- New attack fells Internet Explorer
- Steve Jobs is a man of a few words
- Oddball gifts for uber geeks
- Global warming research exposed after hack
- Google adding IPv6 to YouTube
To build a secure wireless network, it's not enough to watch the airwaves. You must lock down the access points, much like the rest of your network infrastructure.
Network World Lab Alliance partner Rodney Thayer of Canola Jones conducted a penetration test on the wireless infrastructure devices (access points and switches) we tested. Particularly, we were looking to assess how the vendors protect the point at which the wireless device hits the wired network. We left the devices as close as possible to the recommended default configuration. In cases where Thayer criticizes a default setting but the vendor offers an option to make conditions more secure (such as changing from HTTP to Secure-HTTP), he noted this in the report.
It's clear from this testing that most devices arrive out of the box with a poor set of security defaults. Many access points don't have the option to disable low-security services, such as Telnet and HTTP, and enable higher security services, such as Secure Shell and HTTPS.
Thayer says most vendors opt for simple, rather than secure, defaults. For example, while few people manage wireless access points from a command-line interface, Actiontec ships its access point with Telnet enabled using a default password anyone can guess (it's the same as the username), which cannot be changed or disabled from the user interface. That's a pretty huge hole, even in the relatively low-end market Actiontec targets.
Thayer took steadier aim at enterprise-class access points built on more sophisticated platforms, such as HP and SMC, which left open debug ports from the real-time Wind River VxWorks operating system both use in their shipping products. While there might not be any known VxWorks exploits this week, this doesn't mean there won't be any next week.
Even vendors that have a clear focus on enterprise-class security, such as Aruba with their full stateful firewall, have been sloppy with their management defaults. Trapeze, another security-focused vendor, has a more haphazard take: It forces you into HTTPS management, but still lets you leave the password blank. That just does not follow good security practice, even if it's a default setting.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (3)
window film stops wireless emissions from glassBy Anonymous on April 3, 2008, 6:51 pmI know little about your field but want to have a film installed on my building's windows to reduce the network's emissions to hackers outside...??? I have heard...
Reply | Read entire comment
who caresBy Anonymous on June 4, 2008, 9:16 pmjoel and thayer have no idea what they're talking about. If hackers target someone, they will be able to hack into anything. Hey you get what you paid for
Reply | Read entire comment
who caresBy Anonymous on June 4, 2008, 9:16 pmjoel and thayer have no idea what they're talking about. If hackers target someone, they will be able to hack into anything. Hey you get what you paid for
Reply | Read entire comment
View all comments