Designing Security For Wireless Networks

By Author: unknownmem
Total Articles: 128
Comment this article

In spite of the options listed in the previous section, the typical MCTS: Windows Vista(http://www.mcts-70-620.com)
wireless access point offers little in the way of security. In many cases, it is deployed using the system defaults and does not support the relatively new WPA or 802. Ix standards. The access point is connected to the wired network and then turned on. Computer systems with wireless cards can easily connect to the network.
Configure WEP. WEP can be configured to use 40-bit or 12-bit encryption. Turning on WEP provides encryption of the data packets between the wire?less client and the access point. However, known flaws in WEP allow an attacker to discover the WEP encryption keys. Still, an attacker is not lurking around every corner armed with an attack tool and interested in listening in to your network. Using WEP will prevent the mildly curious from sniffing your wireless communications and prevent the interloper who claims to only desire free Internet Vista cert(http://www.mcts-70-620.com)
access from connecting to your network. Newer APs can be programmed to overcome some of the weaknesses ...
... of WEP and yet remain compatible with existing wireless network cards. If these APs are in use, many of the less sophisticated attacks against WEP can be repulsed. Use of WEP might just provide a sound legal advantage because an attacker armed with tools to break your encryption can hardly claim that she was merely seeking free Internet access.
Change the default WEP keys. Access points might come configured with default WEP keys. Change these keys. These keys are well known and will certainly be used to test any wireless network that is using WEP.

Change the SNMP community word. Some access points run an SNMP agent. This provides a network management tool for network administrators, and if the community word is left at the default, it is a tool that can be used by attackers to configure the access point. If the attacker can do so, he can nul?lify any security you might have put into place. Common default SNMP community words are public and comcomcom.
Ensure the SNMP agent is not vulnerable to the SNMP vulnerability exploited by the PROTOS tool developed by the University of Oulu. Newer SNMP implementations are not subject to this attack, and patches are available to protect older implementations.
Protect access to base-station administration tools. Many access points have Webbased administration tools that are available across a wireless connection. These administration tools might be unprotected by default or protected by a default password. The password should be changed
free CompTIA practice exam questions(http://www.examshots.com/vendor/CompTIA-4.html)
before the access point is connected to the "wired network.