Over 200 cities, including Philadelphia and San Francisco, are planning to build comprehensive wireless networks in 2006, meaning people could soon leisurely browse the Internet in parks, cars and restaurants. However, most cities haven’t yet put a security plan in place to protect the networks.
The analyst firm Gartner says 80 percent of WLANs are vulnerable to intrusion, while the abuse of wireless networks is growing. Experts say that encryption and authentication capabilities, client isolation, monitoring for malware and unauthorized equipment and traffic-rate limiting should be considered during network planning.
For more sensitive data, experts recommend VPN connections for each client, a tiered access system, a comprehensive intrusion-detection system and robust wireless security and encryption protocols. However, extra security means extra costs, and the city of Philadelphia, contracting with Earthlink, limited security in open-access points to an “acceptable use policy and disclaimer.”
One common attack open-access WLANs face is called the “evil twin,” where rogue access points overpower legitimate WiFi signals, connecting clients to fake networks where password and personal information is compromised. Gartner says the evil twin scenario is overhyped, and that basic security precautions, including using passwords and VPNs, disabling print- and file-sharing for clients and monitoring rogue access points, are adequate to protect against evil twin threats.