O'Reilly logo

802.11 Security by Bruce Potter, Bob Fleck

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 15. Putting It All Together

Pieces of a Coherent System

Throughout the book, we have examined wireless security one step at a time, moving from clients all the way through to gateways. The security responsibilities of each of these parts translate into the security of the whole. To recap, lets walk through each of the pieces and list what security role they play.

The client machines must protect themselves from other machines on the network. They must also properly communicate with the access point and the gateway to ensure security. If WEP is being used, the client needs to have the correct keys. If IPsec or 802.1x is being used, the client must support the protocol and be configured properly.

Further up the chain is the access point. Many access points have security issues in their firmware, allowing attacks against their SNMP servers or administration consoles. The services provided by these access points should be minimized, and desired security features such as WEP enabled. If the access point is a HostAP system, the computer must also be locked down following standard procedures for securing a server.

The gateway provides separation between the wireless network, any local wired networks, and the Internet. It treats the wireless network and the Internet as untrusted sources of traffic, shielding the wired network from them. It also provides services to computers on the wireless network such as NAT, DHCP, and DNS. IPsec tunnels from wireless clients are terminated at ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required