Shulou(Shulou.com)06/01 Report--

At present, wireless network has become an important infrastructure of enterprise mobile office (BYOD), but due to the general lack of effective management, WiFi network is increasingly becoming the breakthrough of enterprise intranet system. According to the statistics of the Enterprise Wireless Network Security report 2015, more than 90% of the enterprise WiFi network environments are in a very insecure state and have security problems.

Since the beginning of this year, there have been frequent corporate network security incidents caused by WiFi. In March, due to the existence of an open WiFi network within a company, the supercomputer Tianhe-1 was *, and a large number of sensitive information was suspected to have been leaked. When a user logged into the WiFi network using a boarding pass at Terminal T1 in May, they found that the lack of server security facilities and code loopholes of the airport WiFi provider could lead to the leakage of user privacy data in the server and the theft of boarding information.

According to the 2015 Enterprise Wireless Network Security report released by the 360th Day Patrol Laboratory, the leakage of enterprise WiFi passwords, phishing WiFi, private construction of WiFi and WiFi-related equipment vulnerabilities have become the four major security risks of enterprise WiFi networks. A sample survey shows that more than 45% of corporate WIFI passwords have been shared and made public, and more than 80% of corporate network administrators seriously lack security awareness and use very insecure popular passwords as WiFi network passwords. It can be said that it is easy for people who want to use WiFi networks like this.

The above conditions have led to more than 90% of the enterprise WiFi network environment in a very insecure state, WiFi has become the weakness and breakthrough of enterprise network security.

Through understanding, it is not difficult to find that relying solely on network security equipment can not completely solve the WLAN security problems of enterprises. With strong authentication and encryption, although in most cases, it is possible to upgrade the security of WLAN. But if wireless administrators rely too much on encryption, they can get into trouble.

The use of WPA2 and PEAP (protected EAP) encryption and authentication is an obvious example. When using WPA2-PEAP, it can be based on 802.1x

(active Directory or Radius) protocol for authentication, the security is supposed to be high. However, if the administrator configures a wireless device, such as employee notes

If this computer, tablet or smartphone does not verify the certificate, it will create an obvious security loophole.

And * can use a tool called FreeRadius-WPE, or a newer version of Hostapd-WPE, to create a wireless honeypot and distribute it with the company.

WPA2-PEAP sets the same SSID. Then, the user deciphers the information offline. It is more likely if you use MSCHAPv2,***.

Will get a user name and password. In addition, EAP-TTLS and EAP-FAST are also vulnerable to such camouflage. So, although powerful encryption and

Authentication is a key part of wireless security, but hierarchical protection measures should be taken for WLAN security, and employees' awareness of prevention should be improved at the same time.

Thus it can be seen that with the continuous development of modern science and technology and connectivity, the awareness and protection of enterprise WLAN must be advanced from time to time, and actively find out wireless security threats and potential loopholes. Today, with the continuous exposure of new threats and loopholes, its importance has become more prominent.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.