The lowdown on wireless networks

Related Links

Air safety

What's the threat to wireless networks? While IEEE 802.11 and other standards for wireless LANs have made it easier and cheaper to set up wireless networks, they have also made it easier for unauthorized people to find and use them'and abuse or attack them. Even a casual hacker can easily circumvent the base level of security on many WiFi networks. And networks that can't be hacked can be jammed or otherwise disrupted if attackers go undetected.

How do you secure wireless LANs? By using wireless technology with enhanced encryption and security features, such as user authentication through RADIUS or a public-key encryption system, you can keep intruders out. By forcing users to connect to your network assets using virtual private network technology, you can lock out more attacks by enforcing user authentication and scrambling transmissions with IP Security encryption on top of the wireless network's base security technology.

And by using wireless network monitoring tools, you can locate and shut holes such as unauthorized access points, misconfigured wireless systems, and sources of interference or possible attacks.

What's the standard for secure wireless networking? Right now, there isn't one, per se. There's a specification for securing encryption modules'the National Institute of Standards and Technology's FIPS-140-2'that the Defense Department requires for wireless networks. When the Federal Information Security Management Act takes full effect, FIPS-140-2 could become the bar for every agency's wireless networks to clear.

What's next? Look for more security for even shorter-range wireless technologies, such as Bluetooth, to become a part of everyday security.

While Bluetooth has a different security protocol than WiFi LANs do, it could be vulnerable to determined attackers. Also, as the next generation of wireless LAN technology gets formal approval, better encryption schemes such as Advanced Encryption Standard will be built into devices.

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group