Securing a WLAN question at an interview

[ranj]

As part of the interview process. My interviewer has asked me to do a presentation on "securing a WLAN"

Does anyone have any ideas of how I could prepare for this presentation?

thanks

[Joedetic]

Do some research into encryption, captive portals, 802.1x, radius, Tacacs+ and the managed solutions that are out there such as Bluesocket (*spit*) and the other various offerings.

WLAN isn't really my thing, but I hope that helped if not a just a little.

[torledo]

As part of the interview process. My interviewer has asked me to do a presentation on "securing a WLAN"

Does anyone have any ideas of how I could prepare for this presentation?

thanks

Ahh, sounds like powepoint and cisco to the rescue.

First identify the threats i.e rogue access points, insufficient authentication, legacy 802.11b and WPA equipment, decrypting WPA keys (exploiting WPA v1) wireless sniffing etc.

Then the products and features that combat these threats;

LEAP, WPA 2, WEP Keys and SSID security, 802.1x , encyption using VPN's

And then how you'd monitor ongoing activity;

identify open source protocol analyzers, and commercial wifi products.

Research into Cisco offerings and Airmagnet monitoring equipment.


The problem i had is that while WLAN security is relatively simple to get you're head around, it's difficult to know where to start and what information is still relevant in the current a/g/n wireless environment.

[georgebush]

Also remember, the entire thing can fall apart (depending on the levels of security) if a single user knows the passkey because they're bound to tell someone, maybe even the students with a wireless laptop or nintendo ds/n95, at that point they'll probally give them your proxy settings if they know them too.

If you give anyone a laptop make sure any keys they need are pre saved and that they never find out what they were.

Obviously you wouldnt word it like that at an interview but you get the idea

[Ric_]

Also worth mentioning that the threat isn't just about getting onto the network... that is relatively easy!

The easily accessible, open, nature of wireless LANs means that some further authentication is required to secure your network from wireless LAN users (this is where the excellent Bluesocket - hehe Joedetic - and Cisco systems come into their own).

[projector1]

although we use WPA encryption, i have heard of RADUIS mentioned on this site many times.

http://www.microsoft.com/technet/com...a/isa0316.mspx

[ranj]

thanks for the input. I begin to write my presentation now i think