Securing Wireless Networks

Chapter Description

This chapter discusses wireless security, including a checklist for securing Wi-Fi.

Locking Down Wireless

For every networking innovation, there is a hacker looking to exploit it. The advent of wireless networking was no different; in fact, the hackers had a field day with this one early on. The reason is that before wireless, hackers had only two ways to get into a network: They could either penetrate it from the Internet or could get physical access to a live switch port inside the network.

Despite all the news about hacking, breaching a corporate network from the Internet is extremely difficult. This method provides a lot of anonymity (always a plus when breaking the law). If someone can get access to the switch port, the technical stuff is easy. There is, of course, the matter of being caught and detained, though.

When wireless came about, it was a dream for hackers, because they could sit in a car in the parking lot, or even on a bench outside, protecting their anonymity while taking advantage of what was a live port on the network.

You may be wondering why those clever IT guys didn’t see this coming. The truth is, they did. In fact, wireless was viewed as such a problem that many companies refused to implement it because of the security risks. However, wireless became accessible and affordable on the consumer side. Corporate employees instantly understood the productivity gains of being able to remain connected while away from their desks. As soon as the prices of wireless routers began to drop, they did what made sense to them. They plugged their own wireless access points—literally, their own personal hotspots—into the ports in their offices so that they could roam around and check e-mail.

Now IT had a huge problem. Not only was wireless a known security risk, but they had open wireless APs that they did not control all over their networks. This was the birth of the “rogue” AP, and it made their security look like Swiss cheese. This is when something really interesting happened. IT realized that the wireless cat could not be stuffed back in the bag. Wireless was here to stay. The people had mandated that they have wireless access, and IT departments realized it was better to “own” wireless so that they could properly secure it.

2. Balancing Security and Access | Next Section