Tuesday, April 21, 2009

ARE WE PROTECTING OUR WIRELESS NETWORKS?

Not too long ago applying for a fixed-line phone used to fill one with dread. After being on a waiting list for eons, you would finally get the treasured land line connection. That, however, would not be the end of your troubles. The connection would constantly break down, bills were often wrong and maintenance service was pathetic.

It is against this backdrop that we have readily embraced wireless communication technologies. Cellular networks have experienced phenomenal growth in the recent past. Wireless computer solutions have also experienced substantial demand as we seek to become more flexible and productive.

Dependence on wireless computer networks is therefore increasing. Wireless Local area networks (WLANs) and Wireless Metropolitan area networks (WMANs) that connect several WLANs have become common in Nairobi. People and businesses use wireless networks to send or share data quickly whether it be in an office building or across the world.

Wireless networks are, however, inherently more vulnerable than wired ones. Denial of service (DoS) attacks against this type of network does not require a very sophisticated modus operandi.

These attacks can be launched from within or from outside using widely available standard wireless equipment. They can be carried out by a hacker using a standard laptop equipped with a high output wireless client card and a high gain antenna. There are many other methods of attack and protecting these wireless networks requires the implementation of defensive measures.

Deploying WLAN intrusion detection systems will assist in identifying Dos attacks. Strategically mounting the access points at sufficient height will deter hackers from easily reaching and destroying the access points.

It is also important to aim directional access point antennas towards the inside of the building. This will help to contain the RF (radio frequency) signal.

Making a building as resistive as possible to incoming radio signals is another crucial defensive measure. Installing metallic window tint instead of curtains or blinds can help prevent RF leakage and keep incoming radio signals out. Wi-Fi proof wallpaper and Wi-Fi paint also serve the same purpose.

Implementing the IEEE 802.11w standards that outlines the Protected Management Frames is advisable. WLANs send system management information in unprotected frames. This standard aims to increase security by providing data confidentiality of these frames.

Finally, it is good security practice to carry out wireless audits with the aim of determining how far the RF signal actually extends outside the building.

No comments: