Risks and Risk Control of Wi-Fi Network Systems 

 
Download Article

Wi-Fi wireless network systems are growing rapidly because they are easily deployed and provide convenient network access to users. Currently the most popularly applied wireless network is standardized by the Institute of Electrical and Electronic Engineers (IEEE) 802.11b/g Wireless Fidelity (Wi-Fi). Wi-Fi wireless Ethernets provide network access to business facilities and public areas without wiring and enable ubiquitous access to networks from mobile devices such as notebook and handheld computers. However, due to the widely reported security weakness of the 802.11 networks, businesses also face tremendous risks associated with the Wi-Fi networks. This article identifies the risks associated with using Wi-Fi networks, introduces available technologies to reduce and control the Wi-Fi network risks, and discusses necessary security policies for organizations when applying wireless technologies. These are also the areas that information technology (IT) auditors should pay attention to when they audit organizations’ Wi-Fi networks. IT auditors can also use this information when they evaluate the reliability, security, and integrity of organizations’ computer systems.

Introduction

The next generation of the computer network revolution is expected to be “Ethernet Everywhere.” 1 Different versions of Ethernet have been rapidly accepted as the network solutions for all geographical locations and scales. In addition to the common practice of many organizations to apply Ethernets on local area networks (LANs) and backbone networks (BNs), the trend also includes gigabit Ethernets for metropolitan area networks/wide area networks (MANs/WANs) and 802.11 wireless Ethernets (Wi-Fi) for LANs, home office/small office (Ho/So) and public areas known as hotspots. Through the mixture of wired and wireless interconnections, these individual hotspots can be further extended into a MAN/WAN mesh network. Examples include the M-city projects in Taipei by Nortel.2

Wi-Fi networks have become pervasive in recent years because the costs of Wi-Fi access points and network interface cards (NICs) are more affordable for businesses and home users, and the installation of Wi-Fi networks has become as simple as so-called “plug-and-play.” Many businesses have already developed their own wireless LANs (WLANs) based on Wi-Fi technology. Hotspots in public areas also provide Internet accessibility. However, when business users transmit sensitive information (e.g., unencrypted e-mails or remote corporate Intranet access) over an insufficiently secured Wi-Fi connection, the users are exposed to multiple types of information attacks.

It is important to identify the risks businesses are exposed to when applying Wi-Fi networks and understand the available technologies to control and reduce their risks.

Wi-Fi Networks Overview

The most widely used standard for WLANs is the IEEE 802.11b/g, known to many people as Wi-Fi. This standard was developed by the IEEE, which is the largest international professional association and standard-setting organization in the electric and electronic area. Its standard-setting tasks are carried out by many concurrent working groups, such as the 802.11 working group,3 which is responsible for WLANs standard-setting and has been drawing intense attention from the industry. Wi-Fi Alliance4 is a nonprofit group involved in the interoperability of industrial WLAN product vendors. It was established in 1999 and issues product certifications for its members. In January 2003, Wi-Fi Alliance also started the certification of hotspots (known as Wi-Fi zones) to provide 802.11b/g WLANs access in public areas such as hotels and airports.

ImageThe modulation process converts the digital signals of 1s and 0s into signals of certain frequency ranges known as channels. Then radio spectrum is used to transmit data in WLANs. WLANs were standardized by 802.11b in 1999 and the high-speed extension by 802.11g in 2003. Both networks use radio frequency (RF) channels in the US Federal Communications Commission (FCC) license-free 2.4 GHz Industrial/Scientific/Medical (ISM) band. Until the recent booming of Wi-Fi technology and other similar innovative technologies including WiMax, Mobile-Fi, ZigBee, Ultrawideband and Bluetooth devices, these radio frequencies were used only by microwave ovens, some medical equipment and cellular phones. Wi-Fi networks operate in one of two modes. One is called infrastructure mode, which is a centralized architecture with access point (AP) and Wi-Fi-ready client computers; the other is called ad hoc mode, which is a peer-to-peer architecture with only Wi-Fi-ready client computers. Through the interoperation of the ad hoc and infrastructure modes, as well as the wired and wireless interconnections of wireless routers and access points, a mesh Wi-Fi network can be constructed to cover a MAN/WAN range. Figure 1 illustrates the infrastructure and ad hoc Wi-Fi networks and figure 2 is an example of a Wi-Fi mesh network model. Wi-Fi networks will continue to grow because of their advantages in comparison with the wired networks. One recent survey shows 57 percent of US companies already support 802.11 networks, with an additional 22 percent planning to implement and support this technology in the next 12 months.5

