Wireless Acrobatics

[InfoSec News <isn () C4I ORG>]

-----------------------------------------------------------------------
Wireless Acrobatics
By Carole Fennelly

Performing high-wire acrobatics wire without a safety wire requires a
great deal of skill and confidence. The same could be said for running
a secure network without wires.

Wireless is definitely in vogue these days. Cell phones and PDAs
abound on commuter trains and, more annoyingly, in restaurants. Some
people seem almost neurotic if they are away from the Net, even for a
short while. The wireless network at the recent LISA conference in New
Orleans brought scores of techies to the lobby bar -- to silently
socialise over IRC.

Like children on a playground, corporate managers always want the
latest toys and you'd be hard pressed to attend a meeting without
someone whipping out their PDA. Wouldn't it be cool to be able to read
company email and update your calendar while killing time at the
airport? If only we had wireless access to the corporate LAN.
Management's wish equals the IT department's command -- especially if
other companies' managers have wireless access. Establishing wireless
access is becoming a high-priority issue at many companies, no doubt
over the corporate security curmudgeon's objections.

CNN: Wireless technology presents new security challenges
http://www.cnn.com/2000/TECH/computing/09/07/wireless.risks.idg/index.html

Wireless technology sets data free from the physical confines of wire,
which also means problems controlling who receives the data. Peter
Shipley commented to me about his new hobby driving around Silicon
Valley picking up networks on his laptop. "War driving" is replacing
"war dialing" in the wireless age.

In some ways, wireless LANS actually offer better security than wired
LANS. A corporate spy attaching a sniffer to a wired network and
collecting all sorts of unencrypted data is certainly not outside the
realm of possibility. But only an idiot would configure a wireless LAN
to a corporate network without some form of encryption. However, many
wireless vendors turn encryption off by default and the end user
rarely thinks to check. By their very nature, public wireless LANS --
hotels and airport lounges -- cannot be encrypted.

While the term "encryption" gives people warm fuzzies about security,
it is no panacea. 40-bit DES, which many people use to satisfy
encryption requirements, isn't even that difficult to brute force.
Another issue is key exchange. Most 802.11 implementations rely on a
never-changing single key, even if a laptop is lost or an employee
leaves the company. But even if strong encryption is employed, data
headers remain unencrypted and allow anyone to see the source and
destination of the data stream.

Perhaps the most underestimated threat to wireless network security is
a Denial of Service attack. An intruder does not need to steal or
compromise data to cause financial harm. If someone were foolish
enough to implement a wireless network on a mission-critical system,
such as a trading floor, an attacker would merely need to clog the
network with bogus radio transmissions. The SEC takes particular
interest in delayed trades.

Wireless technology is certainly convenient; however, like any new
technology, security and quality will undoubtedly take second place to
new features. Sure, I can browse the Web with my cell phone but I
really just wish my phone would stop dropping calls.


About the author(s)
----------------
Carole Fennelly is a partner in Wizard's Keys Corporation, a company
specializing in computer security consulting. She has been a Unix
system administrator for almost 20 years on various platforms, and
provides security consultation to several financial institutions in
the New York City area. She is also a regular columnist for SunWorld
(http://www.sunworld.com). Visit her site (http://www.wkeys.com/) or
reach her at carole.fennelly () sunworld com.

-----------------------------------------------------------------------
ADDITIONAL RESOURCES

Wireless LANs finally make their way to standardization
http://www.itworld.com/jsw/unxsec_nl/swol-05-1998/swol-05-connectivity.html

Handhelds, Wireless LANs Raise Security Flag
Experts say choose passwords carefully
http://www.itworld.com/jitw/unxsec_nl/cma/ett_article_frame/0,2848,1_647,00.html

Wireless LAN Security
http://www.wlana.com/learn/security.htm

Known vulnerabilities in Wireless LAN Security
http://www.niksula.cs.hut.fi/~mkomu/docs/wirelesslansec.html

A good paper with more cautions:
http://www.tml.hut.fi/Studies/Tik-110.300/1999/Wireless/vulnerability_4.html

Wireless LAN Security Issues (good checklist!)
http://isds.bus.lsu.edu/fall98/7520/WirelessLANs/audit.htm

Slides from Chris DiBona's presentation on wireless LANS
http://www.dibona.com/slides/bazaar/index.html

Wireless Networking Product Comparison Charts
http://www.practicallynetworked.com/networking/wireless_chart.htm

United to Offer Wireless Web access at airports:
http://www.idg.net/go.cgi?id=380212

Privacy on Mobile Internet Studied
http://dailynews.yahoo.com/h/ap/20001213/tc/mobile_privacy_2.html

-----------------------------------------------------------------
http://www.itworld.com

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".