Wireless (WLAN) Penetration Testing Information
Providing end users with freedom and mobility associated with WLAN is increasingly viewed as a “need to have” creating an additional network security concern. Because radio waves can travel through ceilings, floors, and walls, transmitted data often reaches unintended recipients on different floors/outside the building. Depending upon the specific risks/engagement objectives our WLAN Audit may include:
- Wireless Security Policy Review
- Wireless Architecture review (e.g., Access Point Placement and connection to wired LAN)
- Enumeration of wireless environment including active exploitation of client systems using WLAN as point of ingress
- Identification of any unauthorized or “rogue” wireless access points within the client‟s network
- Identification of network bleeds from other WLAN‟s that may pose a bridging risk.
- Wireless access point configuration review (e.g., SSID‟s, encryption mechanisms,
- Access Control Review (may include WEP, WPA, 802.1X, ACL‟s, etc.)
- User Provisioning (e.g., Authentication Credential deployment)
- Endpoint Security (e.g., configuration & technical controls – firewall, anti-virus, WAP lockdowns, etc.)
WLAN Security Testing is included in annual FDIC auditing for the Financial Industry.
“Do you have any wireless access points? If so, specify the number of Wireless Access Points, security controls in effect and your procedures for detecting rogue access points”
Wireless (WLAN) Penetration Testing Options
WLAN Configuration Audit – Validates that your WLAN is designed and configured in accordance with good practices.
WLAN Survey – Confirms that your WLAN is restricted to authorized individuals, does not extend beyond intended boundaries, that no Rogue Access Points have been deployed, and that other organizations’ WLANS are not extending into your workspace and putting you at risk.
