By Terry Sweeney
With Fred Tanzella, chief security officer for AirDefense Inc., a vendor of monitoring devices for wireless security. At the recent Wi-Fi Planet Expo tradeshow, AirDefense monitored the exhibition area and detected 21 attempted man-in-the-middle attacks, 33 attacks against Extensible Authentication Protocol, and 75 denial-of-service attacks.
This interview originally appeared in the IT Business Edge weekly report on Fortifying Network Security. To see a complete listing of IT Business Edge weekly reports or sign up for this free technology intelligence agent, visit http://www.itbusinessedge.com.
Question: How valid is it to extrapolate the malicious activity at a wireless tradeshow to what happens with wireless access to corporate networks?
Tanzella: The answer really depends on the corporate network. We have gone into corporate sites to do product demonstrations in environments where no wireless LANs have been authorized by corporate network administrators, but employees have brought access points in from home or purchased them without the knowledge of corporate network admins. These networks tend to be wide open without even having WEP turned on and subsequently show up on hacker sites such as www.wigle.net or others for access information.
Question: Aren't most corporate networks set up with sufficient security controls on both the VPN and wireless access? Boeing or Chevron, for example, isn't going to set up Wi-Fi as a public access point or deactivate WEP.
Tanzella: Since wireless LANS are still not as widely deployed as wired networks, wireless security expertise is rare at most corporations, resulting in lax wireless LAN security policy and enforcement. Boeing or Chevron would not necessarily have public access for Wi-Fi, but may not be aware of WEP turned off on one or more access points. In VPN environments, misconfigured clients and access points are usually the culprit, versus pure man-in-the-middle attacks. Hackers always find vulnerabilities and do not attack network strengths.
Question: What's the best advice you can offer to any enterprise that permits wireless access to company resources?
Tanzella: Take a layered approach to wireless LAN security just as they would on the wired side. There is no silver bullet when it comes to wireless LAN security. A layered approach that starts with securing the wireless client and access point to authentication and encryption of a VPN are important steps. Finally, you must monitor the airwaves for malicious activity as well as to ensure that security policies are in place and enforced.