ImageWLANs can save money on expensive cables and wiring processes while providing high mobility and this advantage becomes more significant as the network scale grows larger. The mobility increases the flexibility of obtaining and communicating business information, facilitates information and business processes, and improves management decision making. A study of Intel IT and E-business Group6 shows that an average of 11 minutes’ productivity gain per week will pay for a WLAN and most WLAN users will gain much more productivity.

However, the gain of productivity should not compromise the baseline of the network and information security. Security weaknesses and risks in wireless networks become the biggest concern and obstacle among the businesses and users of existing and planned Wi-Fi networks. Auditors, especially IT auditors, who are the professionals to ensure the information systems’ reliability, security and integrity, should be aware of the risks in the Wi-Fi networks and be familiar with the technologies to secure Wi-Fi network communications.

Wi-Fi Vulnerabilities and Risks

The unique security issue in Wi-Fi networks is that all data transmission is not over physical wires but through radio waves in open space. Therefore, IT auditors should pay special attention to the areas described in the following sections.

Unauthorized Use of Service

In wired Ethernet LANs, the LAN cables and other network equipment are secured behind walls and in closets. Tapping into a physical network to breach the system from inside a company is usually difficult. Furthermore, proper installation of firewalls and intrusion detection servers can construct a fairly safe internal network even though the LANs are eventually interconnected with the Internet. Deploying a Wi-Fi network is as easy as purchasing an AP in a local electronic store or on the Internet to connect to the existing wired network. If an organization simply keeps vendors’ default settings when deploying a Wi-Fi network in an area, data transmitted over radio waves can be captured by any Wi-Fi-ready devices in the area. As a result, the network scope is no longer encompassed by the building walls and can be accessed by “war drivers.” War drivers use high-gain antennae and software to log the existence of vulnerable Wi-Fi networks and map their geographic locations using global positioning systems (GPS). Some of these maps are posted on hackers’ web sites for downloading. 7

After an organization has replaced its wired Ethernet LAN with a Wi-Fi network installation, IT auditors should check all AP settings to make sure that they have authentication and encryption protections. Nearly all APs are set by default to not have any authentication and encryption protection or to use the manufacturer’s default password for Wireless Equivalent Privacy (WEP) for easy use and rapid deployment.8 When the AP is installed by default and without the minimum protection, the AP can be accessed by any Wi-Fi-ready computers with virtually no effort. Through unprotected APs, unauthorized users can gain access to the Wi-Fi network and to all data packets transmitted over the LAN. If the packets are not encrypted, unauthorized users can easily read the information transmitted over the LAN. When IT auditors detect wireless AP settings without proper authentication and encryption protections, they need to identify a two-fold risk:

  1. Unauthorized users consume Wi-Fi network resources for free and may interfere with normal network traffic.
  2. They may also pose a threat to data security for unencrypted data.

Another type of protection against war drivers is to apply the media access control (MAC) filter protection. MAC filter protection is based on constructing a table of legal users’ NIC hardware (MAC) addresses to filter out illegal users. IT auditors need to be aware that this protection can be bypassed by spoofing the Wi-Fi data packets. This is further discussed in the Frame Spoofing section.

WEP Crack

The authentication and encryption protection specified by the original 802.11 standard is WEP. As mentioned in the previous section, this security tool is not activated by nearly all APs or is set to use a fixed default key for a specific vendor’s products when “out of the box.” Therefore, IT auditors need to check that the WEP keys are properly set manually so that the security tool can reach 128-bit high encryption and the key cannot be recovered by brute-force attacks. However, IT auditors also need to be aware that WEP has a well-known security breach in its key scheduling algorithm that makes it susceptible to a WEP crack attack. This weakness has been revealed and a cracking algorithm is available.9 Moreover, this algorithm has been implemented in downloadable tools such as WEPCrack and AirSnort.10 The process is based on collecting and analyzing enough frames to recover the encryption key. Although such a crack might take days on a home or small business WLAN where traffic is light, it can be accomplished in a matter of hours on a busy corporate network.11 Therefore, IT auditors must be aware that even when properly set, WEP encryption is not sufficiently secure.

