Wireless networking presents several advantages and disadvantages. The primary pro versus con discussion pertaining to wireless networks revolves around cost versus the footprint of the attack vector. Wireless networks are lower in cost than traditional wired networks as they do not require expensive installation of structured cabling, but at the same time, they have a much larger wireless network footprint (Whitman & Mattord, 2017). This means that potential bad actors can interact with the network in a much larger area. In fact, there have been some examples of bad actors gaining access to corporate wireless networks by parking in nearby parking lots or even just by driving by. This practice of driving though urban areas and documenting locations with access to business wireless networks is called war driving (Whitman & Mattord, 2017). For this reason, it is important that corporate wireless networks are appropriately sized; they should not be so powerful that they are readily available outside of the desired coverage area.

Another key advantage of wireless is convenience. Many corporate employees enjoy the luxury of not being tethered to their desk or workstation. The mobility that wireless and cellular/mobile technologies afford workers empowers them to complete their work in ways previously not thought possible. But again, information technology teams and auditors should take great care to protect the wireless network, as this mobility can also be a disadvantage. The ability to work untethered from the corporate network also means that bad actors can potentially compromise corporate systems without being geographically or physically located near the network itself.

Techniques and Objectives for Auditing Wireless Networks

The specific risks inherent to wireless networking discussed above must be considered when planning an audit of a wireless network. These specific concerns rely primarily with the wireless hardware and mobile devices that make up the three attack vectors (client, access point, and transmission medium). Industry experts recommend that auditors confirm that the following minimum security configurations are in place for any given wireless network:

Admin username and password for the router has been changed to a secure, non-standard password The SSID is hidden to prevent war driving or other unauthorized visibility ACLs based on hardware MAC addresses are in place to prevent unauthorized devices from connecting to the corporate network Credentials used for authentication to the wireless network are secure and changed regularly The transmission of data is encrypted VPN is used for secure remote access

Similarly, wireless networks should employ appropriate authentication and encryption protocols. In fact, selecting the appropriate wireless authentication method for an organization’s wireless network is one of the most important decisions a network engineer will make. Available options include:

open (no authentication is needed to connect)

shared (authentication is accomplished via a shared password)

EAP (Extensible Authentication Protocol, which utilizes a server to generate an encrypted key)

Authentication alone does not constitute a security standard, however, and so ultimately the decision comes to down to which set of standards/protocols contain the best mix of authentication, encryption, and other desired features. Well-known wireless connection technologies such as WEP, WPA, WPA2 and others give administrators a multitude of options when considering the ways in which their users will interact with the wireless network. Not all of the technologies are created equal, however, as WEP should not be considered an option at all due to its fundamental flaws (such as using open authentication) which can be easily exploited to give bad actors access (Whitman & Mattord, 2017). As industry experts generally agree that utilizing WEP is a bad idea, it has since been replaced by WPA/WPA2/WPA3. WPA2/3 can be configured to use a pre-shared key or EAP via an 802.1x authentication server. In general, the use of an authentication server, such as RADIUS, is the preferred option as it provides the most secure blend of authentication and encryption.

Wireless Auditing Tools