Wireless LANs appeal grows, so do security questions

Worldwide, the biggest uplift in the wireless market is occurring in the wireless LAN sector, according to Symantec CTO and VP Rob Clyde.

The cost efficiencies are so convincing that administrators at fairly low levels in companies are opting to implement wireless LANS. It is a networking trend that is reminiscent of the earlier shift from hubs to switched hubs, Clyde says.

The problem is many organisations are suddenly finding themselves with wireless LANs before they have reached the point of implementing a wireless security policy.

Worse, the wireless Ethernet specification IEEE 802.11b (aka Wi Fi for Wireless Fidelity) has been shown to be "totally compromised" from a security standpoint, Clyde says.

IEEE 802.11b allows wireless transmission of about 11Mbps of raw data at distances from several dozen to several hundred metres over the 2.4GHz unlicensed band.

But it is crippled by numerous security flaws of which the most serious involves the 40-bit RC4 algorithm.

It has been successfully attacked by public domain tools such as AirSnort, which passively monitors transmissions and computes the encryption key when enough packets have been gathered.

With AirSnort, "you can sit in a van in a next door carpark and within a short time be hacking into any (802.11b) wireless network", Clyde says.

On the way are more secure specifications, notably IEEE 802.11a, which also increases data rates by four to five times.

A shorter term solution is to put a firewalled virtual private network (VPN) appliance right behind the wireless gateway into the network, according to Clyde.

Not surprisingly, Symantec has one on the market which takes Wi Fi packets as they hit the firewall, requires them to authenticate themselves and puts them into an encrypted tunnel which is immune to tools like AirSnort.

In Australia, the wireless LAN market is prompting lots of interest but little large-scale takeup to date, according to NCR Asia Pacific IT infrastructure services business development manager Dean Vaughan.

A significant obstacle for organisations considering wireless LAN is their pre-existing, expensive investment in cabling infrastructure. It makes little economic sense to them for an organisation to replace its wired LANs with the wireless equivalents.

That is more likely to appeal to the far fewer companies who are putting up a greenfield site or expanding into uncabled quarters in which wireless would save cabling costs.

A special circumstance working in favour of the wireless solution would be the need to build a wireless bridge across an air gap between two existing buildings on either side of a busy street.

Airports, hotels, conference centres and -- in some countries -- coffee shops and restaurants are niche markets in which public short-range wireless networks based on 802.11b are being deployed.

Cisco Systems is taking a particular interest in implementing wireless LANs at airports; Qantas lounges at a number of airports now boast such facilities.

Overall, however, the economic drivers for widespread adoption of wireless LANs don't yet exist in Australia, according to Vaughan.

He contrasts that with corporate demand for voice over IP (VoIP) with its built-in economies from combining voice and data traffic.

When the wireless LAN wave does arrive, how likely is it to create a hole in the corporate security wall?

Data security expert Professor Bill Caelli believes wireless security cryptographic protocols need to be an order of magnitude better than their terrestrial circuit counterparts.

That is because of the ease with which wireless transmissions can be monitored, and the relative undetectability of intruders.

Tapping into copper or fibre circuits typically involves some physical manifestation of the intrusion, he notes.

"But when I am radiating transmissions into the atmosphere . . . enjoy."

Like any security solution, protecting wireless networks has to be approached as a package, says NCR network consultant Ashley Woods.

That includes a site survey to ensure transmission envelopes and power levels are tuned "so you aren't pumping radio signals into an adjacent building or car park", he says.

The next line of defence consists of selecting protocols and specifications that provide adequate protection.

Cisco Systems uses its extensible authentication protocol EAP to add another layer of security on top of the suspect IEEE 802.11b.

EAP employs two-way authentication covering both the client card and the server. Encryption keys are user- and session-specific and are changed frequently, Woods says.

NCR has completed EAP installations for Asian customers and reports they are working well. Its first Australian site, for a multinational, has yet to go live.

More than 100 million wireless devices will access the Internet by the end of 2004 according to forecasts, says Symantec director of wireless security Jason Conyard.

He doesn't expect a full-on virus assault on those devices to start materialising until next year. That's when personal digital assistant (PDA) operating systems such as EPOC, Palm OS and Win CE will have migrated from stand-alone devices to smart phones and wireless PDAs. As with the adoption of Microsoft Windows and Outlook, that development will provide the feature-rich platforms and standardised applications so beloved of virus writers.

"In the meantime, you should be thinking about your wireless security strategy," says Conyard. "Start with simple steps such as deciding how you want to use this wireless extension to your business, what your minimum requirements are, and what your expectations are for success.

"Ask your wireless carrier what it is doing and plans to do to protect you and your business from airborne attacks. Most importantly, before you rush out and spend your entire budget, ask yourself how vulnerable your existing infrastructure is today."

Allan Bell, senior marketing manager at McAfee, expects the threat of network infection through PDAs will increase dramatically. Even without wireless connectivity, documents, e-mail messages or applications on PDAs can infect networks through the PC synchronisation process.

The appearance of the Phage virus, the first real virus to target the Palm OS, is the shape of things to come, he says.

McAfee's VirusScan engine for PCs can find and clean more than 58,000 viruses, but is far too bulky for the palmtop environment. To cope with the new threat, McAfee has developed micro-scanning engines that fit the smaller PDA footprint.

Bell predicts that mobile phones will be next on the hacker-virus writer hit list. He cites a PC-based mass mailer virus called Timofonica, which appeared on one of Spain's mobile phone networks.

The virus attempted to mount a denial of service attack by flooding phones with SMS messages. The attack wasn't successful but the message got through to McAfee, whose VirusScan Wireless software offers antivirus protection for users of Nokia 9210 and 9290 Communicator phones.

And the message is also clear for organisations deploying corporate applications through wireless handheld or smart phone devices, Bell says.

"They will need to slot virus protection for those devices into their corporate IT strategies."

Join the newsletter!

Error: Please check your email address.

More about CiscoIEEEMcAfee AustraliaMicrosoftNCR AustraliaNokiaQantasSymantec

Show Comments

Market Place