Frame Spoofing

A frame spoofing attack is a common attack to wired and wireless networks. In the wireless world, frame spoofing attacks can take the form of session hijacking and man-in-the-middle (MITM) attacks.

A Wi-Fi frame is the data packet with structure specified by 802.11 protocols. Every frame sent on Wi-Fi networks has a source and a destination address. However, these source addresses are not encrypted and authenticated under WEP, which means there is no guarantee that the station with the source address actually put the frame “in the air” and therefore can be spoofed.

ImageAn easier type of session hijacking attack uses frame spoofing to impersonate a legal user of an organization’s network and throttle the communication of the actual user. Since the legal user will immediately observe the interruption of communication, it is relatively easy to detect. A more sophisticated session hijacker can use spoofed frames to redirect traffic and corrupt address tables in the AP and client computers.12 The attacker can also pretend to be an AP to the client and a client to the AP and launch a MITM attack, described in figure 3. The MITM can intercept and alter the message between the client and the AP, but this type of attack needs very sophisticated spoofing techniques.

IT auditors should require that new security standards, such as Wi-Fi Protected Access (WPA), be in place to address the interception of data. In addition, an intrusion detection system should be installed as a second line of protection to detect abnormal operations.

Traffic Analysis

Another weakness of WEP is that it not only leaves the frame headers unprotected, but also leaves the control frames not encrypted and authenticated. This allows the attackers a large space to eavesdrop and analyze the traffic and to disrupt the transmissions with spoofed control frames. Tools such as AirJack13 can forge control frames. This tool can also spoof data frame addresses and fake APs.

Although sniffing the Wi-Fi control frames is a relatively passive attack, sensitive network setting information revealed by it can be used to assist with all attack types mentioned previously. Forging control frames can cause the disruption of wireless network service. For example, one type of denial-ofservice (DoS) attack functions by forging a control frame, called deauthentication, to cause users under attack to be unable to connect to the AP. 14 Other types of DoS attacks will be addressed separately in another section because of their different nature.

To prevent these types of attacks from abusing the Wi-Fi control frames, advanced cryptographic infrastructures such as WPA must be applied. Please note that unlike the DoS placed by the forging of control frames, multiple types of lower-level DoS attacks are beyond what can be addressed by advanced cryptography. An overview of these DoS attacks will be discussed in the next section.

Denial of Service (Jamming)

A DoS attack is one wherein an attacker attempts to disable the target network from serving its legitimate users.15 Multiple types of attack can be performed by emitting RF signals that do not follow the underlying Wi-Fi MAC protocol.16 They are also often referred to as jamming attacks.

Physical DoS attacks can be less sophisticated but highly threatening, although not very common. A deliberate jamming attack is to set up a transmitter to operate on the same 2.4 GHz band and that has enough power to overwhelm the access point’s signals. For instance, a deliberately modified microwave oven can spread radio waves covering the complete bandwidth with overwhelming power.

The jamming adversary (i.e., jammer) can use multiple models to attack:

  • A constant jammer continuously emits a random radio signal. This will prevent legitimate users from accessing a channel and sending packets. The source of a constant jammer can be relatively easy to detect, since its signal does not have a packet structure.
  • A deceptive jammer constantly injects regular packets instead of random radio signals. As a result, a legitimate user will be deceived into remaining in the receiving state and, therefore, cannot start transmission.
  • A reactive jammer can be even harder to detect by staying quiet when the network communication is idle but starting jamming as soon as it senses network activity.

The uniqueness of these DoS attacks lies in the fact that they cannot be addressed sufficiently by simply applying appropriate cryptography, such as WPA, since they do not follow the underlying Wi-Fi physical and MAC protocol. To minimize the physical DoS attack, IT auditors should perform a site survey of radio interference before the design and deployment of a Wi-Fi network and conduct periodic resurveys to locate sources of interference either accidental or deliberate. To detect and locate the jammers to remove them, some suggest that multiple measurements can be compared with those from the normal operating wireless network as benchmarks for jamming attacks. 17 These measurements include signal strength, carrier sensing time (the time for a node to obtain access to a channel) and packet delivery ratio (rate of successful delivery). To further locate the jammer, a wireless network with multiple Ps/nodes can use the measurements from all nodes and check the consistency of these measurements to identify the jammed region and the estimation of the jammer’s location. Enterprise network administration tools such as CiscoWorks200018 can be used to facilitate these analyses.

