Building a Cisco Wireless LAN
Chapter 8: Cisco Wireless Security
This excerpt is reprinted with permission from Syngress Publishing, copyright 2003. For more information or to order the book, visit the Syngress Web site.
Solutions in this chapter:
- Understanding Security Fundamentals and Principles of Protection
- MAC Filtering
- Reviewing the Role of Policy
- Implementing WEP
- Addressing Common Risks and Threats
- Sniffing, Interception, and Eavesdropping
- Spoofing and Unauthorized Access
- Network Hijacking and Modification
- Denial of Service and Flooding Attacks
There is not much indication of anything slowing down the creation and deployment of new technology to the world any time in the near future. With the constant pressure to deploy the latest generation of technology today, little time is allowed for a full and proper security review of the technology and components that make it up.
This rush to deploy, along with the insufficient security review, not only allows age-old security vulnerabilities to be reintroduced to products, but creates new and unknown security challenges as well. Wireless networking is not exempt from this, and like many other technologies, security flaws have been identified and new methods of exploiting these flaws are published regularly.
Utilizing security fundamentals developed over the last few decades, you can review and protect your wireless networks from known and unknown threats. In this chapter, we recall security fundamentals and principles that are the foundation of any good security strategy, addressing a range of issues from authentication and authorization, to controls and audit. No primer on security would be complete without an examination of the common security standards, which are addressed in this chapter alongside the emerging privacy standards and their implications for the wireless exchange of information.
We also look at how you can maximize the features of existing security standards like Wired Equivalent Protocol (WEP). We also examine the effectiveness of Media Access Control (MAC) and protocol filtering as a way of minimizing opportunity. Lastly, we look at the security advantages of using virtual private networks (VPNs) on a wireless network, as well as discuss the importance of convincing users of the role they can play as key users of the network.
You'll also learn about the existing and anticipated threats to wireless networks, and the principles of protection that are fundamental to a wireless security strategy. And although many of the attacks are similar in nature to attacks on wired networks, you need to understand the particular tools and techniques that attackers use to take advantage of the unique way wireless networks are designed, deployed, and maintained. We explore the attacks that have exposed the vulnerabilities of wireless networks, and in particular the weaknesses inherent in the security standards. Through a detailed examination of these standards, we identify how these weaknesses have lead to the development of new tools and tricks that hackers use to exploit your wireless networks. We look at the emergence and threat of "war driving" technique and how it is usually the first step in an attack on wireless networks.
This chapter is posted in full as a pdf file. To continue reading, click here.