Wireless network security testing

Policies or no policies, though, the truth is that most organizations have more wireless systems -- especially more unsecured wireless systems -- running than they ever bargained for. There is planned wireless connectivity in training rooms, reception areas, and satellite offices as well as unplanned/rogue wireless in the form of Windows laptops running in ad-hoc mode and an access point set up by an employee for the sake of convenience. Or, there could be a malicious attacker running an "evil twin" access point to lure wireless users into his den of iniquity.

Whether or not you officially support wireless networks, various wireless security testing measures need to be on your security review checklist. Not doing so seems awfully risky given that most new computer systems have wireless built right in. This need for testing for wireless issues stands true even if you think your local airwaves are clear of network protocols or you only have one access point tucked away where nobody can get to it.

Even if you do support wireless and you think it's secure, unless you're running a wireless IDS or IPS system, it's likely you have vulnerabilities that a malicious external attacker or a rogue insider could exploit. Here's what you can do about it.

Wireless network security testing

 Home: Introduction
 Step 1: Build your arsenal of tools
 Step 2: Search for weaknesses
 Step 3: Dig in deep to demonstrate the threat

ABOUT THE AUTHOR: Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books including Hacking For Dummies, Hacking Wireless Networks For Dummies, Securing the Mobile Enterprise For Dummies (all by Wiley), as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver@principlelogic.com..
Copyright 2006 TechTarget

This series originally appeared on SearchWindowsSecurity.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Wireless Network Security Wireless LANs -- 'CCNA Official Exam Certification Library, Third Edition,' Chapter 11 Book of Wireless author on wireless advantages and issues Buying your own WAPs vs. Internet service provider's wireless routers Aruba Networks unveils wireless intrusion prevention enhancements, other security upgrades, at Interop Is my firewall setting preventing wireless network guest access? Wireless hot spot security -- podcast Wireless troubleshooting: AP not reestablishing association after loss of connectivity Wireless security protocols -- How WPA and WPA2 work Wireless security -- How WEP encryption works Will WPA2-PSK keep wireless networks safe from war drivers? Wireless Network Management 7/11 chain cuts out controller to lower wireless networking costs Cisco smartens up the wireless network with Motion platform Book of Wireless author on wireless advantages and issues Upgrading to 802.11n: Key considerations Prevent IP address conflicts on your wireless network by managing DHCP scopes How do we add wireless printer servers to our network? WLAN troubleshooting with spectrum analyzers Cisco to acquire Cognio Wireless network troubleshooting: Connectivity Wireless network deployment and management Wireless Network Management Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 802.11a  (SearchNetworking.com) home agent  (SearchNetworking.com) iDEN  (SearchNetworking.com) radio frequency  (SearchNetworking.com) repeater  (SearchNetworking.com) spectrum analyzer  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary