Saturday, October 28, 2006

The Hidden Risks factors in Wi-Fi

Wireless networks offer tremendous benefits, but also present significant risks, particularly around ‘endpoint security.’ As more and more mobile workers use their laptops to connect to corporate and public Wi-Fi networks, IT departments — as well as end-users — will need to be aware of the risks and implement the right mitigation plans.

Most Wi-Fi security stories focus on the over-the-air (OTA) data encryption, wireless access control, or intrusion prevention. Although these are important issues, there are hidden risks with wireless that may not be well known, but still present some serious security challenges.

Two of them are (a) working in ad hoc mode and (b) dual homing — the simultaneous connection to two networks. Wireless Network Interface Cards (NICs) operate in two modes — infrastructure and ad hoc. Infrastructure mode is when you connect to an access point, perhaps in your office, at home, or at a public hotspot. Ad hoc mode allows you to make your laptop behave like an access point and have others connect to you through a peer-to-peer wireless connection.

Wireless laptops in ad hoc mode are prime targets for hackers to connect to and steal information because it is easy to do so and almost undetectable. Interestingly, many users inadvertently have their wireless NIC set to ad hoc mode by default because that’s how the laptop manufacturer set it, or they may have turned it on before but forgot to switch back to infrastructure mode.

An even scarier scenario occurs when a hacker sets his laptop as an ad hoc connection with the same name as a legitimate network, causing unsuspecting users to connect to it thinking it is a valid Wi-Fi network, and divulge important information such as passwords or credit card numbers.

Wired + Wireless Dual Homing
Most laptops today have two NICs — one for a wired connection (Ethernet, dial-up) and one for Wi-Fi. This enables the laptop to be dual homed, or connected to two networks at the same time.
If the Wi-Fi card is set to ad hoc mode, and the user logs on to the wired network, hackers can easily connect to the laptop via the ad hoc mode and then get access to the wired portion of the enterprise network using the dual homed laptop as a conduit.
posted by Joby on 2:36 PM | Permalink | 0 comments