Wireless Security Issues Specific to Municipalities
Last Post: November 29, 2009:
I'm hoping that we have some people here who either work for, or do a lot of work for, municipalities with regards to wireless security.
Basically, I'm looking for some ideas for the top 4-5 major wireless security concerns from a municipalities perspective. I'm sure I can come up with a list of generic wireless security concerns but I'd really love to hear some 'real' concerns from people who actually work for a municipality.
Any thoughts? Anyone?
It depends on the muni implementation. Does the muni in question have any user authentication or encryption or is it open for the public?
Well, admittedly, my question is kind of vague.
Unfortunately, I'm not really dealing with a single municipality. I'm dealing with an organization of municipalities (more specifically their magazine). I am writing an article about wireless security for them but, rather than write a generic wireless security article, I'd like to focus on concerns that commonly pop up when municipalities are considering wireless projects.
So, the deployment could really be public, private, permanent, temporary, or any mixture there of.
I know it's really a vague topic but I'm just hoping to come up with something that will help me gear this thing more towards municipalities, in general, than just creating another 'fundamentals of WLAN security' article (I hate recreating the wheel).
Anyone who knows me knows that I have the writing skills of a 7th grader. It does seem to me that you in order for me to answer your question, I need to know the angle of your article.
I'll start with this: A properly implemented Wi-Fi network is very secure whether it is in the enterprise or in a muni network.
Is your article for awareness or to expose the vulnerabilities (to the point of recommending against it's use)?
It is really hard to list all of the vulnerabilities and when said vulnerabilities exist or not.
I'd be happy to help you out but it is still a bit of a vague topic. :)
No problem. The angle would be 'these are the more common objections/concerns to implementing WLANs for municipalities' and 'these are the ways the objections/concerns can be mitigated and overcome'.
It's kind of a tricky article (I didn't get to choose the topic). While I agree that any properly deployed WLAN is secure, I can't fill 1500 words with that. I believe my audience will be IT and decision makers but that the majority will not have a deep understanding of WLANs...just a general understanding.
With that in mind, my task becomes explaining 4 or so 'misconceptions' and showing how they are easily overcome with a proper implementation. I could easily come up with 4 misconceptions, I guess, but I was hoping to come up with common misconception/show-stoppers from a municipality perspective.
One example off the top of my head might be:
- There is no way to securely offer wireless access at the various arenas/parks controlled by the city so we are just going to say no wlans in those locations
Now I know that's a no brainer to overcome, for us, but for people who don't deal with WLANs everyday it might appear to be a much more valid concern.
My 5 cents:) :)
1) mdk3 flood
2) Mass Deauth.
3) NAV based RF jamming
4) Impersonation attacks
5) Last but not least rogue AP Detection.
Finally check how is the throughput of radios(Test with minimum 10 clients and also check out the range offered while running the test .
(Also how well it would suit the budget)