The Institute of Electrical and Electronic Engineers (IEEE) has defined a LAN as “a datacomm system allowing a number of independent devices to communicate directly with each other, within a moderately sized geographic area over a physical communications channel of moderate rates”.
A threat can be any person, object, or event that, if realized, could potentially cause damage to the LAN. Threats can be malicious, such as the intentional modification of sensitive information, or can be accidental, such as an error in a calculation, or the accidental deletion of a file.
Distributed File Storing – Inadequate protection mechanisms on the local workstation. For example, a personal computer (PC) may provide minimal or no protection of the information stored on it. A user that copies a file from the server to the local drive on the PC loses the protection afforded the file when it was stored on the server.
Remote computing must be controlled so that only authorized users may access remote components and remote applications. The inability to authenticate can lead to unauthorized users being granted access to remote servers and applications.
The topologies and protocols used today demand that messages be made available to many nodes in reaching the desired destination. This is much cheaper and easier to maintain than providing a direct physical path from every machine to every machine.
Other LAN security problems include -inadequate LAN management and security policies, lack of training for proper LAN usage and security, inadequate protection mechanisms in the workstation environment, and inadequate protection during transmission.
Inadequately protected email can easily be captured, and perhaps altered and retransmitted, effecting both the confidentiality and integrity of the message.
When transmissions are broadcast over radio waves, interception and masquerading becomes trivial to anyone with a radio, and so there is a need to employ additional mechanisms to protect the communications.
Privacy & Security threats in wireless networks can be Internal or external.
Internal – Rogue access points and Incorrectly configured access points.
External – Eavesdropping, Identity theft, War driving, Man-in-the-middle attacks,etc.
Eavesdropping is very easy in the radio environment, when one sends a message over the radio path, anyone equipped with a suitable transceiver in the range of the transmission can eavesdrop the message. Undetectable.
In wired networks we can always track the wire from our computer to the next network node, but in the wireless environment there is no such way to find out with whom we are talking to. In all cases both parties of the transmission should be able to authenticate each others.
The only real protection against this kind of attacks is the strong authentication mechanism of the mobiles accessing the wireless LAN.
The attacker positions himself between the victim and the device with which the victim is trying to communicate. The attacker can impersonate the receiver with respect to the sender, and the sender with respect to the receiver, without having either of them realize that they have been attacked.
An attacker can also impersonate a user. By monitoring the frame transmissions, a hacker can program a rogue radio NIC to mimic a valid one. In this way, the rogue radio NIC steals the ongoing session for which the valid user had logged into.
Service Set Identifiers (SSIDs), static WEP authentication and Media Access Control (MAC) addresses are often used to verify that clients are authorized to connect with an AP. However, knowledgeable intruders can pick up approved SSIDs and MAC addresses to connect to a WLAN as an authorized user.
Rogue APs - Rogue WLANs can be attached to corporate networks from authorized network users, inadvertently opening doors for intruders.
Incorrectly configured APs: Radio waves broadcast by wireless base stations are relatively powerful, and residential neighbors or adjacent businesses may connect to each other's wireless networks.
Many APs are initially configured to openly broadcast SSIDs of authorized users. SSIDs can be incorrectly used as passwords to verify authorised users, which allow intruders to easily steal an SSID and assume the identity of an authorized user.
Addresses the weaknesses of 802.11 data privacy by incorporating Temporal Key Integrity Protocol (TKIP), plus a sophisticated keying system that ties together the data privacy and authentication functions.
Activate WEP at the very least - The use of standard 802.11 WEP for networks where there is low risk of attack by actual hackers is a minimum for any security policy.
Ensure only authorized people can reset the access points. Some access points will revert back to factory default settings (i.e., no security at all) when someone pushes the reset button on the access point. This makes the access point a fragile entry point for a hacker to extend their reach into the network. As a result, provide adequate physical security for the access point hardware.
Properly install all access points. Don't leave access points within easy reach of a hacker who can replace a legitimate safeguarded access point with an unsecured, rogue access point that accepts access from any user.
Disable access points during non-usage periods.
Assign "strong" passwords to access points.
Reduce propagation of radio waves outside the facility. Through the use of directional antennas, you can direct the propagation of radio waves inside the facility and reduce the "spillage" outside the perimeter. Reduces the ability for someone to jam the WLAN from outside the perimeter of the facility.