The much anticipated introduction of a lower cost, better performing wireless local area network (Wlan) standard, 802.11a, seems set to usher in a new age. Who wouldn't welcome this new standard when it is likely to bring Wlan starter kit prices down to just a few hundred pounds in a year or so?

Hassle-free PC networking would appear to be just around the corner for a potentially vast number of the UK's homes and small offices.

The technology promises wonderful benefits to corporate users too. Wlans are much easier to deploy, even in 'difficult' working environments that were never designed to support a network infrastructure.

Executives also love them. Always-on connectivity means they are liberated from the desktop, free to roam from meeting to meeting with a personal digital assistant (PDA) that has access to the same network resources that tie down their wired, desk-bound colleagues.

Despite these advantages, however, IS managers need to exercise caution. Wlan technology's silver lining contains a rather large cloud: a greater risk of network security breaches.

The technology's low cost of entry makes it very attractive. Unfortunately, inexpensive equipment also makes it easier for hackers to mount an attack. Of course, if we all set up our wireless access controls properly, with strong password authentication, they would be relatively safe.

But as every security professional knows, no installation is perfect. While authorised Wlan access points will mostly (fingers crossed) be well configured and secured, others may not be.

Passwords can be broken if they are weak, or subjected to brute force attacks. Many Wlan kits come already configured either with no passwords, or default accounts that are widely known in hacking circles. It is staggering how many of these kits are installed without these security weaknesses being addressed.

Then there are so-called 'insertion attacks' based on unauthorised wireless access points. For a corporate intranet or internal network to be properly configured to handle wireless traffic, access to and from wireless access points, as well as to and from the internet, should be controlled by firewalls. Intrusion detection and response sensors should also be in place to monitor traffic on each wireless segment.

Without these measures, there is little to stop an internal attacker or naive PC user setting up a wireless device under their desk, providing a useful little entry point to the network which is behind the firewall and other perimeter security.

It sounds far fetched, but it happens more than you might think. From this perspective, we can view Wlan technology as a dangerous development on the old 'user-configured modem on the network' problem.

An attacker abusing these wireless access points wouldn't necessarily stand out. Who would question a man in a suit using a PDA in the office lobby, or on the street outside? But rather than checking his calendar, he could be running one of several security and hacking tools that have now been ported to handheld devices to enable them to intercept and monitor wireless traffic.

While many organisations have matured their security model to defend attacks on the front door, penetration testers often find 'hard-shell, soft-centre' security in place.

Unauthorised, or poorly secured, Wlan entry points can allow an attacker to circumvent front-line digital and physical security. In doing so, they gain access to the network and, potentially, the corporate data contained within it.

Other exploits that might endanger Wlan environments include jamming, which overwhelms the frequencies with illegitimate traffic; client-to-client attacks that bypass the access point; and encryption attacks that exploit well known weaknesses in the Wired Equivalent Privacy encryption system.

These and the attack methodologies discussed above can apply to any wireless technology, not just the 802.11a standard. Understanding how they work and using this information to prevent their success is a good stepping-stone to any secure wireless solution.