4.4. Wireless Security Myths
"WEP is sufficient for encryption." - WEP (Wired Equivalent Privacy) is a legacy encryption technique and is not recommended for use. WEP is a poorly implemented encryption solution for securing wireless networks, and while it may deter the most novice of attackers, simple tools exist today to remotely acquire the encryption key and gain access to all transmissions within minutes.
"MAC address filtering stops attackers." - MAC (Media Access Control) addresses are identifiers attached to every wireless network adapter and AP, and are designed to be unique to each client adapter in the world and every AP. Many believe that entering these MAC addresses into their wireless configuration to only allow access from the specified addresses affords them a high level of security. While this also may deter the most novice of attackers, the allowed MAC addresses can easily be discovered by an attacker and then "spoofed", impersonating a legitimate user and fooling the AP into thinking the attacker is an allowed user. This is one of the simplest wireless attacks; also, maintaining a list of allowed MAC addresses is a cumbersome approach for large environments.
"Disabling ESSID broadcasts stops attackers." - Many access points offer the ability to hide, disable or cloak the broadcasting of the network's ESSID (Extended Service Set IDentifier), similar to a network name. Not only are there freely available tools which expose any hidden ESSID by sending special probes to the access point, but disabling ESSID broadcasts can actually open a security vulnerability: If an attacker were to discover the hidden ESSID, he could set up his own access point with the same ESSID, effectively creating a "honeypot" AP, to which clients would attempt to associate with, exposing further network details.
"WPA alone is sufficient for security." - Although WPA and WPA2 represent the cutting edge in wireless encryption, relying on either of them alone is never a good idea. Weak WPA keys can be recovered using dictionary attacks, and your wireless network can still be open to a host of other vulnerabilities.
Remember that computer security is a process, not a product. Wireless networks are no different, regardless of their size - there is no "silver bullet" security solution, despite what some vendors would have you believe.
While implementing some of the above methods are considered as mostly ineffective and are treated here as myths, using them as a supplement might offer some sort of peace of mind, depending on your environment. The important thing to remember is that problems arise when a single solution is relied upon, and the layered approach to security methodology is abandoned.
