Wireless Network Security Threats - dummies

By Doug Lowe

Wireless networks have the same basic security considerations as wired networks. As a network administrator, you need to balance the need of legitimate users to access network resources against the risk of illegitimate users breaking into your network. That’s the basic dilemma of network security. Whether the network uses cables, wireless devices, kite strings and tin cans, or smoke signals, the basic issues are the same.

Following are the types of security threats that wireless networks are most likely to encounter. You should take each of these kinds of threats into consideration when you plan your network’s security.

Intruders

With a wired network, an intruder usually must gain access to your facility to physically connect to your network. That’s not so with a wireless network. In fact, hackers equipped with notebooks that have wireless network capability can gain access to your network if they can place themselves physically within range of your network’s radio signals. Consider these possibilities:

  • If you share a building with other tenants, the other tenants’ offices may be within range.

  • If you’re in a multifloor building, the floor immediately above or below you may be in range.

  • The lobby outside your office may be within range of your network.

  • The parking lot outside or the parking garage in the basement may be in range.

If a would-be intruder can’t get within normal broadcast range, he or she may try one of several tricks to increase the range:

  • A would-be intruder can switch to a bigger antenna to extend the range of his or her wireless computer. Some experiments have shown that big antennas can receive signals from wireless networks miles away.

  • If a would-be intruder is serious about breaking into your network, he or she may smuggle a wireless repeater device into your facility — or near it — to extend the range of your wireless network to a location that he or she can get to.

A physical connection to your network isn’t the only way an intruder can gain access, of course. You must still take steps to prevent an intruder from sneaking into your network through your Internet gateway. In most cases, this means that you need to set up a firewall to block unwanted and unauthorized traffic.

Freeloaders

Freeloaders are intruders who want to piggyback on your wireless network to get free access to the Internet. If they manage to gain access to your wireless network, they probably won’t do anything malicious: They’ll just fire up their web browsers and surf the Internet. These are folks who are too cheap to spend $40 per month on their own broadband connection at home, so they’d rather drive into your parking lot and steal yours.

Even though freeloaders may be relatively benign, they can be a potential source of trouble. In particular:

  • Freeloaders use bandwidth that you’re paying for. As a result, their mere presence can slow down Internet access for your legitimate users.

  • After freeloaders gain Internet access through your network, they can potentially cause trouble for you or your organization. They may use your network to download illegal pornography, or they may try to send spam via your mail server. Most ISPs will cut you off cold if they catch you sending spam, and they won’t believe you when you tell them that the spam came from a kid parked in a Pinto out in your parking lot.

  • If you’re in the business of selling access to your wireless network, obviously, freeloaders are a problem.

  • Freeloaders may start out innocently looking for free Internet access. Once they get in, though, curiosity may get the better of them, leading them to snoop around your network.

  • If freeloaders can get in, so can malicious intruders.

Eavesdroppers

Eavesdroppers just like to listen to your network traffic. They don’t actually try to gain access via your wireless network — at least, not at first. They just listen.

Unfortunately, wireless networks give them plenty to listen to:

  • Most wireless access points regularly broadcast their Service Set Identifiers (SSIDs) to anyone who’s listening.

  • When a legitimate wireless network user joins the network, an exchange of packets occurs as the network authenticates the user. An eavesdropper can capture these packets and, if security isn’t set up right, determine the user’s logon name and password.

  • An eavesdropper can steal files that are opened from a network server. If a wireless user opens a confidential sales report that’s saved on the network, the sales-report document is broken into packets that are sent over the wireless network to the user. A skilled eavesdropper can copy those packets and reconstruct the file.

  • When a wireless user connects to the Internet, an eavesdropper can see any packets that the user sends to or receives from the Internet. If the user purchases something online, the transaction may include a credit card number and other personal information. (Ideally, these packets will be encrypted so that the eavesdropper won’t be able to decipher the data.)

Spoilers

A spoiler is a hacker who gets kicks from jamming networks so that they become unusable. A spoiler usually accomplishes this act by flooding the network with meaningless traffic so that legitimate traffic gets lost in the flow. Spoilers may also try to place viruses or worm programs on your network via an unsecured wireless connection.

Rogue access points

One of the biggest problems that network administrators have to deal with is the problem of rogue access points. A rogue access point is an access point that suddenly appears on your network out of nowhere. What usually happens is that an employee decides to connect a notebook computer to the network via a wireless computer. So this user stops at Computers R Us on the way home from work one day, buys a Fisher-Price wireless access point for $25, and plugs it into the network without asking permission.

Now, in spite of all the elaborate security precautions you’ve taken to fence in your network, this well-meaning user has opened the barn door. It’s very unlikely that the user will enable the security features of the wireless access point; in fact, he or she probably isn’t even aware that wireless access devices have security features.

Unless you take some kind of action to find it, a rogue access point can operate undetected on your network for months or even years. You may not discover it until you report to work one day and find that your network has been trashed by an intruder who found his or her way into your network via an unprotected wireless access point that you didn’t even know existed.

Here are some steps you can take to reduce the risk of rogue access points appearing on your system:

  • Establish a policy prohibiting users from installing wireless access points on their own. Then make sure that you inform all network users of the policy, and let them know why installing an access point on their own can be such a major problem.

  • If possible, establish a program that quickly and inexpensively grants wireless access to users who want it. Rogue access points show up in the first place for two reasons:

    • Users need the access.

    • The access is hard to get through existing channels.

  • If you make it easier for users to get legitimate wireless access, you’re less likely to find wireless access points hidden behind file cabinets or in flower pots.

  • Once in a while, take a walk through the premises, looking for rogue access points. Take a look at every network outlet in the building; see what’s connected to it.

  • Turn off all your wireless access points and then walk around the premises with a wireless-equipped mobile device such as a smartphone and look for wireless networks that pop up. Just because you detect a wireless network, of course, doesn’t mean you’ve found a rogue access point; you may have stumbled onto a wireless network in a nearby office or home. But knowing what wireless networks are available from within your office will help you determine whether or not any rogue access points exist.

  • If your network is large, consider using a software tool such as AirWave to snoop for unauthorized access points.