Because of the speed and reliability achieved by 802.11n technology, many companies are starting to use a more bandwidth-enabled wireless LAN to support new mobile services. But this change requires more complex and reliable WLAN testing to verify the security, connectivity, and performance of the network.
Companies can no longer need to use labor-intensive tools to check signal strength, server accessibility, and Wi-Fi vulnerabilities. Testing hundreds of access points (APs) and countless clients across geographically dispersed enterprise networks requires more efficient automation tools and methods.
In many early Wi-fi deployments, security means checking an entire building or park and listening for unfamiliar signals to detect unauthorized malicious APS. Not only is this extremely inefficient, but it often "blocks" many APs that identify errors, and ignores other threats, such as misconfigured and poorly manipulated clients.
Use an AP with wireless intrusion prevention system for all day monitoring
as Wi-Fi becomes more popular, many APs are updated to listen to rogue signals on or off the channel. Additional specialized wireless intrusion prevention Systems (WIPS) can also be used to monitor wireless attacks or irregularities throughout the day, as well as to respond to temporary blocks and detect suspected rogue signals.
However, these two methods are beginning to fuse together. Many enterprise APs are now able to become full-time wips detectors when they are needed, and several AP vendors offer dedicated wips devices. The focus of the debate is increasingly not on the frequency of scans, 24/7 of which are dependent on wireless companies to require implementation. On the contrary, reasonable security tasks and compliance requirements occupy the core position. The WLAN assessment tool in the
set guarantees the normative
to conform to specifications such as the PCI DSS or the information security Management ACT (FISMA) The Organization must demonstrate the effectiveness of the safety control and record the suspected violation of the specification. Many commercial wips and some WLAN managers are now able to produce closed spec reports based on prevailing industry specifications, but they still need to be continuously evaluated for these security controls and policies.
Many companies employ Third-party auditors to perform evaluations onsite, for example, to validate the PCI DSS specification in a store. However, before doing this audit, we'd better test some of the problems and fix them before they are exposed. Ideally, these self-assessment should be carried out on a regular basis and will not consume too much staff time and do not require too much on-site investigation costs.
This is where the central assessment tool works。 For example, airtight Networks uses cloud-based WIPs to communicate with the above probes to achieve a quarterly PCI scan and repair service. These probes monitor adjacent traffic and detect cardholder Data environments (cdes) wireless vulnerabilities, resulting in monthly scan reports (at least) required by the PCI DSS 1.2 specification.
for companies that already have wips deployed, plug-ins such as the Wireless vulnerability assessment module provided by Motorola Airdefense can turn deployed probes into remote test engines that can periodically connect to the AP, detecting exposed ports and URLs, and generate a report that records the results.
Automated remote security scans, whether implemented by their own wips or cloud service implementations, enable inexpensive, routine self-assessment. However, they do not replace irregular on-site infiltration tests.
Non-automated WLAN testing-penetration Testing
Finding blind spots, errors, and new attacks that might overwhelm clients, AP, and WLAN managers is an important part of WLAN testing. However, this wireless test has not yet been fully automated.
For example, MDK3 is a command-line tool that can be used to guess hidden SSID and Mac ACLs, look for client-side authentication vulnerabilities, and send 802.11 Beacon, Deauth, and Tkip MIC Dos attacks. Auditors can use MDK3 to initiate these penetration tests in different locations, such as internal and external offices. However, tools such as MDK3 should never perform tests on the production environment WLAN during working hours because production use requires manual guidance and result interpretation.
A centralized penetration testing tool can often be used to discover higher-level system vulnerabilities that affect WLAN security. For example, Metasploit scripts can try many different wired and wireless LAN applications. If you want to perform more efficient Metasploit testing on a large network, consider Rapid7 's Metasploit Pro, which performs multiple levels of remote penetration testing from a central console.