By Baselinemag  |  Posted 2005-12-13 Print this article Print

Even if you've managed to harden your wireless network to lock out the script kiddie with the Pringles, your access points offer easy entry to any one with with a good antenna, a little expertise and a decent set of cracker tools.

Knit a Safety Net

Champion and his team appear to be ahead of the curve. Most businesses with wireless networks have surprisingly inadequate security measures, according to industry experts.

"There are a ton of organizations with wireless, but there aren't many that are serious about doing what I'd consider enterprise-class wireless security," says Kevin Harvey, formerly practice manager of security technology for Forsythe Technology, a consulting firm based in Skokie, Ill.

For example, the six-year-old Wired Equivalent Privacy (WEP) protocol is often the only encryption mechanism companies use for wireless networks, but Harvey says the protocol is relatively easy to hack, particularly if it's set up improperly. He blames the lack of awareness on this issue, in part, on wireless vendors that don't give customers the whole picture. "They're going to say, 'WEP is perfectly fine, don't worry about it.' They don't want to add fear into the sales cycle," he says.

A newer, and more secure, technology is the Wi-Fi Protected Access (WPA) protocol. The latest version of WPA, called WPA2, offers enhanced encryption capabilities including the Advanced Encryption Standard algorithm used by many government agencies. Now, interoperability is the main problem, says Gartner analyst John Pescatore._"The issue is not that you can't do wireless networking securely, but that all the vendors do it slightly differently," he says.

New security technologies are also going on the offensive. Wireless intrusion detection systems from vendors including AirDefense, AirMagnet, Network Chemistry and WiMetrics monitor the radio spectrum in a given area and watch out for unauthorized users. Some can map the location of a suspected rogue access point, or detect sophisticated attacks such as the "evil twin" scheme, in which a hacker's computer impersonates a legitimate wireless access point to steal passwords or other private information.

as the products have improved, customers have become more aware of the dangers of leaving their networks unprotected. Five years ago, Consolidated High School District 230 in Chicago's southwest suburbs rolled out a wireless network with equipment from Lucent Technologies—without any security. "Initially, our networks were wide open," says Darrell Walery, the district's director of technology.

Walery soon realized his team needed to batten down the hatches to prevent students from accessing sensitive data, like their grades. The district, which includes three high schools with 9,000 students, now encrypts data on its wireless networks using software from Bluesocket. "In education," Walery notes, "we tend to have some hostile users"—i.e., disaffected teen-agers with ready access to high-tech gear.

The encryption added a layer of security, but Walery has remained on guard. His group carefully monitors access to the network, and one day discovered an unauthorized signal they traced to someone—out in the proverbial parking lot—who was trying to crack into one of the school's wireless networks using a Pringles potato chip can as a long-distance antenna.

Others find the need for security measures above and beyond those provided by the wireless infrastructure. The government of Culver City, Calif., on the west side of Los Angeles, runs a free Wi-Fi network for residents and visitors over a one-square-mile area of its downtown. The network, which provides access to the Internet, is unrestricted. There's zero security. "People don't want to deal with the WPA or WEP keys," says Carlos Vega, an information systems analyst with the city.

However, Culver City also runs a wireless network at

its primary administration building for some of its 700 employees. For this network, Vega and his team have three levels of security: A WPA key, issued by the city's information-technology department; a log-in to the city's Windows NT system; and a virtual private network that encrypts data before it hits the wireless network.

"We try to take every security precaution possible," Vega says. When every passing driver—or kid with a Pringles can—is a potential hacker, who would say he's overreacting? ONLINE RESOURCES: Wireless Security

  • Wi-Fi Alliance (www.wi-fi.org), a consortium of wireless network technology vendors, provides white papers on
    security standards and practices.
  • The SANS Institute (www.sans.org) has an archive of wireless security white papers.
  • Wardrive.net offers primers on wireless security best practices.

  • <12

    Submit a Comment

    Loading Comments...
    eWeek eWeek

    Have the latest technology news and resources emailed to you everyday.