Getting Past WLAN 'Apathy'

By Jim Wagner

August 30, 2002

FEATURE: Despite the dangers, some legitimate and some media-inspired, corporate wireless networks around the country are still at risk to hackers and wardriving enthusiasts.

Steve McCuchin knew he had to do something about 802.11b security after finding out how easy it was to download tools designed to break into his network.

A senior network administrator for the State of North Carolina's Department of Public Instruction, overseeing the security of 2,400 K-12 schools in the state, he was well aware of the potential problems a hacker could cause if given access to PCs eyeballed by thousands of school children.

"We hadn't had any known problems, but like everybody else, we started to see things come up," McCuchin said. "We downloaded some free tools and started to see how easy it was to find wireless networks around the city. So we decided before we get hacked, we'd try to be a little proactive."

His solution? Get his bosses to approve more resources to beef up the state's wireless network before an incident happened. With almost 100 of the schools in the state already sporting wireless access points (APs) and many more exploring the technology, he was able to convince the bureaucracy to free up more money pay the IT staff to properly configure WiFi-connected networks before something happened.

Not all corporate IT departments are as lucky as McCuchin; in most cases, IT departments are under-funded and under-qualified to deal with their own 802.11b networks, a situation that leaves corporate intranets open to a growing legion of wireless enthusiasts looking to sniff out wireless hotspots, whether it's legal or not.

Wardriving is in
Wardriving has received a lot of attention in the press lately. Stories of people around the country with a lot of time on their hands -- armed with Pringles cans for antennas, a laptop running a wireless AP network "sniffer" program, a PMCIA card and a piece of chalk -- and mapping out a national "hotspot" map should be enough to send executives scrambling to ensure their network is up to snuff.

NetStumbler, by far the most popular -- though not the only one -- for example, has 18,474 registered users. Most of its users spend their free time driving throughout the city looking for the next "open" network.

The Web site's national map has tagged hotspots throughout the U.S., with breakouts by city and state. Two University of Kansas researchers have even come up with a method for cr eating full-color images showing the reach of wireless networks on maps.

NetStumbler's creators, to their credit, give businesses the option to have their AP taken off the map, so to speak, but if an IT staff doesn't know enough to set up a wireless network in the first place or have enough time to set it up correctly, they aren't likely going to know their network's availability is general knowledge.

According to Mark Coley, a security consultant with HCS Systems, most IT departments don't have the money or inclination to fix their wireless vulnerabilities.

"There's an increasing amount of apathy when it comes to wireless security," he said. "In many cases, you'll see networks where they've put the access point inside the firewall and mistakenly place them on workstation subnets where DHCP from the servers is available. My advice is to place them outside the firewall and treat them as external interfaces."

The end result is a comprehensive wired-network intranet that is loaded with virtual private networking (VPN) equipment, secure routers and firewalls -- all for naught because of an AP sitting inside the firewall, open to the world for anyone with a little know-how to access.

Pages: 1 2


Comment and Contribute
(Maximum characters: 1200). You have
characters left.