T 3.84 Incorrect configuration of the WLAN infrastructure

Access points and other WLAN components offer a number of configuration settings that also affect the use of security functions in particular. If the wrong settings are specified on such components, then it may be impossible to communicate over the access point, or communication may be carried out without sufficient protection even though the user assumes protection has been provided. The faulty configuration of WLAN components can cause various security problems, for example:

• If an access point is not adequately protected against unauthorised access, then someone may be able to make changes to its configuration, which then open additional security gaps.
• Availability problems or security gaps can arise due to non-uniform configuration of the WLAN security mechanisms on the access points.
• If the Internet can be accessed over a WLAN, then anyone who can connect to the WLAN can also use the Internet without using any additional filter mechanisms.
• Granting permissions for shared directories or other system resources too generously on a WLAN client can permit an attacker to access the client without being noticed.
• If the personal firewall of a WLAN client is not correctly configured or has been disabled by the user, then the client may be subject to attacks at the operating system level under certain circumstances. This is especially a problem in external environments and hotspots.

Remote support accesses to WLANs always cause security problems when these accesses are not adequately secured and are used over insecure networks. If the configuration is incorrect in this case, then this can lead to the compromising of a WLAN client, for example, and an attacker could then gain information on how to access the WLAN. This information can then be used to attack the entire WLAN and possibly any LAN connected to the WLAN.