Question

A friend is interested in installing a wireless LAN in her small business. She has about a dozen employees. She is concerned about security.Explain what security threats she is facing and how she can reduce these threats. Then explain why we need a WAN If we can extend the LAN ?

Answer 1

Unlike a wired network which requires physical access to a device, a wireless network can be targeted and exploited from a distance. With the deployment of wireless LANs the risk of attacks occurring on wireless networks goes up.

There are several Common Wireless Network threats that she is facing and these includes :

1. The age-old WPS threat vector
2. Configuration Problems (Mis-Configurations/Incomplete Configurations)
3. Rogue Access Points/Ad-Hoc Networks
4. Passive Capturing

• The age-old WPS threat vector

  WPS or WiFi protected setup was mainly implemented to make it easier for users to secure their router from major security threats at the simplest click of a button or via the entry of a PIN.

  Unfortunately, WPS security came with several loopholes that were easily exploited by the crooks in particular. PREVENTION: It’s simple. Turn WPS off.

• Configuration Problems

  Simple configuration problems are often the cause of many vulnerabilities, this is because many consumer/SOHO grade access points ship with no security configuration. A novice user can set up one of these devices quickly and gain access. However, they also open up their network to external use without further configuration.

  Other potential issues with configuration include weak passphrases, weak security deployments (i.e. WEP vs WPA vs WPA2), and default SSID usage among others. PREVENTION: The answer’s right there in front of you. DO NOT use individually-managed APs in your business network. A centrally managed WLAN is safer and more effective.

• Rogue Access Points/Ad-Hoc Networks

  A rogue access point (AP) is a wireless AP that has been installed on a secured network without any authorization from the network administrator. This is a common security threat that’s often used by attackers to trick businesses into believing that they are connecting to a legitimate AP; whereas, in reality, they are falling into a trap that has been set up by an unethical hacker to intercept confidential and sensitive data from the business in particular. PREVENTION: Businesses can install a WIPS (Wireless intrusion prevention system) to monitor the radio spectrums of unauthorized APs, and take actions accordingly.

• Passive Capturing Passive capturing is performed by simply getting within range of a target wireless LAN and then listening and capturing data. This information can be used for a number of things including attempting to break existing security settings and analyzing non-secured traffic. It is almost impossible to really prevent this type of attack because of the nature of a wireless network; what can be done is to implement high-security standards using complex parameters.

The best attitude to take towards wireless security it to be constantly vigilant; ensure that the security used on a wireless network is adapted as the standards change to ensure a high level of security.

We can extend LAN by using repeaters. If we increase LAN by using a large number of repeaters than this arrangement does not guarantee sufficient signal strength. That's why we need a WAN as WAN (Wide Area Network) is used to describe large scale networks that extend across areas, cities and even countries around the globe. International companies with offices around the world use various methods to interconnect them between each other, allowing them to freely exchange data, voice and other services. The speed in which these huge networks run at is relatively small, mainly due to the high costs involved.