Appendix G
Wireless LAN Vulnerabilities Matrix
Complete the following matrix by filling in the blank boxes in the table.
Security protection
Brief description
Vulnerabilities
Prevention (if any)
MAC address filtering
MAC address filtering is the process of filtering out the MAC addresses as they try to access the network. The MAC address uniquely identifies each device on the network.
The MAC address filtering has some vulnerabilities, one of which is that MAC addresses are hard to keep track of. Another issue is that the MAC address is easy to spool and impersonate and gain access to the information on the network.
A good practice, to fix the vulnerabilities, is to create another layer of security that separates each device with the MAC address, to be filtered by their manufacture's OUI address.
Open system authentication (SSID beaconing)
This system is based on an active or passive scanning process, that will help the network gain the necessary information to allow the device access to the network.
The open system authentication relies on only the match of SSID. This makes it a weak authentication method to use. This is because any person with a wireless protocol analyzer software can gain access to the network.
Even though the OSA is very vulnerable and weak, a possible way to fix this issue is to create a closed network that limits who and what devices can get on the network. Also, cloaking the main SSID might work too.