to crack a WEP protected network in less than 3 minutes with
tools widely available on the internet. Since then it’s been
downhill for WEP.
At this point you might be thinking, “Oh well, someone gets on
my network and uses the internet”. This is completely false. If
someone has gone through the process of getting on your network
chances are the only thing they want is not internet access.
Any computer security professional will tell you that physical
access to the network is 95% of the security battle. Once this
has been accomplished you can consider all of your data
compromised. Customer invoices, customer data, credit card
numbers and passwords to financial institutions will all be in
the hands of a hacker. One in many methods can be used to gain
access to your personal data, whether it’s through Key loggers,
Trojans, or just by sniffing your plaintext network traffic.
Maybe, just maybe, I have not convinced you of the insecurities
of wireless networks. Let me tell you about another attack that
hackers can use to gain access to your network. Let’s say your
access points are completely locked down, to your knowledge. A
user from your network goes and flips on their laptop while
sitting in an airport terminal waiting for a plane. They see an
available insecure wireless network so they click on it and
connect. None of us have ever done this before right, itching
to check their email one last time before heading out of town?
Unbeknownst to them they have just clicked on a fake honeypot
wireless network, set up by a rogue hacker that before they can
even realize their machine is already being scanned. Picture for
a moment that user could be anywhere, even sitting at a desk in
your network. Just as long as the rogue access point is
stronger than your AP’s radio signal you’re security is done.
May be you fall into the category of never setting up wireless
networks because you read about their insecurities. How then
can you be at risk? Just consider for a moment that a user in
your organization fires up his wireless card. See’s a wireless
network that is named XYZCorp after your company. So they
connect to it and immediately a script is hammering their
machine for security vulnerabilities. Once again they connected
to a rogue access point setup by a hacker. Now you might be
thinking. “C’mon you must have to be a computer genius to find
and run these tools.” Think again, thanks to the kind people
over at http://remote-exploit.org all these tools can be
downloaded in one big happy ISO file. Burned to a CD as an
image and bang you’re done, ready to take a drive to the
nearest business and start sniffing credit card numbers.
Everything wrapped into a nice package just waiting for the
next script kiddy to start running the programs. You may be
thinking ok this is a major problem so what should I do? Give
up my organizations ability to use wireless networks? This
isn’t exactly what we are saying. A newer wireless security
technology has taken over in 2004 called WPA. It is more secure
than WEP. And so far tools are not as readily available to hack
your network. But consider the following. WEP was ratified in
the late 1990’s less than six years later it was exploited.
This is typical of almost every computer technology. It is only
a matter of time before technologies are exploited. Just always
remember Security is a multi-tiered companywide responsibility.
From providing physical security to web site security all
matters should be considered serious and not taken lightly. So
before you grab a wireless access point and slap it in your
network, I urge you to think twice.
You may think you are in a sinking boat because you are a small
organization not able to implement the latest technologies and
afford the newest access points. Or maybe you cannot afford to
pay an IT staff over 100k-200k a year to maintain your medium
size network. Executives at N2 Network Solutions say you should
consider IT outsourcing or IT consulting. You can get Industry
certified engineers on a project by project basis. Contractual
relationships are also available to dump the responsibility of
your network into their hands for a fraction of the price. To
keep your small to medium size network performing like a
Fortune 500 machine invest the capital and secure your assets.
About The Author: Jeremy Whittaker is a Senior Consultant for
N2 Network Solutions, visit N2 online
http://www.n2networksolutions.com.
|
|
Mac & iPod Repair
|
Do you get hundreds of junk e-mails every day? Is your inbox clogged with with offers for pills, pornography, pyramid schemes, and "free" products?