There are four primary classes of threats to wireless security:
- Unstructured threats
- Structured threats
- External threats
- Internal threats
Unstructured threats consist of inexperienced individuals using easily
available hacking tools such as shell scripts and password crackers. Structured
threats come from hackers who are more highly motivated and technically
competent. These people know wireless system vulnerabilities, and they can
understand and develop exploit-code, scripts, and programs. External threats
are individuals or organizations working from outside of the company. They do
not have authorized access to the wireless network. They work their way into a
network mainly from outside the building such as parking lots, adjacent
buildings or common areas
. These are the
type of threats that people spend the most time and money protecting against.
Internal threats occur when someone has authorized access to the network with
either an account on a server or physical access to the wire. According to the
FBI, internal access and misuse account for 60 to 80 percent of reported
incidents.
Wireless access can be a great threat to network security.
Most WLANs have few or no restrictions. Once associated to an access point, an
attacker can freely roam an unsecured internal network.