These five types of vulnerabilities of the current Wi-Fi networks may threaten the organization’s information security. IT auditors may identify the following major risks—some are unique to the Wi-Fi networks and some are found in any networks including Wi-Fi networks:

  1. Interception of user ID and password—Unencrypted or cracked Wi-Fi communication exposes logon operations and breaches user ID and password, which are used to access sensitive information of an organization.
  2. Interception of data—When unencrypted or cracked Wi-Fi communication is eavesdropped, sensitive data can be breached by the attacker.
  3. Corruption of data integrity—Advanced attacks based on the previous two risks along with frame spoofing can further corrupt the data integrity, damaging organizations’ database systems and information processes.
  4. Disruption of network communication—DoS attacks directly disrupt the Wi-Fi network communication. Now that organizations heavily rely on network communications, even the shortest disruption can mean significant financial losses.

Technologies to Secure Wi-Fi Network Communications

Although 802.11i was ratified by IEEE in June 2004,19 implementation of the complete standard requires new hardware, including a dedicated chip to handle the encryption and decryption using Advanced Encryption Standard (AES). This will cause a significant latency in vendor implementation and current Wi-Fi networks upgrades. The robustness of the standard will also face the real-world application test. Before that time, security technologies applied on network communications in general and the Wi-Fi networks specifically must be combined to ensure the security of Wi-Fi network communications.

Many security technologies can be applied to the Wi-Fi networks for authentication and encryption purposes. These technologies include, but are not limited to, a virtual private network (VPN) based on Secure Sockets Layer (SSL) or IP Security (IPSec). SSL is implemented over the network application layer by negotiating encryption techniques and exchanging keys automatically. SSL is widely used on the web for securing transmissions of credit card information and have been proven to be secure through extensive applications. SSL only requires implementation on the two communication end parties and, therefore, can be completely software-based. IPSec is similar to SSL in key exchanges but functions at a lower level and, therefore, requires the routers to construct VPN. Once implemented on the routers, possibly using encryption hardware, it is more efficient and uniformly protects all traffic between the two communication parties. IT auditors should suggest the use of VPN technology when advanced encryption over Wi-Fi, such as WPA, is not practical for an organization’s WLANs and remote access.

WPA is based on the draft of 802.11i. WPA provides the most sophisticated rapid rekeying technology of Temporal Key Integrity Protocol (TKIP).20 In addition, WPA adds Message Integrity Code (MIC), which is a cryptographic checksum to a packet before encryption to construct a strong protection against frame spoofing. WPA has taken the major components of the draft of 802.11i and has the capability of protecting against session hijacking and MITM attacks. Hence, WPA has addressed almost all known WEP weaknesses. Another strength of WPA includes the fact that hotspots in public areas can also benefit from this enhanced security technology. 21

Microsoft released the WPA patch for Windows XP in March 2003.22 Although the security features in WPA are highly regarded, WPA for the rest of the operating systems is not yet available. WPA-compatible Wi-Fi hardware including NICs and APs and firmware upgrades are still making their way to the market.23 It may take several years, therefore, for the completion of the hardware and software upgrades of the existing Wi-Fi networks to be able to fully adopt this new security technology. Meanwhile, even if we trust that the complete application of 802.11i will be able to remove all WLAN security threats in the future, for the time being business users must understand and manage the risks of applying Wi-Fi networks in business communications.

ImageFor the authentication (i.e., access control) in a wireless network and user account management, IEEE 802.1x has been proven in practice to be a reliable method of authenticating users to wired and wireless networks. Figure 4 demonstrates a wired/wireless LAN applying IEEE 802.1x authentication. The process of a new wireless user’s authentication includes these major steps:

  • When a new wireless user requests access to a LAN resource, the AP asks for the user’s identity. The user who requests authentication is often called “supplicant.” The supplicant is responsible for responding to authenticator data that will establish its credentials.
  • After the identity has been sent, the authentication process begins. The protocol used between the supplicant and the authenticator is Extensible Authentication Protocol (EAP). The authenticator reencapsulates the EAP messages in Remote Authentication Dial-In User Service (RADIUS) format, and passes them to the RADIUS authentication server.
  • During authentication, the authenticator just relays packets between the supplicant and the authentication server. When the authentication process finishes, the authentication server sends a success message (or failure, if the authentication failed). The authenticator then opens the “port” for the supplicant upon success and the supplicant is granted access to other LAN resources/Internet. Figure 4 shows that a wireless node must be authenticated before it can gain access to other LAN resources.

