Home Services Publications News About us Contact Recruitment Site map
Wireless Testing:
  Overview

  The Business Case

  The Case Study
Wireless Security Testing:
Case Study

Business overview

The Infrassistance Co. (www.infrassistance.com) is an independent specialist IT infrastructure consultancy that assists organisations shape their IT Infrastructure environments to become more effective in the support of business objectives. They provide:

  • Strategic Consulting
  • Solution Design
  • Sourcing & Procurement Management
  • Project / Programme Delivery
  • Service Management

    Part of their ongoing work with a major UK high street retailer required sourcing a comprehensive Wi-Fi security testing solution.


    Background

    Infrassistance came to MWR InfoSecurity by recommendation.

    After searching we were found to be the only security testing and audit firm capable of fulfilling their requirement to the letter.

    Infrassistance were working on an IT programme of some magnitude for their client. WiSec Testing was a key component in measuring the effectiveness of existing infrastructure. The results were destined to inform how the Wi-Fi implementation would be treated, from situation analysis and discovery through to solutions-sourcing and final roll-out.


    Details of service delivered

    WiSec Check (one-off audit / situation analysis) Testing was performed across locations throughout the UK.

    Reports were delivered three days after testing with special instruction to highlight:

  • common configuration errors
  • opportunities for using wireless Access Points (AP's) as springboard for full Penetration Testing
  • WEP key rotation evidence

    All other report findings were delivered as normal:
  • SSID availability
  • MAC Address availability
  • Evidence of number of Wi-Fi clients
  • Vendor information broadcast
  • Broadcasted channel data
  • Management interface availability
  • SNMP accessibility
  • WEP key susceptibility
  • Encryption levels used
  • Broadcast beacon range
  • Infrastructure or peer mode AP setup
  • DHCP or statically assigned AP IP
  • Evidence of Access Control List

    MWR InfoSecurity also tested to find evidence of WEP key rotation, war chalking and LAN connectivity.


    Expectations

  • A clear indication of the security and functional status of their clients existing Wi-Fi implementation
  • Evidence to assist in constructing cases for various implementation options
  • Quick turnaround times
  • Consistent reporting


    Problems solved / Outcomes

    After testing, MWR InfoSecurity found the incumbent solution to be flawed in ways that could have a direct impact on business stability if exploited.
    Supporting evidence was provided to enable key programme decisions to made.

    The WiSec package made it possible to construct business cases for various Wi-Fi security solutions- including the cost effective use of existing technology.
    		•
    On Top
    Penetration testing
    Application Security Testing
    Wireless Testing
    Fasthold Vulnerability Assessment
    Load Testing
    Security Management Consultancy
    Firewall Testing
    Internal Penetration Testing
    Physical Testing

     
    home       services       news       about us       contact       recruitment       sitemap

    MWR InfoSecurity St Clement House Alencon Link Basingstoke Hants RG21 7SB
    Tel: 01256 300920   Fax: 01256 844083