When designing and supporting a WLAN, however, you have to be aware of potential implications, such as security vulnerabilities, radio signal interference, multipath propagation, and other issues. This chapter from Designing and Deploying 802.11 Wireless Networks explains the impacts of those problems and introduces some ways to resolve them.
This chapter will introduce you to:
Security Vulnerabilities
Radio Signal Interference
Impacts of Multipath Propagation
Roaming Issues
Battery Limitations
Interoperability Problems
Installation Issues
“Introduction to Wireless LANs,” describes, wireless LANs (WLANs) offer tremendous benefits. When designing and supporting a WLAN, however, you have to be aware of potential implications, such as security vulnerabilities, radio signal interference, multipath propagation, and other issues. This chapter explains the impacts of those problems and introduces some ways to resolve them. Later chapters explain more information on how best to combat the implications.
Security Vulnerabilities
Wireless Network security refers to the protection of information and resources from loss, corruption, and improper use. With WLANs, security vulnerabilities fall within these areas :
Passive monitoring
Unauthorized access
Denial-of-service attacks
The sections that follow explain these security problems in greater detail.
Passive Monitoring
Wireless LANs intentionally propagate data throughout buildings, campuses, and even cities. Consequently, the air signals often rise above the limits of the location an organization physically controls. For example, radio waves easily penetrate building walls and can be received from the facility's parking lot and possibly a few blocks away, as illustrated in. It's easy for an unauthorized person to passively retrieve a company's sensitive information with a laptop designed with a radio card from this distance without having to be noticed by network security personnel. A hacker, for example, may be sitting within an automobile outside a company, capturing all 802.11 transmissions utilizing a freely available packet sniffer, such as Wireshark. After capturing the data, the hacker will have the ability to retrieve contents of e-mails and user passwords to company servers. Needless to say, the hacker can use this information to compromise the security of the company. This issue also exists with wired Ethernet networks but to an inferior degree. Current flow through the metallic wires emits electromagnetic waves that somebody could receive by utilizing the sensitive listening equipment. The individual must certainly be much nearer to the cable, though, to get the signals. Thus, in terms of passive monitoring, WLANs are not as secure as wired networks.
The method for resolving the difficulties of passive monitoring is to implement encryption between all client devices and the access points. Encryption alters the info bits in each frame, based on an encryption key, so the hacker cannot make sense of the data he captures via passive monitoring. A good example of an 802.11 encryption process is Wired Equivalent Privacy (WEP), which was the main original 802.11 standards ratified in 1997. WEP is fairly simple to crack, however, so it is not recommended for encrypting sensitive information. Other encryption methods, such as Wi-Fi Protected Access (WPA), offer stronger security.
