Interpreting the crisis of Wireless LAN security

Wireless applications bring great convenience to people, but at the same time, their use is also unstable. The primary problem is the security risks of Wireless LAN. The use of wireless LAN is based on radio wave transmission. The invisible and invisible transmission method of radio waves is hard to control. Security problems must be hard to control. Next, let's take a look at the security risks of Wireless LAN.

Wireless LAN security hazards 1: Easy intrusion

Wireless LAN is very easy to detect. In order to enable users to discover the existence of wireless networks, the network must send beacon frames with specific parameters, so as to provide necessary network information to attackers. Intruders can use high-sensitivity antennas to launch attacks on networks from road borders, buildings, and anywhere else without any physical intrusion.

Solution: enhance network access control

Access is not equal to attack. An extreme means is to prevent electromagnetic wave leakage through electromagnetic shielding of houses. Of course, powerful network access control can reduce the risk of wireless network configuration. If you place an AP outside a network security device such as a firewall, you 'd better consider using the VPN technology to connect to the backbone network. A better way is to use a new wireless network product based on IEEE802.1x. IEEE802.1x defines a new frame type for user-level authentication. With the help of the existing user database of the enterprise network, the frontend Authentication Based on IEEE802.1X wireless network is converted to the back-end RASIUS Authentication Based on wired network.

Problem 2: Illegal AP

Wireless LAN is easy to access and easy to configure, making it a headache for network administrators and security officials. Any computer can connect to the network without authorization through the AP purchased by itself. Many departments build their own wireless LAN without authorization from the company's IT center. Illegal AP access brings great security risks to the network.

Solution: regular site reviews

Like many other networks, wireless networks have corresponding security management requirements. Before Intruders use the network, they can find unauthorized networks through receiving antennas. The monitoring through physical sites should be conducted as frequently as possible. Frequent monitoring can increase the probability of detecting illegal site configuration, however, this will take a lot of time and cause poor mobility. A compromise is to choose a small handheld detection device. The administrator can detect the network at any time by means of a handheld scanning device.

Problem 3: authorized use of services

More than half of users only make few changes based on the default configuration when using the AP. Almost all APs enable WEP Encryption Based on the default configuration or use the default key provided by the original manufacturer. Due to the open access method of the wireless LAN, unauthorized use of network resources will not only increase bandwidth fees, but also lead to legal disputes. In addition, unauthorized users do not comply with the terms of service proposed by the service provider, which may lead to service interruption by the ISP.

Solution: The best defense method to enhance security authentication is to prevent unauthorized users from accessing the network. Because the access privilege is based on the user identity, therefore, encryption is a prerequisite for authentication. VPN technology can effectively protect the network traffic transmitted through radio waves.

Once the network is configured successfully, strict authentication methods and authentication policies will be crucial. In addition, the wireless network needs to be tested on a regular basis to ensure that the network device uses the security authentication mechanism and the network device configuration is normal.

WLAN security risk 4: service and performance restrictions

The transmission bandwidth of the wireless LAN is limited. Due to the overhead of the physical layer, the actual maximum effective throughput of the wireless LAN is only half of the standard, and the bandwidth is shared by all AP users.

Wireless bandwidth can be swallowed up in several ways: network traffic from wired networks far exceeds the bandwidth of wireless networks. If attackers send a large amount of Ping traffic from fast Ethernet, it will easily swallow the limited bandwidth of the AP. If broadcast traffic is sent, multiple APS will be blocked at the same time. attackers can send signals in the same wireless channel of the same wireless network, in this way, the attacked network will automatically adapt through the CSMA/CA mechanism, which also affects the transmission of wireless networks. In addition, transmission of large data files or complex client/server systems will generate a large amount of network traffic.

Solution: network detection

To locate performance faults, you should start with monitoring and discovering problems. Many AP reports statistics through SNMP, but the information is very limited and does not reflect the actual problems of users. The wireless network tester can truthfully reflect the quality and network health of the current position signal. The tester can effectively identify the network rate and frame type to help locate faults.

Problem 5: Address Spoofing and session Interception

Because 802.11 Wireless LAN does not authenticate data frames, attackers can redirect data streams by spoofing frames and confuse ARP tables, attackers can easily obtain the MAC addresses of websites on the network. These addresses can be used for malicious attacks.

In addition to spoofing frames, attackers can capture session frames to discover authentication defects in the AP and detect the existence of the AP by monitoring the broadcast frames sent by the AP. However, because 802.11 does not require the AP to prove that it is an AP, attackers can easily dress up as an AP to enter the network. Through such an AP, attackers can further obtain authentication information and access the network. Before using 802.11i to authenticate each 802.11 MAC frame, network intrusion through session interception is unavoidable.

Solution: isolated from important networks

Before 802.11i is officially approved, MAC Address Spoofing still threatens wireless networks. The network administrator must remove the wireless network from the vulnerable core network.

Problem 6: Traffic Analysis and traffic listening

802.11 cannot prevent attackers from passively listening for network traffic, and any wireless network analyzer can intercept unencrypted network traffic without any hindrance. Currently, attackers can exploit the WEP vulnerability to protect the initial data of user and network communication, and the management and control frames cannot be encrypted and authenticated by WEP, this provides an opportunity for attackers to stop network communication by spoofing frames. In the early days, WEP was easily decrypted by tools such as Airsnort and WEPcrack. However, firmware released by many vendors can avoid these known attacks. As an extension of the protection function, the protection function of the latest wireless LAN product is further improved. The key management protocol is used to change the WEP Key every 15 minutes. Even the busiest Network won't generate enough data in such a short period of time to prove that the attacker cracked the key.

Solution: use reliable protocols for encryption

If your wireless network is used to transmit sensitive data, it is far from enough to use only WEP encryption, encryption technologies such as SSH, SSL, and IPSec need to be further used to enhance data security.

Wireless LAN security risks 7: Advanced Intrusion

Once an attacker enters the wireless network, it will be the starting point for further intrusion into other systems. Many networks have a set of well-configured security devices as the network shell to prevent illegal attacks. However, the network protected by the shell is very fragile and vulnerable to attacks. A wireless network can quickly access the network trunk through simple configuration, but this will expose the network to attackers. Even a network with a certain number of border security devices can expose the network to be attacked.

Solution: isolate wireless networks and core networks

Wireless Networks are considered unreliable because they are very vulnerable to attacks. Many companies deploy wireless networks in public areas such as lounges and training classrooms as access methods for customers. The network should be arranged outside the core network protection housing, such as the firewall, and the access to the core network should be VPN.