802.11 Security: Fact and Fiction
Page 1 of 1
On the ISP-Wireless discussion list in February, MR queried,
"I was trying to pitch wireless service to someone recently, and he showed me a Wall Street Journal article that said wireless isn't secure. What do you think?"
A number of respondents contended that the fears are overblown:
[RR recalled] "We recently had a bank question us about our security. We explained that neither wireless or wired connections are secure unless you use secure servers. If anyone is really concerned about their data, then they need to encrypt from both points, not just one segment in the middle."
[MKS agreed] "It's not much harder to get traffic via wired networks than wireless. If the data is that sensitive, they need to encrypt it before it leaves the PC or LAN. We don't use any encryption here. If someone wants things encrypted, they need to do it themselves. Educate your customer about the risks."
PF suggested that the situation's a little more complex than that:
"The one thing you're missing is that even with encryption, the 802.11 headers and beacons are not encrypted. Until the radios encode the entire 802.11 frame, you are vulnerable to people getting beacons and intercepting traffic. So encrypt all you want; just make sure that you're actually talking to who you think you are, because current 802.11 specs can't do it for you."
JM countered that holes in wireless aren't quite that easy to find:
"Ultimately, hacking into a wireless network is no different than hacking into any other network. There are several things that a would-be hacker would need to know to get into a 'secure' wireless network: ESSID, valid IP address, valid MAC address, and a rule set up on our traffic shaper allowing traffic to actually pass per your specific MAC address and IP. Security lies more in the admin and the network than it does in the technology."
[MS agreed] "I plan on binding IPs to MAC addresses in the router to prevent anyone from getting on the Internet without authorization. At a certain point, though, you can only do so much. Sure, the wireless system can be broken into, but so can the Internet itself. Whoever said the Internet was secure?"
BM observed a particularly depressing security concern:
"I have an associate in my office who sets up wireless LAN systems indoors. He says the biggest security hole is that many admins never change the security parameters on their equipment, choosing to use factory defaults"
[RC agreed] "I have walked directly through many firewalls using default passwords and settings."
CM provided a summary:
"Yes, it is possible to break into any network given enough time and money. For wireless, just listen, store, and decrypt to gain information, and spoof for access. For wired networks, find a wiring closet and some alligator clips.
The level of security needed also must be based on the type of service being offered: public Internet access, contrary to public belief, does not need to be secure, since the other 10-15 hops on the public Internet are also unencrypted and readily sniffed.
Is current wireless technology sufficient to stop the casual listener? Most certainly, since the barrier to entry is the cost of equipment. Is it secure enough to stop a determined break-in? No more than any wired solution, and since the gear is usually on the roof and locked up, you have a leg up on the DSL guys: their termination jacks are all outside, unlocked, and calling out to be opened."