CCNP Wireless IAUWS Quick Reference: Describing Regulatory Compliance
- Identifying Wireless Vulnerabilities
- Industry Standards and Associations
Failure to secure a WLAN makes it vulnerable to attack. To properly secure your network, you must be able to identify common threats to wireless and know how to counteract them.
Identifying Wireless Vulnerabilities
Rogue access points and clients
Cisco WLAN controllers identify access points (APs) outside their mobility group as rogue APs. Rogues are friendly if they do not pose a threat, such as APs belonging to neighbors. A rogue is malicious if it poses a threat to the network, such as an AP added to the wired network without permission from the IT department; such an AP could be used for illegitimate access to network resources. Malicious APs can also be external and used to disrupt your network; they include honeypots and evil twins. Honeypots are usually unsecured and set up to lure unsuspecting clients into giving up sensitive information or to infect them with a virus or worm. Evil twins mimic APs from your network. They are used to fool clients into connecting to a network that looks legitimate and then trick users into giving up sensitive information. Rogue clients are devices connected to rogue APs or to other clients in an ad hoc manner.
Denial-of-service attacks
Wireless denial-of-service (DoS) attacks keep users from connecting by overwhelming the AP's radios. Wireless DoS attacks are usually committed by spoofing management frames, through jamming, or by infecting a client with a virus that floods the network with spurious traffic.
Over-the-Air Attacks
Over-the-air attacks include reconnaissance attacks (used to map out the network) or replay attacks (user data is captured and re-transmitted). Replay attacks work better in networks that use unencrypted or weakly encrypted data.
Securing client access
You need mutual authentication to properly secure client access to the network. Mutual authentication uses Extensible Authentication Protocol (EAP) to make the client identify itself to the network and the network identify itself to the client. Wireless clients accessing the network from outside the WLAN (for example, from a hotspot in a coffee shop) should use a VPN.
Securing guest access
We let guests access our WLANs so that they can connect to the Internet or to services we offer, but at the same time we must protect company traffic from accidental or unauthorized access. We also need to ensure that only authorized guests get to use our network.