Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 192
  • Last Modified:

Wireless Networks

Analyzing some potential weaknesses that I've identified with our wireless networks, I need some advice to see if were covered or possibly additional security procedures I could put in place....

A particular access point is providing connectivity that covers the desired range but also a weak signal outside. Is the only someone could gain access would be if they knew the SSID (which isnt broadcast) ??

I reccomended the SSID doesnt reflect the organisation in anyway, if this was deduced would they still need the WPA2 key?

And also how often would you reccomend going through the premesis to check for unauthorised access points, given that there is a mass of visitors daily?

0
pma111
Asked:
pma111
4 Solutions
 
pgm554Commented:
Don't broadcast the SSID.

If someone needs access,then you tell them the SSID.
And .yes,they do need a key.

Any wireless device can be set up as an access point,so that is pretty hard to keep track of.

Netstumbler maybe once or twice a month ,if your paranoid.

0
 
0xSaPx0Commented:
Finding the SSID is usually not a difficult task, even if its not openly broadcast. Follow the standard Wifi security checklist

1). Don't Broadcast SSID
2). Use Strongest Encryption available to you (WPA based)
3). Use MAC Address Filtering
4). If possible use two factor authentication... Wep Key and Certificate for example.

0xSaPx0
0
 
jakosysadminCommented:
one really important risk is often overlooked. it is insufficient service availability and the related DoS attack to expose this risk.
think about the processes that are hindered when there is RF noise being broadcast close to your location.

stay secure
0
 
mahe2000Commented:
if you wanna increase security you can use a vpn through your wifi network and don't let anybody outside the vpn access your network.
0
 
jakosysadminCommented:
see if you can implement 802.1x http://en.wikipedia.org/wiki/802.1x
that ought to keep the authorized users able to access your resources and at the same time you can give the unauthorized users (like business guests) their network access but unable to access your LAN resources.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now