Therefore, IT auditors should suggest the implementation of a RADIUS server(s) and 802.1x authentication infrastructure to business Wi-Fi users. Many RADIUS implementation options are available including Microsoft’s implementation, which is optional for Windows XP and Windows Server 2003, and free implementations, such as FreeRADIUS,24 that are suitable for cost-sensitive small business and small networks.

Control Risks in Business Wi-Fi Network Communication

The biggest threat to Wi-Fi network security is ignorance. Management awareness and responses to wireless network weaknesses are critical to reduce the risks in Wi-Fi networks and increase the benefits of this fast-growing technology. This will in turn help to ease users’ psychological fears of using these types of “invisible” networks. To the extent that a security level is desired, the features of confidentiality, authenticity, integrity and availability should be provided in wireless networks.25 These are also areas in which auditors can provide assurance concerning companies’ wireless networks.

  • Confidentiality—Assurance that the message sent over the wireless network is readable by only the intended recipient (i.e., protection against interception or eavesdropping)
  • Authenticity—Assurance that the message originates from the claimed entity (i.e., protection against spoofing or impersonation over the wireless networks)
  • Integrity—Assurance that the message has not changed in transmission over the wireless network (i.e., protection from transmission errors and/or willful modification of the message)
  • Availability—Assurance that the data will be available to users when and where they are required (i.e., protection against DoS or poor reliability)

The provision of these security features relies on the proper applications of the security technologies. The satisfactory level of the security features in the business communication network context is evaluated together with other criteria such as scalability, performance and manageability to decide the most favorable Wi-Fi network design. IT auditors should pay attention to the following management practices to assess the risks in Wi-Fi networks.

Wi-Fi Network Design

WLAN design decides the security level a Wi-Fi network needs to reach. Defects in the original network design cannot be easily remedied by maintenance efforts. This issue is especially significant for large business communication networks with a complex administration structure and multilevel application of Wi-Fi networks. Wi-Fi network design must deliver the security features of confidentiality, authenticity, integrity and availability. Moreover, in consideration of the rapid growth of Wi-Fi technologies, extensibility, which is the upgradable capacity to support future expansion in security and transmission rate (e.g., 802.11i and 802.11g for WLAN), is another critical feature that must be provided by the design.

Site Survey and Network Monitoring

Site survey is a process required for the design and the maintenance of the Wi-Fi networks. The purpose of an RF site survey is to ensure adequate RF coverage throughout a facility by determining the most effective number and placement of access points and to analyze RF impairments, such as multipath distortion and RF interference.26 Properly planned, scheduled and documented site surveys are a powerful control process to provide efficient RF coverage and locate interference. Another byproduct of the site survey is the reduction of RF leakage outside of the business facility, which also improves network security.

Wireless network monitoring is critical for identifying sources of RF interference and jammers. Measurements such as signal strength, carrier sensing time and packet delivery ratio, as well as their consistency and distribution, should be logged and monitored by the network administration. Benchmarks can be set by IT auditors to measure network healthiness and identify network jamming.

Firmware and Software Upgrade

Firmware is software stored (firmed) in read-only memory (ROM) or programmable ROM (PROM). It is easier to change than hardware. Many Wi-Fi hardware vendors provide firmware upgrades as they adopt new security standards that have been ratified. These firmware updates combined with software vendor upgrades can improve the Wi-Fi network security with minimum reinvestment.

Wi-Fi Firewall

ImageWi-Fi networks should be classified as untrusted networks and, therefore, be isolated from the trusted organizational intranet by special Wi-Fi firewalls. Figure 5 is the recommended organizational network architecture.

