WLAN Security

Go back to Tutorial

WLANs faces threats similar to LANs and new security threats also which includes

• War drivers – Person drives around, trying to find APs that have no or weak security.
• Hackers – They find information or deny services and the wireless network makes easy access.
• Defaults – An new AP is being used with its defaults thus, easy to hack.

Tools used to increase security are

• Authentication – Authentication with mutual secret password.
• Encryption – Using encryption to scramble the contents of transmitted data.
• Intrusion Tools – They detect and identify rogue APs and include IDS and IPS

The initial security standard for WLANs was called Wired Equivalent Privacy (WEP) but had various problems like

• Static Pre-shared keys (PSK) – Keys used were manually configured and were static.
• Low key values – Keys were usually 64 bit and were easier to predict from frames.

But, SSID cloaking and MAC filtering helped in adding security. SSID cloaking involves steps as

• The AP sends a periodic Beacon frame (default is every 100 ms) that lists the AP’s SSID and other configuration information.
• The client listens for Beacons on all channels, learning about all APs in range.
• The client associates with the AP with the strongest signal (the default), or with the AP with the strongest signal for the currently preferred SSID.
• The authentication process occurs as soon as the client has associated with the AP.

The client learn about AP and its SSIDs via the beacon which helps in roaming and associate with new AP as needed. AP are configured with list of allowed WLAN MAC addresses and to filter rest but, it is circumvented by changing the MAC address as that of legitimate MAC address. Improved security standard called WPA and later WPA2 (also called IEEE 802.11i ) were also introduced which dynamic key exchange, preshared keys (PSK), and AES encryption. All security standards are compared as

Go back to Tutorial