Saturday, May 18, 2013

Is Your Wireless Network Secure?


Networking professionals are encouraging people to think

twice about wireless network security. You might be

thinking I use WEP-128 bit encryption with MAC address

filtering, I'm safe. Or you may be you've never even heard

of WEP, if this is the case you might want to unplug your

wireless access point immediately. But then again look at

the bright side at least you don't have the false sense of

security that your network is secure. Perhaps you are the

smart guy who knows how insecure wireless networks are. You

too are at just an equal risk!

Your computer consultant might be partially right when they

say WEP will protect your network. It will protect your

network from casual snooping but that is about it. Last

year the FBI was able to crack a WEP protected network in

less than 3 minutes with tools widely available on the

internet. Since then it's been downhill for WEP.

At this point you might be thinking, "Oh well, someone gets

on my network and uses the internet". This is completely

false. If someone has gone through the process of getting

on your network chances are the only thing they want is not

internet access. Any computer security professional will

tell you that physical access to the network is 95% of the

security battle. Once this has been accomplished you can

consider all of your data compromised. Customer invoices,

customer data, credit card numbers and passwords to

financial institutions will all be in the hands of a hacker.

One in many methods can be used to gain access to your

personal data, whether it's through Key loggers, Trojans, or

just by sniffing your plaintext network traffic.

Maybe, just maybe, I have not convinced you of the

insecurities of wireless networks. Let me tell you about

another attack that hackers can use to gain access to your

network. Let's say your access points are completely locked

down, to your knowledge. A user from your network goes and

flips on their laptop while sitting in an airport terminal

waiting for a plane. They see an available insecure

wireless network so they click on it and connect. None of us

have ever done this before right, itching to check their

email one last time before heading out of town? Unbeknownst

to them they have just clicked on a fake honeypot wireless

network, set up by a rogue hacker that before they can even

realize their machine is already being scanned. Picture for

a moment that user could be anywhere, even sitting at a desk

in your network. Just as long as the rogue access point is

stronger than your AP's radio signal you're security is

done.

May be you fall into the category of never setting up

wireless networks because you read about their insecurities.

How then can you be at risk? Just consider for a moment

that a user in your organization fires up his wireless card.

See's a wireless network that is named XYZCorp after your

company. So they connect to it and immediately a script is

hammering their machine for security vulnerabilities. Once

again they connected to a rogue access point setup by a

hacker. Now you might be thinking. "C'mon you must have to

be a computer genius to find and run these tools." Think

again, thanks to the kind people over at remote-exploit.org

all these tools can be downloaded in one big happy ISO file.

Burned to a CD as an image and bang you're done, ready to

take a drive to the nearest business and start sniffing

credit card numbers. Everything wrapped into a nice package

just waiting for the next script kiddy to start running the

programs. You may be thinking OK this is a major problem so

what should I do? Give up my organizations ability to use

wireless networks? This isn't exactly what we are saying.

A newer wireless security technology has taken over in 2004

called WPA. It is more secure than WEP. And so far tools

are not as readily available to hack your network. But

consider the following. WEP was ratified in the late 1990's

less than six years later it was exploited. This is typical

of almost every computer technology. It is only a matter of

time before technologies are exploited. Just always

remember Security is a multi-tiered companywide

responsibility. From providing physical security to web

site security all matters should be considered serious and

not taken lightly. So before you grab a wireless access

point and slap it in your network, I urge you to think

twice.

You may think you are in a sinking boat because you are a

small organization not able to implement the latest

technologies and afford the newest access points. Or maybe

you cannot afford to pay an IT staff over 100k-200k a year

to maintain your medium size network. Executives at

N2

Network Solutions say you should consider IT outsourcing or

IT consulting. You can get Industry certified engineers on

a project by project basis. Contractual relationships are

also available to dump the responsibility of your network

into their hands for a fraction of the price. To keep your

small to medium size network performing like a Fortune 500

machine invest the capital and secure your assets.




0 comments:

Post a Comment


Twitter Facebook Flickr RSS



Français Deutsch Italiano Português
Español 日本語 한국의 中国简体。