Securely deploying IEEE 802.11 WLANs
Ross, David A., Clark, Andrew J., & Looi, Mark H. (2007) Securely deploying IEEE 802.11 WLANs. In Clark, A., McPherson, M., & Mohay, G. (Eds.) AusCERT Asia Pacific Information Technology Security Conference (AusCERT2007): Refereed R&D Stream, 20-25 May, 2007, Gold Coast, Qld..
In wireless LANs, the robust security network, or RSN, as defined in the IEEE wireless LAN security amendment, IEEE802.11i, is the goal for any new deployment of all but the most open public networks. This paper discusses and compares the differences between theory and practice — between WEP, WPA, WPA2, IEEE802.11i, RSN and TSN — and their application in public, private, commercial and government environments. While the details and analysis of a series of tests on two modes of attack on WPA2 WLANs shows a possible implementation attack on a strong configuration fails for all equipment surveyed, it illustrates the issues of weak configurations of WPA2 WLANs not meeting RSN requirements and demonstrates the vulnerabilities of such weak configurations. The empirical results are discussed, both in the context of the relevant parts of the standard, as well as in that of the intended application. The use of vendor-specific "mixed-modes" of operation (WEP with WPA/WPA2), where available, is shown to severely compromise the security of a WLAN and common failures in consumer and SOHO configurations are also substantiated. The paper concludes with specific guidance in the secure deployment of WPA2 to form a RSN and remedial actions where the existing configuration degrades security.
Impact and interest:
Citation counts are sourced monthly from and citation databases.
These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.
Citations counts from theindexing service can be viewed at the linked Google Scholar™ search.
Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.
|Item Type:||Conference Paper|
|Additional Information:||The contents of this conference can be freely accessed online via the web page provided (see hypertext link).|
|Subjects:||Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > DATA FORMAT (080400) > Data Format not elsewhere classified (080499)|
|Divisions:||Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
|Copyright Owner:||Copyright 2007 (please consult author)|
|Deposited On:||11 Nov 2008|
|Last Modified:||29 Feb 2012 13:31|
Repository Staff Only: item control page