Performing A Wireless Security Audit For Network ComplianceA wireless security audit is usually limited by the hardware of the wireless access point, which is the reason why WAP's had weak algorithm's in first place (WEP), due to the fact that they needed an algorithm that could be implemented in a cheap device (WRT54) that would still give performance that a consumer would pay for. Wireless security relies on encrypting the radio frequency signal that is transmitted over between devices. Security for wireless solutions doesn't usually come from a single software protocol or hardware solution, but rather from educated wireless networking professionals implementing multiple safeguards. Network security in a wireless LAN environment can be a unique challenge, whereas wired networks send electrical signals or pulses through cables, wireless signals propagate through the air. Network conditions and environmental factors, including network traffic volume, building materials and construction, and network overhead lower actual data throughput rate. Environmental factors will adversely affect wireless signal range, where providing network security in a wireless LAN environment is a unique challenge, since wired networks send electrical signals or pulses through cables, wireless signals propagate through the air. WEP was designed together with the development of802.11b, and exists in all wireless equipment. However, it has several inherent weaknesses, one of them being that the encryption key is frequently reused, making it achievable to break the encryption in a matter of minutes on a wireless network with a lot of traffic. While WEP encryption can keep out casual hackers, it is clearly not adequate where high security is required. While WEP is not the only encryption method for your wireless network-other available security protocols operate at the higher Network and Transport layers, WEP security is not much better than nothing at all. WEP keys have been hacked using a number of readily available tools, including WEPCrack and AirSnort . WPA allows passwords as long as 63 characters, and WPA provides much better protection and is also easier to use, since your password characters aren't limited to 0-9 and A-F as they are with WEP. WPA support is built into Windows XP and Windows Vista and virtually all modern wireless hardware and operating systems. WEP actually is made up of two parts, a "secret key", and a 24 bit "Initialization Vector" which is not under user control. WEP encrypts each 802.11 packet separately with an RSA RC4 cipher stream generated by a 64- or 128-bit RCA key, however several cryptanalysts have identified weaknesses in the RC4's key scheduling algorithm that make the network vulnerable to hackers. WEP is not flawless, but it is a big deterrent considering there are probably other non-WEP networks nearby. Wireless networks, however, are often configured by default to allow access to any computer that attempts to connect to the network, allowing anyone driving by with a laptop looking for stray wireless signals or anyone with a wireless network card in a neighboring house can use networks configured in that way. Performing a wireless security audit is a must and a primary concern when rolling out a wireless network. |