Wireless Networks - are they really safe?

They are relatively cheap to deploy, easy to setup and configure with most systems being ready straight out of the box. This compliments the obvious advantage of not having to cable a new building or department

'Ready straight out of the box' is always a scary term when placing security and networks in the same discussion as it screams that there is no reason or incentive for anyone to even think about setting the product up correctly. Most wireless networks now come with built in security via authentication between the client and the base station using the WEP (Wireless Equivalent Privacy) which offers 128bit encryption.

This provides initial security via secure authentification, but as with any new technology solution there is a way around it. Tools available via the internet such as WEPcrack allow some wireless systems to be cracked and used for illegitimate use such as free internet access and a potential attack on a different network launched from the host's network. Many companies may not consider their network's content particularly appealing to hackers, however this is a misconception.

The least significant information to you may be very pertinent to an attacker. Lets take this a step further, lets assume that the hacker uses the host as a launching pad to attack another organization with little or no chance of tracing the hack o the attacker leaving the host wide open to a number of legal, corporate image and loss of face issues

So who is open to attack? Well anyone who has a wireless network. Hackers use what is called Wardriving, Warwalking or Warstrolling depending on the speed at which you want to carry it out. Either way it involves traveling around with a laptop computer or PDA equipped with a wireless network card and a suitable scanning tool such as Net Stumbler and scanning for wireless networks in certain areas.

This also leads to Chalkwalking where chalk marks are left on buildings where insecure wireless networks are available and thus providing free internet access to anyone who wants it. The issue with a wireless network is that the radio waves are never contained within the office perimeter but instead extend out sometimes beyond the building allowing people with a powerful antenna to detect the network from outside the building

So where are the figures? Simple there are not many around, wireless networks are becoming more popular but by no means are they the majority. In addition such attacks are not easy to detect at the same time as the attackers not always committing malicious attacks but simply using your network as a free internet connection.

Finally there is the pride factor in that people and companies will not boast about the fact that they have been attacked equally the attackers will not publicize themselves as being successful in gaining access for obvious legal reasons.

So what is the answer, there is not really an answer if you intend to harness confidential information on your network at the same time as enjoying the freedom of a wireless network and taking to the airwaves.

What can you do to help protect yourself? by satisfying a number of steps you can achieve additional security but of course never be 100% secure.

Configure and limit access by only allowing the people that really need access to install a card and take to the airwaves. Access can be granted based on specific wireless cards which are determined by authorized MAC addresses. However misguided individuals can spoof MAC addresses, to them it is not rocket science. It is worth considering to limit the number of dynamic DHCP addresses that can connect to the number of people on the network, by doing this it will be easy to recognize any unauthorized connections.

In addition wireless access points will allow the configuration of signal strength and also direction so that the access points themselves can be placed as centrally as possible in the room and thus as far as possible from outer walls of the buildings. This combined with limited signal strength and direction so that the wireless users are just within the range will prevent anyone outside of that range having access. - possibly! Some wireless network cards now come with a powerful antenna capable of detecting signals up to hundreds of meters away.
Use encryption 128bit WEP.

This can be cracked as previously explained but it is another layer of defense that will hopefully encourage the potential hacker to overlook your network and look further a field for a network that is more interesting and a little less secure. RADIUS encryption servers are also available to increase security but they are generally quite expensive, as with all systems there are open source options available which tend to be free.

Limit access points. Access points are like modems on a network, they create the perfect backdoor and are difficult to detect. Just like someone in your company can bring along a modem, connect it to his PC and to the phone line to get access, an access point works in pretty much the same way. Only authorized access points that the network admin knows about should be installed and locked so that the configuration cannot be changed, of course it is obvious that strong passwords authentification should be used and changed on a regular basis in line with your security policy.

Disable SSIDS broadcasting. Purchase an access point with the option to disable the SSID broadcasting of your access point so that scanners cannot pickup on the name of the network. If this is not an option on the access point that you have then ensure that you change the name from the default and do not use the name or address of your company. Not the most secure but again placing another layer of defense against attack.

So if you really want a wireless network, make sure you secure it properly with WEP, purchase a RADIUS server if you can afford it and follow the simple steps above top control the human element of security, but remember if you want to take to the airwaves then you must be aware of the possible consequences.