Chapter 15. Putting It All Together

Pieces of a Coherent System

Throughout the book, we have examined wireless security one step at a time, moving from clients all the way through to gateways. The security responsibilities of each of these parts translate into the security of the whole. To recap, lets walk through each of the pieces and list what security role they play.

The client machines must protect themselves from other machines on the network. They must also properly communicate with the access point and the gateway to ensure security. If WEP is being used, the client needs to have the correct keys. If IPsec or 802.1x is being used, the client must support the protocol and be configured properly.

Further up the chain is the access point. Many access points have security issues in their firmware, allowing attacks against their SNMP servers or administration consoles. The services provided by these access points should be minimized, and desired security features such as WEP enabled. If the access point is a HostAP system, the computer must also be locked down following standard procedures for securing a server.

The gateway provides separation between the wireless network, any local wired networks, and the Internet. It treats the wireless network and the Internet as untrusted sources of traffic, shielding the wired network from them. It also provides services to computers on the wireless network such as NAT, DHCP, and DNS. IPsec tunnels from wireless clients are terminated at ...

Get 802.11 Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.