Join Lisa Bock for an in-depth discussion in this video Securing wireless transmissions, part of IT Security Foundations: Core Concepts.
- Wireless networks send signals using radio waves, and can be attacked if not properly secured. A wireless station communicates with other stations using the protocol 802.11, which has several versions, for example, 802.11g or 802.11n. An Access Point is a station, typically cabled to a local area network, which functions as a connection between the Access Point and an existing network.
Each Access Point has a Service Set Identifier, or network name. The BSSID is the MAC address of the Access Point. In infrastructure mode, all stations communicate with and are controlled by an Access Point, and this is called a "Basic Service Set." All Access Points come shipped with the default SSID and password. As we can see from this website, they are listed according to vendor, and a lot of information we can see is clearly evident here.
The default SSID, and in certain cases, WEP keys, and sometimes default administrative passwords are listed as well. Best practices are, change the default SSID and password. Disable remote access, which allows you to configure the Access Point through a browser by offering a webpage to do administration when connected to the network. In most cases, configuration is done in plain text as the connection is http, not https, and the password can be sniffed.
Update the Access Point's firmware, but use caution as the process cannot be interrupted or the device could be severly damaged. Disable plug and play as this also can be vulnerable, and enable encryption. For security there are some choices. Disabled is generally the default. WEP, or Wired Equivalency Privacy, is insecure and easily attacked. WPA, or Wi-Fi Protected Access, provides the highest level of security.
With wardriving, individuals search for Wi-Fi or wireless networks, and statistics are uploaded and shared. I'm at this website and as you can see, the SSIDs of Access Points were listed, and perhaps more information can be obtained according to what type of encryption is being used. I scroll down to see statistics over time. As you can see there are a lot more Wi-Fi networks being used, but also, people are using more encryption.
One more good practice, encryption keys should be changed periodically.
Note: This course maps to a number of the exam topics on the Microsoft Technology Associate (MTA) Security Fundamentals 98-367 certification exam and is recommended test prep viewing.
- Evaluating risks, threats, and vulnerabilities
- Minimizing the attack surface
- Avoiding worms and viruses
- Protecting your system from spyware
- Making web browsers more secure
- Securing wireless transmissions
- Encrypting files, folders, and drives
- Using virtual private networks