• Home
• Topics
• Network Security Management
• Virtual Private Network Security
• Will securing a wireless LAN make the data link layer vulnerable?

Will securing a wireless LAN make the data link layer vulnerable?

Requires Free Membership to View

Login



SearchSecurity.co.UK members gain immediate and unlimited access to breaking UK industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.co.UK today!

Michael S. Mimoso, Editorial Director

• E-mail Address: 

By submitting your registration information to SearchSecurity.co.uk you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.co.uk is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

When an organization runs a wireless LAN, however, issues can arise at the data link layer, even though the confidentiality of VPN users' transmitted data is secure.

For example, consider DNS traffic. Wireless networks using the VPN security model must allow unauthenticated users' DNS traffic through the firewall so that VPN clients may verify and locate their endpoints. A few years ago at DefCon, a popular hackers' convention, security researcher Dan Kaminsky introduced a technique called DomainCasting. Such a hacking method allows individuals to gain free Internet access by using DNS traffic as a covert channel. Individuals can use this technique to gain unauthorized entry into a wireless network.

An access control technique, like the 802.1X networking standard, can extend protection to the data link layer. To learn more about implementing 802.1x on your wireless network, read the Information Security magazine article: The X Factor.

More information:

Dig Deeper

This was first published in July 2007

More from Related TechTarget Sites

• Networking UK
• Virtual Data Centre
• Data Management UK
• Security
• Cloud Security
• Security IN

• Networking UK

  • Cisco Live London: 40 and 100 GbE, souped up WLAN

    At Cisco Live London, Cisco launched 40 and 100 GbE switching, a souped-up 4-antenna WLAN access point, and a host of network virtualisation technologies.

  • UK Networkers should gear up for mobility implementations in 2012

    Companies are rethinking legacy tools to take advantage of what users get from having access to data and applications across all kinds of devices, according to TechTarget’s 2012 IT Priorities Survey.

  • Cloud gets vote of confidence from UK buyers in 2012 IT priorities

    The cloud is set to be a key investment area for UK buyers in 2012 with 30.5% of IT buyers pledging to spend on the technology, according to TechTarget’s 2012 IT Priorities Survey.

• Virtual Data Centre

  • VMware vSphere 5 storage features: Part two

    VMware vSphere 5 storage features include Storage DRS, VSA and data store clusters. IT pros can learn what these features bring to their infrastructure and how best to use them.

  • VMware updates vFabric Suite for cloud automation: News roundup

    VMware ‘s launch of vFabric Suite 5.1 for cloud automation, Equinix’s acquisition of a colo service provider and UK SMEs’ cloud adoption are this week’s highlights.

  • SEPA reaps cost savings running Oracle on VMware

    SEPA’s IT team was warned of the complexities of virtualising Oracle database and apps. But strategic design and testing helped it run Oracle on VMware vSphere and reap benefits.

• DataManagement UK

  • NEC Europe has yen for Host Analytics’ financial planning

    NEC Europe has signed up to use Host Analytics' cloud-based financial planning service to better integrate an acquisition and support its growth plans.

  • Podcast: How to craft an effective MDM strategy

    In this podcast interview, Andy Hayler gives advice on how to create and implement an MDM strategy that is ruthlessly focused on business value.

  • Jill Dyché: CEO big data focus good news and bad news for IT

    Jill Dyché, a data management expert, sees CEO interest and scepticism as both an opportunity and a threat. Avoid the big data 'gotchas', and don't mistake data warehousing for big data.

• Security

  • Intrusion detection and prevention: IDS/IPS security guide

    This guide is a compilation of SearchSecurity.com's best resources on intrusion detection and prevention. It covers not only the basics of what they are and how they work, but also discusses several other important areas of IDS and IPS security, including IDS/IPS tools, such as Snort, implementation and deployment and wireless intrusion prevention systems (WIPS).

  • Praise, criticism for retiring cybersecurity coordinator Howard Schmidt

    Security experts say some issues haven’t been adequately addressed by the White House security chief.

  • PCI Council urges P2P encryption for mobile payments

    A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.

• Cloud Security

  • Leveraging Microsoft Azure security features for PaaS security

    Organizations can boost PaaS security late in the game by implementing these stopgap measures.

  • Quiz: Understanding cloud-specific security technologies

    Think you understand cloud-specific security technologies as well as expert Joseph Granneman does? Test your knowledge with this quiz.

  • CSA launches cloud security certification initiative for service providers

    Plan calls for working with certification bodies, government agencies, as well as an independent CSA certification.

• Information Security

  • Information security budgets: Five steps to obtain management buy-in

    Getting management to approve security budgets is difficult. Here are guidelines to help you prepare and present information security budgets effectively.

  • Maltego tutorial - Part 1: Information gathering

    Maltego is a powerful OSINT information gathering tool. Our Maltego tutorial teaches you how to use Maltego for personal reconnaissance of a target.

  • POS terminal security: Best practices for point of sale environments

    Securing point of sale (POS) environments can be tricky. Shobitha Hariharan and Nitin Bhatnagar share comprehensive POS terminal security best practices.

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map