WLAN security issues

WLAN security issues

What are the main open security issues with WLANs?

Requires Free Membership to View

Login

SearchMobileComputing.com members gain immediate and unlimited access to expert guides for mobile deployment, management and security, industry trends, and more-- all at no cost. Join me on SearchMobileComputing.com today!

Kate Gerwig, Editorial Director

By submitting your registration information to SearchMobileComputing.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchMobileComputing.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

The main issue is that, by default, WLAN traffic goes across the air in clear text and is easily accessible. Even when WEP encryption is enabled, a determined hacker will likely be able to break in. Other commonly overlooked security issues are broadcasting SSIDs, not changing default configurations such as SSIDs and passwords, and not patching the firmware on APs or client OS software on the WLAN clients. Don't think that not broadcasting SSIDs or using MAC address-based access controls will completely secure the WLAN. There are ways around both approaches: 1) searching for management packets using a WLAN analyzer and 2) spoofing MAC addresses. Another common problem is rogue ad hoc or P2P WLANs that do not use APs at all. Users can set up their WLAN cards and communicate directly with each other opening up the network to security issues. WLAN clients running without personal firewall software is a no-no and putting an AP behind a firewall is bad for business too. Also, don't ever administer an AP or bridge without first enabling WEP via the console port. This is a great way for the bad guys to collect critical passwords and more.

Dig Deeper

People who read this also read...
Related tags
- security
- wlan

Show me more

This was first published in March 2004

More from Related TechTarget Sites

Unified Communications
Networking
Telecom
Networking Channel
CRM
Data Management

Unified Communications
- SIP Forum to showcase SIP trunking interoperability for enterprises
  
  The SIP Forum has announced SIPconnect-IT, a live testing initiative for SIP trunking interoperability, which could lower SIP trunking costs and complexity.
- TCO metrics key, but complex in IP telephony systems deployment
  
  Total cost of ownership (TCO) metrics for new IP telephony systems are often overlooked by enterprises, according to a new study, but other factors rank high in importance.
- Avaya introduces iPad mobile UC appliation as mobility interest grows
  
  With mobile unified communications a major priority for enterprises in 2012, Avaya has launched a mobile UC product for the iPad.
Networking
- Testing FCoE and data center bridging at UNH’s InterOperability Lab
  
  In this video Mikkel Hagen, a testing manager with UNH-IOL tells SearchNetworking.com about the work that UNH-IOL provides and the testing it is doing with data center bridging and Fibre Channel over Ethernet (FCoE) products.
- Taking WPS attack precautions can reduce unauthorized WLAN access
  
  Admins should take WPS attack precautions to avoid unauthorized WLAN access, yet understanding the WPS protocol and its own vulnerabilities is key to complete network protection.
- Integrating Juniper QFabric into your existing data center network
  
  In this video, learn how to integrate Juniper QFabric into existing data center architecture, taking into account the issues that can be associated with the technology.
Telecom
- Smartphone adoption spurs advanced services demand in Latin America
  
  Latin American smartphone adoption is more robust than North America's, and the consumers are more mobile-friendly than their peers in developed economies.
- Need for wireless network upgrade is key AT&T/T-Mobile driver
  
  Rising demand for high-quality network service delivery will require operators to undertake a massive wireless network upgrade, driving deals like the AT&T/T-Mobile acquisition.
- Video: ACG Research dissects telecom routing and switching market
  
  In this ACG Research HotSeat video, Managing Partner Ray Mota gives viewers a quarterly update on the telecom service provider routing and switching market.
Networking Channel
- Five WLAN questions answered: WPS attacks, access control, and more
  
  Even after a successful Wi-Fi network implementation, users are fraught with WLAN questions regarding access control and management. Do you have the answers?
- Cisco Live London: 40 and 100 GbE switching and souped up WLAN
  
  At Cisco Live London, Cisco debuted 40 and 100 GbE line cards for Nexus and Catalyst switching lines, as well as a 4-antenna wireless access point meant to soup up the WLAN.
- Selling public sector IT solutions forces partners to do some homework
  
  The need for public sector IT solutions is growing due to developing network activity, but can partners must be ready to commit to longer sales cycles and other complications.
CRM
- As social media expands, companies need to center social CRM plans
  
  With social CRM gaining popularity, companies need to identify their audiences are and what social media sites and technology they use, analysts say.
- Red Sox hit home run with custom Microsoft CRM app
  
  The Boston Red Sox spent seven years searching for a CRM system to handle ticketing and fan engagement before selecting a custom version of Microsoft CRM.
- Contact center social will (slowly) become norm
  
  In this expert response, find some ways contact centers are using social media channels to manage customer contact volume.
Data Management
- Poor reference data management causing headaches in financial sector
  
  Regulatory pressures and the need to improve data quality are forcing financial institutions to rethink reference data management strategies.
- AAA picks Dell Boomi cloud integration tools over IBM, Jitterbit
  
  A local AAA auto club serving three western states is using cloud-based data integration tools to help drive an aggressive cloud computing strategy.
- From the Editors: Framing the case for enterprise data virtualization
  
  There’s no lack of choices to consider if you’re looking at a possible data virtualization deployment -- both in terms of the vendors offering tools and the potential uses for the technology.

All Rights Reserved, Copyright 2003 - 2012, TechTarget