Page 216 - StudyBook.pdf
P. 216

200    Chapter 4 • Communication Security: Wireless

                 Frequent site surveys also have the advantage of uncovering unauthorized APs
             that company staff members may have set up in their own work areas, thereby
             compromising the entire network.This is usually done with no malicious intent,
             but for the convenience of the user, who may want to be able to connect to the
             network via their laptop in areas that do not have wired outlets. Even if a company
             does not use or plan to use a wireless network, they should consider conducting
             regular wireless site surveys to see if anyone has violated company security policy
             by placing an unauthorized AP on the network.


             Wireless Vulnerabilities

             Wireless technologies are inherently more vulnerable to attack because of the
             nature of the network transmissions.Wireless network transmissions are not physi-
             cally constrained within the confines of a building or its surroundings, thus
             allowing attackers ready access to the information in wireless networks.As wireless
             network technologies have emerged, they have become the focus of analysis by
             security researchers and hackers. Security researchers and hackers realize that wire-
             less networks can be insecure and can often be exploited as a gateway into the rela-
             tively secure wired networks beyond them.This section covers the vulnerabilities
             that have been found in the WTLS and WEP security protocols.

             WAP Vulnerabilities

             WTLS has been criticized for many of its weaknesses, which include weak encryp-
             tion algorithms, the susceptibility of the protocol to chosen plaintext attacks, mes-
             sage forgery, and others.Another problem with WTLS is the possibility of the
             compromise of the WAP gateway.This puts all of the data that passes through the
             gateway at risk.


              NOTE

                  Markku-Juhani Saarinen published detailed descriptions of these and
                  other weaknesses in his paper “Attacks against the WAP WTLS
                  Protocol,” which is available at www.jyu.fi/~mjos/wtls.pdf




                 The primary weaknesses associated with WAP stem from problems in the
             WTLS protocol specification.These include such problems as:




          www.syngress.com
   211   212   213   214   215   216   217   218   219   220   221