Upgrading and Repairing Networks

Security Issues

Using wireless technology opens up the possibility of security breaches. Thoroughly read the documentation that comes with your choice of devices to find out what kind of security features can be enabled. It's probably best to associate the wireless network adapters you buy with one or more APs, depending on the work habits of the user. Also note that many devices come with default settings and that these are known to anyone who owns a similar device or who cares to look up the information on the Internet. To help prevent security problems, implement security procedures such as setting up unique passwords on each AP, using your own SSIDs rather than using the default name that the wireless vendor provides, and disabling SSID broadcast.

Change any default settings used to match up wireless adapters and Access Points to use a value other than the default. Use the security features of your operating system to monitor wireless users. For example, I'd be more concerned with a Windows 2000 or Windows XP user's resource access permissions if the client computer uses a wireless network card than I would be if it were wired directly to the network. Windows XP, because it is designed to automatically connect to an unsecured wireless network, makes it very easy to connect, but it means that using wireless security settings are no longer a luxury. If you want to keep unauthorized users off your wireless network, you must enable the strongest form of wireless security supported by your wireless AP and wireless adapters.

Although older wireless network hardware used only the first Wireless Equivalency Protocol (WEP) security standard, this standard is not strong enough for today's networks. WEP uses fixed-length static keys, and even if the newer 128-bit or corporate-level 256-bit encryption is used rather than the older 64-bit encryption, WEP is easy to crack. Many tools are available online that can be used to circumvent WEP encryption, so don't bet your business on it.

Wi-Fi Protected Access (WPA) and its improved sibling, WPA2, provide much greater wireless network security than WEP. Both can be used with RADIUS authentication servers on your corporate network for even greater security. Even in a SOHO environment, WPA and WPA2 are far more crack-resistant that WEP. If you still have hardware that does not support WPA, consider replacing it if you cannot upgrade its drivers or firmware to support WPA.

Remember that it's easier to eavesdrop on a wireless network because you don't have to make any connections to a cable, as in a wired network. Radio waves are out there for anyone within range of your technology to pick up.

	You can learn more about wireless security in Chapter 23, "Other Wireless Technologies."

In any case, it's easy to set up auditing for important resources and to review them using the Event Viewer in Windows 2000/XP and Windows Server 2003. No matter how safe you think your network is, there's no excuse for not auditing (and checking the audits) to ensure that your security measures are working. Looking for such things as a large number of login failures can alert you to someone trying to break into your wireless network. Unix and Linux (using the syslog utility) can also be used to look for system auditing information. The syslog utility can be configured to also send alerts, by email and other means, so that you can be informed quickly of any possible security breaches (or attempts).

	For more information about auditing, see Chapter 43, "Auditing and Other Monitoring Measures."

Another cause for concern is that wireless networking enables the computer to be mobile. A user can take his computer home. Although you might be able to stop users from downloading prohibited Internet files at work, you can't always police what they do at home. It's a simple matter to pop out the wireless networking adapter and pop in a modem (or better yet, simply use a wireless Access Point at home also, because it is so inexpensive). As with any computer that leaves the company premises, a regular audit of software on the system should be performed, and your security policy should state what the computer canand cannotbe used for. Of course, this should be a standard procedure for all computers on your network.