Wireless security – Tales from the Crypto

Wireless security

[Updated to reference Microsoft article on non-broadcast wireless networking]

I read an article the other day in Information Week, by Preston Galla. The name rang a bell, and I remembered that he used to review shareware for ZDNet. The fact that I remember his name suggests that I disagreed strongly with what he wrote about my software :-)

The article basically says that you can secure wireless networks by a few simple steps:

  1. Hide your network ID (disable SSID broadcasts)
  2. Use Encryption “WEP is probably enough”
  3. Filter out MAC addresses
  4. Limit the number of IP addresses offered by your DHCP server
  5. Sniff for intruders using a tool like AirSnare
  6. Install host-based firewalls on all systems

Let’s contrast that with a ZDNet blog article by George Ou on “The Six Dumbest Ways to secure a Wireless LAN“, along with a quick parenthetical summarisation of what I believe George is saying:

  1. MAC filtering (an attacker can fake a MAC if he intercepts a packet)
  2. SSID hiding (an attacker can read the SSID from many other packets)
  3. LEAP authentication (CISCO screwed up)
  4. Disabling DHCP (an attacker can easily steal another host’s IP address)
  5. Antenna placement (search on “Pringles can” and “wireless”)
  6. Use only 802.11a / Bluetooth (oh, because hackers don’t have those?)

Dishonourable mention: WEP encryption – “it takes only a few minutes to break a WEP based network which makes WEP completely ineffective”.

I make that three out of six of Preston’s recommendations on how to secure wireless networks line up in George Ou’s “dumbest six ways”. I have to agree with George.

The DHCP one is a classic – to try and limit the hackers, you make it easier for them to engage in a denial of service attack on you?

That’s stooopid.

Even Microsoft, a company known for allowing people to make decisions that don’t exactly help security (hello, account lockout?) without comment, has documentation on disabling SSID broadcast as being a bad idea – note the tone of the article says “we’re trying to make it easier to do this, but really, it’s a bad idea to begin with”.

6 Responses to Wireless security

Leave a Reply

Your email address will not be published. Required fields are marked *