Conclusion: Keeping Your WLAN Secure

Wireless LANs pose a serious security threat for those companies that
believe that the technology alone (out of the box) will ensure security for wireless corporate users. In fact, this is a relatively insecure medium
that has a great number of potential holes that not only can leak your
mission-critical network traffic, but potentially allow someone to gain
unauthorized access to your network from outside your building.
In this chapter, we have seen that 802.11b is a shared protocol used
by Windows, Macintosh, Linux, and numerous wireless PDA devices.
With so many platforms existing in the same wireless protocol, think
about how many attack patterns are possible in compromising the
integrity of your WLAN.
Your goal is to remain as vigilant as possible in ensuring the security
of your wireless network. Make certain you turn encryption on for all
your wireless stations and access points. Make certain to use the highest
strength of encryption possible in order to make it as difficult as you can
for a hacker to gain access to your network or eavesdrop on your network
traffic. Don’t be fooled into thinking that the lowest level of
encryption (40- or 64-bits) is sufficiently high to stop a hacker; it won’t.
If someone is really interested in accessing your wireless network
resources, given a small amount of dedicated time, your network (even
at 128-bit) encryption will be compromised! However, if you make certain
to change your key parameters at regular intervals and make certain
you are aware of the different encryption keys you use, then you are
in a better position to keep your WLAN safe.
Finally, know that each wireless network interface card has its own
unique machine or MAC address. You should always configure your
wireless router or access point to accept only connections from NIC
cards that you have preauthorized for the network. This ensures that a
hacker will have greater difficulty in accessing your network using a
“parking lot attack” to set his wireless NIC card into promiscuous mode
to log onto your network.
It is important to note that while no wireless security solution is 100
percent effective, you can take these very simple preventive steps to
ensure that your WLAN is as secure as possible. When a hacker tries to
intercept your network data or compromise your system, the more difficult
you make his job, the more likely it is that you will have time to
detect the attempted incursion into your system and prevent it. Protection
is your best defense when it comes to 802.11!