Types of Wireless Network Attacks: Misconfiguration

There has been much talk concerning the flaws in software, along with the numerous system exploits being disclosed on a daily basis. However, security experts are more concerned that this serves as a distraction to IT professionals who should be focusing on a more severe problem - improperly secured wireless networks. Today's wireless environments are so poorly configured and managed that attackers can virtually walk right through without attracting too much attention.

The concern of mismatched software and hardware

The problem arises from the plethora of mismatched software and hardware, making way for a network infrastructure that is vulnerable to a wide range of attacks. In some cases, the devices may function properly but are terribly misconfigured. While several companies take the first step by implementing a security system, many more fail to maintain them, causing these implementations to be inefficient.

Incorporating SSID

SSID (Service Set ID) is a configurable identification mechanism that enables a client to communicate with the correct base station; all stations come included with their own default SSID. When configured properly, only clients configured with the corresponding SSID can interact with the base station. An attacker can exploit the default SSIDs in attempt to access a base station that may have still have its default configuration. Some will change the default SSID password to something simple, ultimately making the network just as vulnerable.

Those configured with more complex SSIDs are still subject to exploits. For instance, an attacker may attempt to guess the base station SSID using a brute force attack of known dictionary phrases, a trick that attempts to guess every word or phrase possible. What may seem like a time consuming process is made easy with the right hacking utilities. The use of simple SSID passwords is considered to be misconfiguration of network resources and makes it much easier for an intruder to compromise a network.

Unlike most of your data, SSID is not encrypted even when enabling the WEP feature, meaning the password is broadcasted in plaintext. This is a major concern as many access points have SSID broadcasting enabled by default. Even if it is turned off, a packet sniffer can simply wait for the next valid user to make a network connection and spy on the plaintext message.

Expert opinion

Lisa Phifer, Vice President of Core Competence Inc., has been actively involved in the development, implementation and evaluation of internetworking security, communications and network management solutions for more than 20 years. She has advised companies from small to large in regard to product assessment, security needs and the overall importance of using the best practices of emerging technologies. In a recent interview, Lisa noted that the Code Red worm was amazingly still infecting network servers at the end of 2007. This is very unsettling considering the fact that virus signatures and server patches to contain the infection have been readily available since 2001. Like most experts, Phifer blames this continuous outbreak on misconfiguration. She went on to state that Gartner Research has predicted that misconfiguration will account for an estimated 70% of successful wireless LAN attacks through the year 2009.

With the advent of wireless Internet, more and more computer users are entering the world of cyber space.

Yet, while these users are well aware of the importance of the protection of their computer when hooked up to regular internet providers, they are often oblivious to the fact that the same cyber dangers, and in fact even more, exist in the world of WiFi.

What you may not know is that same Internet connection that makes it possible to check your email from the comfort of your bed also makes it easier for hackers to access your personal information.

It is for this reason, the sharing of the wireless Internet connection, that protecting your computer when wireless is even more important than ever before.