Login

***harlan4096*** · 13 June 19, 06:36

Quote:

Almost every office has a Wi-Fi network today, and sometimes more than one. Who wants to connect laptops with a cable? And forget about smartphones and tablets! However, a wireless network can be a weak point in your IT infrastructure.

Password mining

Not all companies use complex and unique passwords for their wireless networks, and few bother to disable the broadcasting of the network’s name. And not many at all limit the power of the WI-Fi signal to prevent network connections from outside of the office. Thus, usually little prevents a potential attacker from hanging around near the office and trying to get into a corporate network through a Wi-Fi connection.

Performing a simple dictionary attack on the router’s login takes just a few seconds. Hacking complex password combinations takes more time, unless the attacker is in a hurry, it is quite possible. However, that’s not always necessary, because with some routers, an attacker can simply use vulnerabilities in the firmware.

Firmware vulnerabilities

Researchers regularly detect vulnerabilities that can allow malefactors into a network, bypassing your Wi-Fi router’s passwords and other protective mechanisms. In some cases they can get superuser rights on the device. Usually developers are quick to patch those vulnerabilities. The trouble is that many organizations do not install patches in a timely manner, especially when doing so involves reflashing firmware.

Guest network

Many companies use different Wi-Fi networks for employees and guests. This is a reasonable measure: on the one hand, customers and other visitors to the office can connect to the Internet; on the other hand, they will not have access to the corporate network and internal resources. However, guest Wi-Fi can work against you.

Getting a password for a guest network is easy enough — that’s the idea. But in some cases — if the network is improperly configured — it can let guests reach some elements of the corporate infrastructure.

Even with the correct network configuration, your employees can unwittingly put themselves in jeopardy. Suppose that one of them wanted to access a network resource blocked by corporate policy. Without thinking twice, he connects a laptop with confidential data to the guest network. Now an attacker lurking in the same guest network can try to perform a man-in-the-middle attack and infect his laptop with malware.

Login
Username/Email:
Password:	Lost Password?
	Remember me