Una rete wireless non protetta significa che chiunque può semplicemente connettersi al punto di accesso wireless e raccogliere tutto il traffico. Se gli utenti della rete non utilizzano le pagine Web HTTPS (SSL / TLS abilitate), le loro password, nomi utente e altre informazioni sensibili non sarebbero protette.
Utilizzando WPA2-PSK, il punto di accesso wireless utilizza la passphrase comune per generare chiavi di crittografia univoche per ciascun client wireless. Ciò significa che anche se gli utenti non utilizzano le pagine Web abilitate per HTTPS, il loro traffico è ancora protetto con WPA2.
Come Autenticazione WPA2-PSK funziona
Using a technology called TKIP (Temporal Key Integrity Protocol), that
passphrase, along with the network SSID, is used to generate unique
encryption keys for each wireless client. Those encryption keys are
constantly changed.
TKIP è considerato non sicuro e non dovrebbe essere usato. Invece, è necessario utilizzare l'opzione WPA2-PSK con AES per fornire chiavi univoche per ciascun client wireless.
Per farla breve, scegli sempre l'opzione crittografata.
Guida NIST
Wireless networks and handheld devices are vulnerable to many of the
same threats as conventional wired networks. Intruders who gain access
to information systems via wireless communications can bypass firewall
protection. Once they have accessed systems, intruders can launch
denial of service attacks, steal identities, violate the privacy of
legitimate users, insert viruses or malicious code, and disable
operations. Sensitive information that is transmitted between two
wireless devices can be intercepted and disclosed if not protected by
strong encryption. Handheld devices, which are easily stolen, can
reveal sensitive information.
Before establishing wireless networks
and using handheld devices, organizations should use risk management
processes to assess the risks involved, to take steps to reduce the
risks to an acceptable level, and to maintain that acceptable level of
risk. Using risk management processes, managers can protect systems
and information in a cost-effective manner by balancing the
operational and economic costs of needed protective measures with the
gains in mission capability to be achieved through the application of
new technology.
Proteggi la tua rete wireless
The convenience of having a wireless network in your home comes with
added security risks. If it isn't secured properly you are vulnerable
to someone using it to get to your information or to hijack your
connection or computer for their own purposes.
You could be held liable if someone uses your internet connection, as
any illegal activity will be linked back to your ISP account.
Having an unsecured wireless network can allow anyone within
range-your neighbours or anyone on the street-to access your network
or use your internet connection. They could use up your download
allowance (possibly resulting in excess usage fees), intercept and
read your files or email or, more seriously, use your account to
access illegal content or undertake criminal activities.
Rischi per la sicurezza con l'utilizzo di reti wireless non protette
Whether you are using a wired router or a wireless one, if it is not
configured properly, both of them could pose potential security risks.
The common notion that wireless routers or networks are not secure or
less secure is true, but only in circumstances where it is used right
out of the box without correctly configuring its security settings. If
your wireless network is ‘unsecured’ or ‘open’, an intruder can easily
gain access to your internal network resources as well as to the
Internet, all without your consent. Once the intruder has access to
your network, he/she can use it for a variety of operations, such as:
- Per rubare la larghezza di banda di Internet.
- Per eseguire azioni dirompenti o illegali.
- Per rubare le tue informazioni sensibili.
- Esecuzione di attacchi Denial-of-Service (DoS) per rendere la rete inutilizzabile inviando false richieste.
- Per infettare la rete con minacce dannose.