There are many types of firewalls. Some of them are purely hardware or software. More powerful solutions are a combination of hardware and software. Many Wi-Fi gateways and access points have built-in firewalls. These firewalls commonly include network address translation (NAT) functionalities that make the networked computers invisible to simple hacking scans and probes. Under situations where the devices do not have these built-in functionalities, software firewalls, such as WirelessWall, are available for Windows 98, ME, 2000 and XP. 27

Intrusion Detection

Intrusion detection is the service of locating an intrusion in progress. Although the best policy for security is proactive instead of reactive, an intrusion detection system is an effective second line of defense against attacks. Intrusion detection systems identify intrusions by comparing them either with an attack signature, called misuse detection, or comparing them with normal operations, called anomaly detection. Intrusion detection systems can lure the intrusion to a setup scene to distract attackers and track the source of the attack to block the attack or collect evidence for legal operations.

Most intrusion detection tools are effective on Wi-Fi networks. There are also intrusion detection systems specifically designed for WLANs such as WiFi Watchdog.28

Internal Policies

Organizations must establish policies and requirements for using Wi-Fi networks. For example, as a security-sensitive organization, the US Department of Defense (DoD) has set up a model for using adequate internal policies to remedy Wi-Fi security weakness.29 DoD requirements include that “secret” and “top secret” data must be protected with a Type I algorithm, e.g., AES, and that no interconnection of 802.11 networks with classified networks is allowed.

Although the interpretation of improper usage of Wi-Fi networks varies for organizations, the following use of Wi-Fi networks that threatens data and network security should be banned under most circumstances:

  • Rogue APs—The easy deployment of Wi-Fi APs explains the increase of rogue APs, which are installed internally without authorization by employers. Unauthorized installation of APs rarely satisfies the security requirements and, therefore, poses a threat to information security.
  • Ad hoc mode—This peer-to-peer mode of Wi-Fi networks actually converts the computers/workstations involved into rogue APs, because any workstation is equivalent to an AP under this mode. If any of the computers involved are not protected properly, the communication can be easily intercepted. This is especially true for handheld devices such as pocket PCs because no security tools except for WEP are available on these platforms so far.

Scanning tools that can locate these unauthorized or insecure APs and workstations are available either stand-alone or built into IDSs, such as Wi-Fi Watchdog. This scanning process should be implemented both as IDS-automated tasks and part of the site survey to supplement the organizational policy.

Almost every new technology comes with benefits and risks. On the one hand, Wi-Fi wireless technology can greatly improve the information process and business practices, because it provides a fast and convenient network connection to users; on the other hand, it also comes with tremendous risks to organizations that either do not understand those risks or do not act accordingly to control those risks.

Conclusion

Major risks associated with Wi-Fi wireless networks include unauthorized use of service, WEP crack, frame spoofing and session hijacking, traffic disruption, and ultimate denial of service. Some of them are common in any wired or wireless networks; some of them are unique to Wi-Fi networks only because Wi-Fi networks transmit data over radio waves in open space. IT auditors should understand the unique features of Wi-Fi technology and assess the risks.

Technologies are available to control risks in Wi-Fi networks and secure Wi-Fi communications. IT auditors should examine the critical role played by management to establish policies and procedures that can control most Wi-Fi risks.

References

Cisco Systems, “A Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite,” white paper, 2002

Microsoft, “802.1x—Solving the Key Management Problem,” white paper, http://www.microsoft.com/windowsxp/pro/ techinfo/administration/wirelesssecurity/solvingkey.asp

