Wireless Security
WPA2 Security question Nov 07 2010 02:52PM
Avi Shvartz (avishvartz1 yahoo com) (3 replies)
Re: WPA2 Security question Nov 08 2010 01:11PM
Joshua Wright (jwright hasborg com) (1 replies)
On 11/7/2010 9:52 AM, Avi Shvartz wrote:
> A big finance organization is considering to equip some workers in the branches
> with mobile TABLET devices (WIN 7 based) and using WiFi communication (within
> the branch only).
>
> My initial thought about the network is to use:
> - WPA2 Enterprise: CCMP/AES with RADIUS authentication (not PSK).
> - Decent firewall & IPS between the Access Point and the internal network.
> - Implement 802.1x within the internal network for any device that will slip
> through.
> - MAC filtering (I know.. spooffable.. hard to maintain.. but nevertheless...).

Instead of working with MAC filtering, I'd follow Rick's advice and
invest in a Wireless IDS. The WIDS will provide a lot of added benefit,
not the least of which helping you identify when a new previously
unrecognized MAC address is observed on the network. A lot of WiFi
attackers will start with their natural address for recon and basic
attacks before changing their MAC for more advanced attacks. This gives
you an opportunity to identify some information about the attacker,
which could also be useful for later forensic analysis as well.

-Josh

[ reply ]
RE: WPA2 Security question Nov 08 2010 05:39PM
Raggo Michael-TCK748 (Mike Raggo motorola com)
Re: WPA2 Security question Nov 07 2010 11:30PM
Richard Farina (sidhayn gmail com)
Re: WPA2 Security question Nov 07 2010 05:24PM
Grant Moerschel (gm wavegard com)


 

Privacy Statement
Copyright 2010, SecurityFocus