Wireless Security Checklist

ISO 17799 / ISO 27001

No. Control Objective Procedure Wireless networking is not secure enough to be used in a production environment that requires high security or involves confidential data. 1 Business Use

2 Policy and Procedures 3 Application Type 4 Physical 5 Physical

Obtain a copy of the Wireless networking policies and procedures document. Determine if the application is a mission critical app, and identify the classification of the data that will be traversing the wireless network Perform a site survey, check if access points are located in the facility, and also check for antennas in hallways and common areas. Check for Rogue access points on desktops, and in conference rooms. If possible utilize a laptop with a wireless card and the appropriate software External radio signal leakage, determine if Access Points are located outside of the facility or located near perimeter walls which can lead to leaking traffic to external wireless devices Determine the connection capability of the access point. Are there dual wired connections from the access point into the wired network Review the configuration of the access point and determine if WEP is enabled, also determine the encryption key length WEP keys are a shared secret and devices need to be protected, and change procedures are required for changing Assess whether the wireless devices are part of change control Configure the network to use static IP addresses, and is a separate segment from the other networks Access to the Access point is limited to administrators and changes are documented SNMP access is secured with unique community names. Warning banners are displayed upon attempted access to the Access Point Ensure that Auditing and logging are enabled on the device

6 Physical

7 Reliability\Availability 8 Reliability\Availability 9 Encryption 10 Encryption 11 Change Control 12 Wireless network Configuration 13 Device Configuration. 14 Device Configuration. 15 Device Configuration. 16 Device Configuration.

17 Device Configuration.

18 Device Configuration. 19 Device Configuration.

20 Other

Review the configuration and test for the context of the SSID, it should be a unique hard to guess string with a minimum of 8 characters not in dictionary Broadcast SSID, test the configuration to see if the SSID is being Broadcast for all wireless devices to connect Client configuration, ensure that the policy requires all clients to be in Infrastructure mode, as opposed to ad hoc mode. Sample a few devices to verify the mode setup Currently the best method of securing your wireless network is to put your wireless access points into a DMZ, and have your wireless users tunnel into your network using a VPN. There's going to be an extra effort associated with setting up a VLAN for your DMZ. This solution adds a layer of encryption and authentication that could make a wireless network suitable for sensitive data. MAC Filtering Wireless access points can also filter devices allowed to connect to the wireless network based on MAC (Hardware addresses)

21 Other

Remediation Action Ensure that the implementation of the wireless network is only in use outside of the production environment. Also check that the Wireless network is used outside the firewall to prevent wireless hackers from sniffing internal network data Review the document to ensure that the policy covers all areas of wireless security, as outlined in this work program Review the applications installed on the mobile devices and systems that have wireless networking enabled. Layout of coverage for wireless devices, determine if only the facility that requires wireless contains access points. Scan the facility for radio signals from access points by using the laptop and wireless sniffing software to document unauthorized access points Perform a site survey of the external network using the wireless sniffing configured laptop if available.

Date of Remediation

Ask how many connections can the Access point handle and what is the normal usage in a given day Connections into Wired backbone Access the administration utility of the Access Point, and view the settings for WEP and its key length (48, 64, or 128 bit) Ensure that WEP keys are kept private, and that the keys are changed periodically Determine if changes had been made and review documentation Review the configuration to see if static IP address are used and that the IP segment is different from the wired network Review the device configuration and test to see that a password is required for access to the configuration of the Access Point Ensure that Public and Private or other easily guessed strings are not used for SNMP access Enable Warning banners on access to the Access Point Review the log file from the device

Access the administration utility of the Access Point and review the value of the SSID string.

Access the administration utility of the Access Point and determine if SSID broadcast is enabled Sample a few devices to verify the mode setup Adhoc or Infrastructure mode. Adhoc is for peer to peer connectivity and should disabled

This is an additional measure for providing authentication