Endnotes

1 Aboba, Bernard; “Ethernet Access: The Coming Revolution,” www.drizzle.com/~aboba/IEEE/Ethernet_MAN.zip
2 Nortel, “Nortel Wins Taipei’s Mobile City Project Phase II Contract to Deploy Wireless Mesh Network,” www.nortel.com/corporate/news/ newsreleases/2005b/06_02_05_qware.html, accessed January 2006
3 http://grouper.ieee.org/groups/802/11/index.html
4 www.wi-fi.org
5 Singer, Michael; “Wi-Fi: a Positive Disruption,” Small Business Computing, April 2003, www.smallbusinesscomputing.com/ webmaster/article.php/2174571
6 Intel, “Wireless LANs: Linking Productivity Gains to Return on Investment,” December 2002, www.intel.com/eBusiness/pdf/it/pp024801.pdf
7 Gast, Matthew; “Seven Security Problems of 802.11 Wireless,” The O’Reilly Network, www.oreillynet.com/lpt/a/2404
8 “Wireless LAN Security, Internet Security Systems,” technical white paper, http://documents.iss.net/whitepapers/ wireless_LAN_security.pdf
9 Fluhrer, Scott; Itsik Mantin; Adi Shamir; “Weaknesses in the Key Scheduling Algorithm of RC4,” www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf
10 To download AirSnort, see http://airsnort.shmoo.com/; to download WEPCrack, see http://sourceforge.net/projects/wepcrack.
11 Wi-Fi Alliance, “Wi-Fi Protected Access Overview,” www.wi-fi.org/OpenSection/pdf/Wi-Fi_Protected_Access_Overview.pdf
12 Op. cit., Gast
13 To download AirJack, see http://sourceforge.net/projects/airjack/.
14 Lynn, Mike; Robert Baird; “Advanced 802.11 Attack,” http://802.11ninja.net/bh2002.ppt
15 Stanley, Richard A.; “Wireless LAN Risks and Vulnerabilities,” Information Systems Audit and Control Foundation (ISACF), white paper, www.isaca.org
16 Xu, Jun; Wooyong Lee; “Sustaining Availability of Web Services under Distributed Denial of Service Attacks,” IEEE Transactions on Computers, vol. 52, no. 2, February 2003
17 Ibid.
18 www.cisco.com/en/US/products/sw/cscowork/ps4737/ products_getting_started_guide_chapter 09186a00800ca020.html
19 http://wifinetnews.com/archives/003939.html www.internetnews.com/security/article.php/3373441
20 Microsoft, “Overview of the WPA Wireless Security Update in Windows XP,” Microsoft Knowledge Base
21 Geier, Jim; “WPA Security Enhancements, 802.11 Planet,” www.80211-planet.com/tutorials/article.php/2148721
22 To download Windows XP Support Patch for WPA, see www.microsoft.com/downloads/details.aspx? FamilyID=009d8425-ce2b-7a4-abec-274845dc9e91&displaylang=en.
23 Brewin, Bob; “Microsoft Bolsters Wi-Fi Security in XP; HP Unveils 802.11g Laptops,” Computer World, 31 March, 2003, www.computerworld.com/securitytopics/security/ story/0,10801,79897,00.html
24 www.freeradius.org/
25 Op. cit., Stanley
26 Wi-Fi Alliance, “RF Site Survey—Recommended Practices,” www.wi-fizone.org/zoneSiteSurvey.asp
27 www.netgear.com/products/details/FWG114P.php
28 www.newburynetworks.com/products/watchdog.php
29 Havighurst, Timothy J.; DoD Wireless Policies and Requirements, NIST 802.11 Wireless LAN Security Workshop, Dec. 2002, Falls Church, Virginia, USA, http://csrc.nist.gov/wireless/S04_DOD %20Wireless%20Requirements-th.pdf

Hui Du, Ph.D.
is an assistant professor of Accounting at the University of Texas-Pan American. Her research interests include the impact of new technologies to accounting and accounting professionals, information systems control and audit, corporate governance, and the effects of legislation on financial reporting. She has been published in the Journal of Accounting and Public Policy and the Review of Business Information Systems.

Chen Zhang, Ph.D.
is an assistant professor of Computer Information Systems at Bryant University. Zhang’s primary research interests fall into the areas of distributed systems, wireless communications and network security. He has published in the Journal of Real-time Systems, the Journal of Computer Information Systems, the Journal of Sensor Review and the Journal of Concurrency & Computation: Practice & Experience.


Information Systems Control Journal, formerly the IS Audit & Control Journal, is published by the ISACA. Membership in the association, a voluntary organization of persons interested in information systems (IS) auditing, control and security, entitles one to receive an annual subscription to the Information Systems Control Journal.

Opinions expressed in the Information Systems Control Journal represent the views of the authors and advertisers. They may differ from policies and official statements of the Information Systems Audit and Control Association and/or the IT Governance Institute® and their committees, and from opinions endorsed by authors' employers, or the editors of this Journal. Information Systems Control Journal does not attest to the originality of authors' content.

Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, Mass. 01970, to photocopy articles owned by the Information Systems Audit and Control Association Inc., for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.