Wireless, like many other technologies, we use every day have some minor falsehoods (Scan once and never again!) all the way through to a monkey is working the controls to operate your computing systems. Some wireless users in Calgary and other major cities have a tendency to unwittingly abide by these (false) parameters without verifying their legitimacy. Myths about wireless security can be both very dangerous and incredibly costly. Some sneaky businesses spend valuable resources in bringing to fruition these urban legends that give a false sense of security and leave private networks and sensitive data quite exposed.
Busted– Already have my wired corporate LAN scanned from an auditor- I don’t need to worry about additional wireless security threats.
Non-wireless scanning tools are powerful in detecting anomalies and vulnerabilities on a wired network. Scanners and auditors may fail to capture vulnerabilities a wireless LAN. It is a good idea to regularly audit a network against wireless vulnerabilities using appropriate wireless vulnerability assessment solutions.
Busted- My wireless LAN (WLAN) is safe! I have a firewall securing my wired corporate LAN from the Internet.
A WLAN presents a probable entry point into your wired corporate or home office LAN circumventing all wired security measures. You and your authorized users can bypass your firewall and content filters using wireless access and connect to potentially dangerous external WLANs. In brief- wireless has made the “harden-the-network-perimeter” obsolete.
Busted – LEAP enables and is effective as WLAN security.
The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary security solution developed by Cisco. The authentication mechanism in LEAP is known to be flawed. The mechanism can be exploited using a brute force dictionary attack. Even using strong passwords with LEAP does not avert the potential threats.
Busted- SSID broadcast being turned off is a basic action towards securing a WLAN.
It is a common misconception that turning off SSID broadcast on a wireless Access Points or APs will not allow unauthorized users to discover the AP. Freely available software tools exist that actively probe and discover APs that respond to these probes. Passive sniffing of wireless traffic can also allow hackers to discover wireless APs in the vicinity. Turning off SSID broadcast is not only ineffective, but it in fact leads to another severe vulnerability.
Authorized clients that usually connect to enterprise APs, probe for the hidden SSID. A Hacker can sniff this information and use it to launch a honeypot attacks.
Busted-The need for wireless security ends in my house or wherever I am.
Managing wireless vulnerabilities is not limited to a home users or home office’s premise. Wireless Users carry their business laptops and smartphones when they travel. When a Calgary home wireless user connects to WLANs outside the home, say in fast food or coffee joints across the globe, they are still at risk.To carry wireless security on the road, wireless client security software—that enforces corporate security policies and manages how a wireless client behaves and connects is an absolute must.
Busted 6- MAC address filtering on wireless access points is effective in securing WLANs.
Bypassing MAC filtering is easy. Freely available software tools can be used to sniff MAC addresses being used by devices in the vicinity. MAC spoofing is one of the easiest attacks to launch, and filtering MAC addresses does not provide any security for your wireless LAN.
Busted- We use WEP to secure all our WiFi communication, so our “over-the-air data” is secure.
The vestige Wired Equivalent Privacy (WEP) encryption gives a false sense of security. It is well-known that WEP is broken and can be compromised in minutes exposing “over-the-air data.”
Calgary home business or home users should replace WEP by more recent, robust alternatives such as WPA2 or adopt other remediation solutions that proactively protect WEP device.
Busted- The need for wireless security is important but….
Non-wireless vulnerability assessment tools fail to capture wireless vulnerabilities and therefore can unintentionally mislead new users and administrators in believing that wireless vulnerabilities do not exist on their networks. Calgary businesses can ignore wireless security at their own peril. These are basic wireless myths that have been making the rounds through rumor mill online.