Page 39 - CDM Cyber Warnings November 2013
P. 39
Virus/Worm/Spyware: These are spread after compromising a network and these exploit
system vulnerabilities to gain privilege access or to manipulate data.
ARP Redirection/Spoofing: It allows an adversary to redirect network traffic to his/her
system.
Industry Best Practices:
1- Access Point Location: It is important to implement the Access Point in a way that it
will target most users and provide good signal strength to them.
2- Use a strong encryption algorithm: It is highly recommended to use a strong
encryption algorithm with a combination of strong password policy i.e. Organizations
should not make mistakes like using SSID same as their org name
3- Change Default Settings: It is advisable to change the default settings i.e. default
password, encryption key, SNMP Weak strings.
4- SSID Security: Broadcasting SSID is like a honey cake for an attacker.
5- Authentication Verification: Authentication can also be done in terms of MAC/IP
Verification.
6- Access Point Update: It is highly recommended to update the access point software to
current.
7- Logging: Logging helps maintain a auditable information of access.
8- Securing Guest Access: In case guest access is enabled, it is recommended to
provide separate access points for this.
9- Wireless Audit: Wireless audit should be done by external vendors and the outcome of
this exercise should be implemented.
10- User Awareness: It is an organization’s responsibility to promote awareness about
Secure wireless usage.
11- Wireless IDS/IPS: It is highly recommended to implement wireless IDS/IPS.
39 Cyber Warnings E-Magazine – November 2013 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
