Upon completion of this chapter, you will be able to answer the following questions:
- What are the basic ways to address wireless security vulnerabilities?
- How do you configure user authentication?
- How do you configure firewall settings?
Key Terms
This chapter uses the following key terms. You can find the definitions in the Glossary.
demilitarized zone (DMZ) page 330
Service Set Identifier (SSID) page 333
Introduction (16.0.1)
In the preceding chapter, you learned about security considerations. But knowing that you should lock your doors and windows when you leave your home is not enough. You need to lock these points of entry to keep your home safe. It‛s the same for your network and devices.
With networks and devices, there is no single measure that you can take that will protect you from attack. Using several different measures together is the key to a secure network and secure devices.
Wireless Security Measures (16.1)
Similar to someone overhearing a private conversation between two people, similar security vulnerabilities exist with wireless networking.
Wireless Vulnerabilities (16.1.1)
One of the primary benefits of wireless networking is ease and convenience of connecting devices. Unfortunately, that ease of connectivity and the fact that the information is transmitted through the air also make your network vulnerable to interception and attacks, as shown Figure 16-1. Before your wireless network is installed, it is important to consider how you plan to secure access to it.
Figure 16-1 War Driving, War Walking, and War Chalking
War driving is the process of driving around an area searching for wireless LANs. When a wireless LAN is discovered, the location of the WLAN is logged and shared. The goal of war driving may be to access the WLAN to steal information. In some cases, the goal is to bring attention to the fact that most wireless networks are insecure.
A similar process to war driving is known as war walking where the person walks around an area to discover wireless access. When a WLAN is discovered, a chalk mark is placed in front of the location to indicate the status of the wireless connection, hence war chalking.
With wireless connectivity, the attacker does not need a physical connection to your computer or any of your devices to access your network. It is possible for an attacker to tune into signals from your wireless network, much like tuning into a radio station.
Attackers can access your network from any location your wireless signal reaches. After they have access to your network, they can use your Internet services for free, as well as access computers on the network to damage files or steal personal and private information.
These vulnerabilities in wireless networking require special security features and implementation methods to help protect your WLAN from attacks. These include simple steps performed during initial setup of the wireless device, as well as more advanced security configurations.