Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Wireless Networks

Posted on 2006-11-01
5
183 Views
Last Modified: 2010-04-11
Analyzing some potential weaknesses that I've identified with our wireless networks, I need some advice to see if were covered or possibly additional security procedures I could put in place....

A particular access point is providing connectivity that covers the desired range but also a weak signal outside. Is the only someone could gain access would be if they knew the SSID (which isnt broadcast) ??

I reccomended the SSID doesnt reflect the organisation in anyway, if this was deduced would they still need the WPA2 key?

And also how often would you reccomend going through the premesis to check for unauthorised access points, given that there is a mass of visitors daily?

0
Comment
Question by:pma111
5 Comments
 
LVL 30

Accepted Solution

by:
pgm554 earned 50 total points
ID: 17850710
Don't broadcast the SSID.

If someone needs access,then you tell them the SSID.
And .yes,they do need a key.

Any wireless device can be set up as an access point,so that is pretty hard to keep track of.

Netstumbler maybe once or twice a month ,if your paranoid.

0
 
LVL 10

Assisted Solution

by:0xSaPx0
0xSaPx0 earned 100 total points
ID: 17851369
Finding the SSID is usually not a difficult task, even if its not openly broadcast. Follow the standard Wifi security checklist

1). Don't Broadcast SSID
2). Use Strongest Encryption available to you (WPA based)
3). Use MAC Address Filtering
4). If possible use two factor authentication... Wep Key and Certificate for example.

0xSaPx0
0
 
LVL 8

Assisted Solution

by:jako
jako earned 100 total points
ID: 17854077
one really important risk is often overlooked. it is insufficient service availability and the related DoS attack to expose this risk.
think about the processes that are hindered when there is RF noise being broadcast close to your location.

stay secure
0
 
LVL 3

Assisted Solution

by:mahe2000
mahe2000 earned 50 total points
ID: 17858245
if you wanna increase security you can use a vpn through your wifi network and don't let anybody outside the vpn access your network.
0
 
LVL 8

Expert Comment

by:jako
ID: 17865641
see if you can implement 802.1x http://en.wikipedia.org/wiki/802.1x
that ought to keep the authorized users able to access your resources and at the same time you can give the unauthorized users (like business guests) their network access but unable to access your LAN resources.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How do we balance the user experience (UX) with reasonable security measures? It can be done, if you keep these fundamentals in mind.
It’s the first day of March, the weather is starting to warm up and the excitement of the upcoming St. Patrick’s Day holiday can be felt throughout the world.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question