Common Wireless LAN Security Oversights
Most wireless LAN equipment is shipped with security features disabled. To enable security on 802.11 devices, care must be taken to ensure proper security of the wireless LANs. In this section, we examine the most common security oversights that degrade the security of a wireless LAN.
- Using Default or Out−of−the−Box Security
Most currently available wireless LAN devices, especially 802.11−compliant devices, come with security features disabled, and under most circumstances the wireless LANs are deployed without enabling the security features.
This widespread deployment of insecure wireless LANs has attracted the attention of the hacker community. An unprotected network may also provide outsiders free access to its broadband access.
There is a parasitic activity commonly referred to as war driving that hackers engage in, where the primary purpose is to use the Internet services of other individuals and corporations.
War driving is an adaptation of another activity known as war dialing. War dialers use brute force to dial every phone number looking for modems, trying to break into systems and network.
A war driver generally roams neighborhoods, office parks, and industrial areas looking for unprotected networks and sometimes sharing this information on the Internet. To protect a wireless LAN from hackers and other adversaries, it should always be operated in encrypted and authenticated mode.
- Using Fixed Shared Keys
Most currently available wireless LAN devices support more than one shared key. These shared keys are used for authentication and encryption purposes. If these keys are not frequently updated, they might be hacked.
Therefore, to ensure that a wireless LAN is secured, the shared keys should be updated on a frequent basis to avoid shared−key−based attacks.
- Using Far−Too−Strong Radio Signals
The strength of radio signals used in a wireless LAN define the range from which a wireless LAN can be accessed. Use of devices that produce stronger signals than are needed add insecurity to a wireless LAN as they become accessible to adversaries from farther distances.
It is, therefore, important to use wireless devices that emit radio signals that are not too strong.