Wireless networks have been notoriously insecure since the early days of the 802.11b standard of the late 1990s. Since the standard’s inception, major 802.11 weaknesses, such as physical security weaknesses, encryption flaws, and authentication problems, have been discovered. Wireless attacks have been on the rise ever since. The problem has gotten so bad that two wireless security standards have emerged to help fight back at the attackers:
- Wi-Fi Protected Access (WPA): This standard, which was developed by the Wi-Fi Alliance, served as an interim fix to the well-known WEP vulnerabilities until the IEEE came out with the 802.11i standard.
- IEEE 802.11i (referred to as WPA2): This is the official IEEE standard, which incorporates the WPA fixes for WEP along with other encryption and authentication mechanisms to further secure wireless networks.
These standards have resolved many known security vulnerabilities of the 802.11a/b/g protocols. As with most security standards, the problem with these wireless security solutions is not that the solutions don’t work — it’s that many network administrators are resistant to change and don’t fully implement them.
Issue is Many administrators don’t want to reconfigure their existing wireless systems and don’t want to have to implement new security mechanisms for fear of making their networks more difficult to manage. These are legitimate concerns, but they leave many wireless networks vulnerable and waiting to be compromised.
Even after you have implemented WPA, WPA2, and the various other wireless protection techniques , your network may still be at risk. This can happen when (for example) employees install unsecured wireless access points or gateways on your network without you knowing about it. In our experience — even with all the wireless security standards and vendor solutions available — the majority of systems are still wide open to attack.
Bottom line: Ethical hacking isn't a do-it-once-and-forget-it measure. It’s like an antivirus upgrade — you have to do it again from time to time.
No comments:
Post a Comment