Content

Wireless security 2007

Wireless networks are not about to go away any time soon. The convenience of losing the copper tether and gaining the ability to roam from one end of a campus to another without re-authenticating is just too practical. In the earlier days of wireless networks, the security controls were riddled with flaws, but today’s updated wireless networks have security controls that – when appropriately configured – provide greater security than a traditional wired network.

However, there is still a great deal of confusion due to all the standards that exist just for wireless networking. Below are some of the common terms used in wireless networking. The Institute of Electrical and Electronics Engineers (IEEE) creates standards, and they number these standards in unique ways. The 802.11 standard covers wireless networks. The a, b and g notations identify different variations of the 802.11 standard:

802.11b was the first version to reach the marketplace. It is the slowest and least expensive of the three. 802.11b transmits at 2.4 GHz and can handle up to 11 megabits per second.

802.11a was next. It operates at 5 GHz and handles up to 54 megabits per second. 802.11a adoption was slower and less widespread than 802.11b.

802.11g is a mix of both worlds. Its radio operates in 2.4Ghz space (giving it the cost advantage of 802.11b), but it has the 54 megabits per second speed of 802.11a. This is perhaps the most common type of wireless network available today.

802.11i (WPA and WPA2) include several security features which are now used to secure wireless, including TKIP, 802.1x and EAP. These features were all part of an interim standard known as WPA, or Wi-Fi Protected Access. The Wi-Fi Alliance created a standard that would allow for interoperability throughout 802.1x, EAP and TKIP implementations.

WEP stands for Wired Equivalent Privacy (not wireless encryption protocol as it is often called), and it is an encryption system for the data that 802.11 sends through the air. WEP has two variations: an older 64-bit encryption (really 40-bit), and the slightly more recent 128-bit encryption (really 104-bit). 40-bit encryption was the original standard because it could be exported outside the United States, but it was found to be easily broken. The 128-bit encryption is slightly more secure and is what most people use if they enable WEP on their access points. In most cases, a casual end-user will not be able to access the wireless network that is using WEP unless the WEP key is provided.

802.1x standard

Don’t confuse the authentication mechanism that we are discussing here (802.1x) with the standards mentioned above (802.11 a,b, and g). While these terms are both IEEE standards, they are actually completely different. In fact, 802.1x can be used without a wireless network and can run on a traditional (wired) Ethernet network. The use of IEEE 802.1x offers an effective framework for authenticating and controlling user traffic to a protected network, as well as dynamically varying encryption keys. 802.1x ties a protocol called EAP (Extensible Authentication Protocol) to both the wired and wireless LAN media and supports multiple authentication methods, such as token cards, Kerberos, one-time passwords, certificates and public key authentication.

Temporal Key Integrity Protocol (TKIP) is a recent security feature offered by various vendors to correct the weak WEP problem. It was developed by some of the same researchers who found the weaknesses in how RC4 was implemented. TKIP corrects these weaknesses and more. TKIP still uses RC4 as the encryption algorithm, but it removes the weak key problem and forces a new key to be generated every 10,000 packets, or 10KB or every five minutes, depending on the source.

How we tested

We built each wireless network using the vendor’s recommended hardware and software. We used the default configuration to test for ease of use and other metrics. Once the network was up and running, we would bring up a rogue access point (AP) to see if the devices could detect the rogue AP. We then attempted to change the configuration on the APs themselves. All of the products scored well in detecting the rogue access point, the rogue client and unauthorized configuration changes.

- Mike Stephenson contributed to this Group Test.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.