A wireless LAN is an ideal way of providing high speed data connectivity to students, teaching and research staff moving about within a campus environment. The cost of wireless LAN equipment has also fallen by half in the last year. It is therefore no surprise to find that most further and higher education institutes in the UK have some form of wireless LAN installed, or plan to install one in the near future. However, wireless LANs pose a number of new security threats which every network manager should be aware of. This paper starts by examining the four main threats: invasion (access by unauthorised users); eavesdropping (interception of data); "man in the middle" attacks (use of fake access points to capture user registrations) and back doors (installation of unauthorised access points). The paper next explains how the popular IEEE 802.11b wireless LAN standard tries to counter these threats using WEP (wired equivalent privacy) and WEP has been shown to be much less effective that the designers intended. This is followed by an overview of possible WEP fixes and other relevant technological solutions, including IEEE 802.1x key management and IPsec (Internet Protocol security). The paper concludes with a number of practical suggestions that network managers can implement now to improve the security of their wireless LAN.
