WiFi security assessments

Introduction

We consider wireless networks to be a weak point in network security. Our experience shows that wireless networks can actually be implemented with very strong security in mind, however failures can still occur regardless of the technology, organization or business concerned.

Our Wireless Security Assessment services measure the security of your wireless infrastructure and provide you with a roadmap to ensure the integrity and availability of information and resources. This assessment is complete in three phases. Each phase provides the ethical hacking team with information that is used in the next phase.
 

WiFi Security Assessment

Comprehensive wireless security assessments include analysis of the network structure and configuration, detecting weak security passwords and algorithms, and exploration of the risks related to the so called “evil twin” attack. (In an evil twin attack, the attacker places an access point in the corporate network that at first glance seems to be legitimate, and yet enables eavesdropping of all the traffic it is intended to stalk.)

 During the first phase, Map and Identify Active Wireless Networks, the ethical hacking team will determine your network's vulnerability to an attacker with radio access to the wireless network space. The ethical hacking team will attempt to detect the 802.11 wireless networks in place (including any ad-hoc networks identified), determine the locations and ranges of the wireless networks, evaluate the range of the wireless access area, determine network configuration information, and probe points of entry for identifying system information or access parameters.

In the second phase of the engagement, Assess Wireless Implementation for Vulnerabilities, our consultants will pose as someone with normal user access and evaluate the security measures taken to secure infrastructure, including the following ESSID, the use and strength of WEP encryption, network segmentation, and access control devices.

During the last phase of the assessment, Exploit Vulnerabilities and Access Other Networks, the team will try to use the previously discovered vulnerabilities to obtain access to other network segments. If the team is successful, they will test different methods to exploit that access. This phase will determine which network segments and systems the wireless network infrastructure can access, the security controls that separate the wireless network from other network segments and if the wireless network can be used as a launching point to attack other systems.

In an assessment the range on which network traffic eavesdropping can be performed is also evaluated. Depending on client needs, physical security aspects can be investigated as well with coverage extending to both the networks most at risk and inspection of the locations of access points.

Each test is performed to emulate potential threats and to find options to mitigate them. As a result, our clients get a comprehensive report describing the assessment in detail including executive summary, detailed finding with risk level and mitigating controls and recommendations.

Before the project begins, we will work with your team to develop boundaries for actions and events that our team can perform during the vulnerability assessment. Any High-Risk vulnerabilities/risks identified during the assessment will be immediately communicated to you. After the testing has been completed, we will provide your organization with a formal report that:

  • Lists all identified weaknesses and vulnerabilities
  • Explains the risks associate with the current network configuration
  • Presents recommendations to increase the security of your wireless infrastructure

For further information on our WiFi Security Assessment service, please contact one of our sales representatives by calling +1 (727) 210-5204 or by completing our Online Inquiry Form.

Submit Your RFP

Submit RFP to ISGRM

We look forward to partnering with clients, new and existing, on their information security needs. Please don't hesitate to contact us if you have questions or wish to speak with us regarding one or more of our services.

Address

CISSP.COM
P.O.Box 47955
Tampa, Fl, USA 33646-7955, USA

Email

sales@cissp.com

Phone

+1(727)210-5204

Have Questions?

Email Us your Questions. We will respond the same day.

Contact Us