Anixter, says that with security issues plaguing wireless local area network (WLAN) installations, organisations should be taking steps to mitigate possible threats much earlier on. Hazards include rogue access points, unauthorised eavesdropping and hacker attacks.
Rogue access points are those installed by users without coordinating in advance with the IT department. As access points are inexpensive and easy to install, rogue installations are naturally becomIng more commonplace. To compound the problem, rogue access points are often poorly configured and permit traffic that can be hard for intrusion-detection software to pinpoint.
A few simple steps can dramatically reduce the level of risk. Businesses should conduct extensive site surveys regularly to determine the location of all access points. They should also disable Simple Network Management Protocol (SNMP) community passwords on all access points. SNMP is used as an access-point management mechanism, and whilst it offers operational efficiencies, it increases the risk of security breaches. Also use a Remote Authentication Dial-In User Service, which can be built into an access point or provided via a separate server--to ensure that the requesting user is authorised.
Another security risk is eavesdropping. Without actually gaining access to the network, unanthorised parties can capture confidential data traversing the network via airwaves and easily read it because it is sent in clear text. For example, an attacker could alter a legitimate message by deleting, adding to, changing or reordering it. Furthermore, the attacker could monitor transmission and retransmit messages as a...