.

Article for school.

<<

cleanwithit0607

Newbie
Newbie

Posts: 49

Joined: Thu Mar 27, 2008 5:17 am

Post Tue Apr 21, 2009 7:45 pm

Article for school.

Hello all. I'm writing an article about securing wireless in a HIPA enviroment. I have a few topics that I'm going to talk about, let me know if I need to add anything.

-Types of attacks, and why you should secure it in a Hipa enviroment.
-Roaming Security.
-Types of Encryption.
-Radius
-TLS
-Peap
-IPSec
-Ceritificates/Autentication.

Anything else I should add. I'm just brainstorming here. Thanks in advance.
A+, Network +, Security +, Linux +,

MCP/MCTS: Vista Config.

Work in progress: CEH

Currently Reading: Hacking-The Art Of Exploitation.

Recommended book: Counter Hack Reloaded.
<<

timmedin

User avatar

Sr. Member
Sr. Member

Posts: 469

Joined: Thu Feb 05, 2009 11:18 pm

Post Wed Apr 22, 2009 9:37 pm

Re: Article for school.

WEP's issues would be a nice one to add.
If you wanted to get into some details the latest issues with the WPA chop chop attack.
Also, might want to spell it HIPAA
twitter.com/timmedin | http://blog.securitywhole.com
<<

charlottebandit

Newbie
Newbie

Posts: 49

Joined: Sat Jun 10, 2006 4:26 pm

Post Sat Jun 20, 2009 5:18 am

Re: Article for school.

cleanwithit0607 wrote:Hello all. I'm writing an article about securing wireless in a HIPA enviroment. I have a few topics that I'm going to talk about, let me know if I need to add anything.

-Types of attacks, and why you should secure it in a Hipa enviroment.
-Roaming Security.
-Types of Encryption.
-Radius
-TLS
-Peap
-IPSec
-Ceritificates/Autentication.

Anything else I should add. I'm just brainstorming here. Thanks in advance.



I would add that in order to make a relevant case for WLAN security and HIPAA, you need to show how each security feature maps to HIPPA compliancy.  Otherwise, you're just talking WLAN security.

How about Network Admission Control (NAC) posture assessment and profiling for WLAN clients/equipment?  This is huge in Healthcare.  Also, what about monitoring AP's specifically designed to track rogue attacks? 

IPsec??  Not seeing how adding this overhead provides more security since it's primarily used now for site-2-site VPNs and remote-access VPNs.  Dump this.

TLS, PEAP, and Certificates is really just authentication means for 802.1x WLAN deployment, which could simply be covered in a paragraph or two.  More focus should be on 802.1x for AAA services than the means to authenticate.

I'm assuming you're going to be focusing on a Controller-based Architecture, right?  If so, it would beneficial to talk about many of the security features with the Controller which also adds other Layer 2 and 3 security measures depending on Controller vendor. 
MS, CCSP, CCNP, CCDP, CEH, CHFI, CPTS
<<

reliks

Newbie
Newbie

Posts: 2

Joined: Wed Jun 24, 2009 10:45 am

Post Tue Jul 07, 2009 1:14 pm

Re: Article for school.

Aircrack-ng has just released some new proof-of-concept and other new types of attacks you may want to cover. With these being released in such an easy to utilize format, we are going to see it used a lot more.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Wed Jul 08, 2009 12:19 am

Re: Article for school.

If you don't mind cleanwithit060, can you supply your finished work for public?
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Wed Jul 08, 2009 4:27 am

Re: Article for school.

Think everyone has covered the main areas, just focus on the HIPAA requirements, history or wireless networks, different options, defence and attack methods etc.

SANS published a document on securing wireless networks for HIPAA a few years ago, its been some time since I had a quick browse through it, but it might be of interest to you.

http://www.sans.org/reading_room/whitepapers/awareness/securing_wireless_networks_for_hipaa_compliance_1335?show=1335.php&cat=awareness

Return to Wireless

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software