Thanks to the speed and reliability of the 802.11n technology, many companies are starting to use a wireless LAN with larger bandwidth to support new mobile services. However, this change requires more complex and reliable WLAN tests to verify network security, connectivity, and performance.
Companies no longer need human tools to check for signal strength, server accessibility, and Wi-Fi vulnerabilities. Tests hundreds of thousands of access-side APS distributed across the enterprise network geographically) and numerous clients require more efficient automated tools and methods.
In many early Wi-Fi deployments, security means to check the entire building or campus and listen for unfamiliar signals to detect unauthorized malicious APs. This is not only extremely inefficient, but also often "blocks" many AP that identify errors and ignores other threats, such as misconfiguration and improper operations on clients.
Use an AP with a wireless intrusion defense system for full-day monitoring
As Wi-Fi becomes more and more popular, many APS can listen to rogue signals in or out of channels after updating. In addition, dedicated Wireless Intrusion Prevention Systems (WIPS) can also be used to monitor Wireless attacks or violations throughout the day, as well as respond to temporary blocking and detection of suspected rogue signals.
However, these two methods have already been integrated. Many enterprise APS can now become dedicated WIPS detectors as needed, and several AP vendors also provide dedicated WIPS devices. At present, the focus of the debate is not on the frequency of scanning. 24/7 is required by wireless enterprises. On the contrary, reasonable security tasks and compliance with regulatory requirements occupy the core position.
Centralized WLAN evaluation tools ensure compliance
To comply with specifications such as pci dss or Federal Information Security Management Act (FISMA), the Organization must prove the effectiveness of Security control and record suspected violations of specifications. Currently, many commercial WIPS and some WLAN managers are able to generate closed specification reports based on popular industry specifications, but they still need to be continuously evaluated for these security controls and policies.
Many companies employ third-party auditors to perform assessments on site; for example, they need to verify pci dss specifications in a store. However, before performing this audit, we 'd better test some problems and fix them before they are exposed. Ideally, these self-assessments should be conducted on a regular basis without consuming too much staff time and too much on-site investigation costs.
This is where the centralized evaluation tool plays a role. For example, AirTight Networks uses cloud-based WIPS to communicate with the above detector to implement quarterly PCI scanning and repair services. These probes listen to nearby traffic and detect wireless vulnerabilities in Cardholder Data Environments (CDEs) to generate at least monthly scan reports required by pci dss 1.2 specifications ).
For companies that have deployed WIPS, plug-ins such as the wireless vulnerability assessment module provided by Motorola AirDefense can turn the deployed detectors into remote testing engines, and they can periodically connect to the AP, detect exposed ports and URLs and generate a report that records the results.
Automatic Remote security scanning, whether implemented by WIPS or cloud services, can achieve low-cost, regular self-assessment. However, they cannot replace irregular on-site penetration tests.
Non-automated WLAN test-Penetration Test
Finding blind spots, errors, and new attacks that may overwhelm clients, APS, and WLAN managers is an important part of WLAN testing. However, this wireless test has not yet been fully automated.
For example, MDK3 is a command line tool that can be used to guess hidden SSID and mac acl, find client authentication vulnerabilities, and send 802.11 Beacon, Deauth, and tkip mic DoS attacks. Auditors can use MDK3 to easily initiate these penetration tests in different locations, such as inside and outside the office. However, tools such as MDK3 should never perform tests on production WLAN during working hours, because manual guidance and result interpretation are required for production use.
Centralized penetration testing tools are often used to detect upper-level system vulnerabilities that affect WLAN Security. For example, Metasploit scripts can try many different wired and wireless LAN applications. To perform more efficient Metasploit tests on a large network, we can consider the Metasploit Pro of Rapid7, which can perform multi-level remote penetration tests from a central console.