Security Threats of Wlan

With the growing deployment of WLANs, e.g. in a business environment, the risk of unethical data interceptions increases significantly.Setting up a rogue access pointA rogue access point (AP) is a unknown wireless AP that has been installed on a secured network without any authorization from the network administrator.The rogue AP is usually set up on business or a government network by a malicious attacker with the possible intention of ruining the organization for his/her own personal benefits.This is a common security threat that’s often used by attackers to trick businesses into believing that they are connecting to a legitimate AP.

Tricked people, in reality, are falling into a trap that has been set up by an unethical hacker to intercept confidential and sensitive data from the business in particular.To prevent this, businesses can install WIPS (Wireless intrusion prevention system) to monitor the radio spectrums of unauthorized APs, and take actions accordingly.Evil twin access pointsA rogue access point can easily advertise the same SSID (Service Set Identifier; network name) as that of a legitimate AP.This can easily trick nearby WiFi users to connect to them because they can’t distinguish between legitimate and rogue APs at a moment’s notice.It is not too difficult to create an evil twin AP for malicious purposes.

In fact, tools like the Karmetasploit have made this as easy as a piece of cake. It allows you to fake APs, capture passwords, gathers data and conducts browser-based attacks against clients.Server authentication is the only thing that can act as a defense against the Evil Twins AP threats.Stolen or lost WiFi device threatsThis is a lesser known threat, and hence, is ignored the most of the lot. People might have locked your business WiFi with the most powerful security available in the market, but what happens if they actually lose the device with which they used to get onto the very same network?The device can be anything ranging from a smartphone to a laptop to a tablet or even a PC. Whoever recovers the device might get himself/herself in a position to access the network based on the saved data on the device, provided she’s able to crack open the password of the device itself (If there’s no password, it gets a lot easier).

So people can easily see that this is a problem that should never be taken lightly at any possible costs.To prevent this, if person lose a device that’s primarily connected to they business, in particular, be it a mobile or a laptop or even a tablet, he or she should try to remotely lock or wipe out the device without any further ado. It is also advisable to change all WiFi passwords in the business network as soon as the loss comes to notice.