11 allows wireless
clients to use a null string (no value entered in the SSID ?¬?eld), thereby requesting that the
access point broadcast its SSID. However, this technique renders the security effort
ineffective because hackers need only send a null string until they ?¬?nd an access point.
Access points also support ?¬?ltering using a MAC address. Tables are manually constructed
on the AP to allow or disallow clients based upon their physical hardware address.
However, MAC addresses are easily spoofed, and MAC address ?¬?ltering is not considered
a security feature.
While 802.11 committees began the process of upgrading WLAN security, enterprise
customers needed wireless security immediately to enable deployment. Driven by customer
demand, Cisco introduced early proprietary enhancements to RC4-based WEP encryption.
Cisco implemented Temporal Key Integrity Protocol (TKIP) per-packet keying or hashing
and Cisco Message Integrity Check (Cisco MIC) to protect WEP keys. Cisco also adapted
802.1x wired authentication protocols to wireless and dynamic keys using Cisco
Lightweight Extensible Authentication Protocol (Cisco LEAP) to a centralized database.
Soon after the Cisco wireless security implementation, the Wi-Fi Alliance introduced WPA
as an interim solution that was a subset of the expected IEEE 802.
Pages:
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318