Throughout the book, we have examined wireless security one step at a time, moving from clients all the way through to gateways. The security responsibilities of each of these parts translate into the security of the whole. To recap, lets walk through each of the pieces and list what security role they play.
The client machines must protect themselves from other machines on the network. They must also properly communicate with the access point and the gateway to ensure security. If WEP is being used, the client needs to have the correct keys. If IPsec or 802.1x is being used, the client must support the protocol and be configured properly.
Further up the chain is the access point. Many access points have
security issues in their firmware, allowing attacks against their
SNMP servers or administration consoles. The services provided by
these access points should be minimized, and desired security
features such as WEP enabled. If the access point is a
HostAP system, the computer must also be locked
down following standard procedures for securing a server.
The gateway provides separation between the wireless network, any local wired networks, and the Internet. It treats the wireless network and the Internet as untrusted sources of traffic, shielding the wired network from them. It also provides services to computers on the wireless network such as NAT, DHCP, and DNS. IPsec tunnels from wireless clients are terminated at ...