EthicalHat provides wireless auditing services to businesses of all sizes to help them detect and remediate security vulnerabilities in their wireless networks. We use a combination of automated scans and manual examination to find configuration errors, weaknesses in authentication methods, and other security loopholes in your network.
The specific configuration mistakes we mainly look for include:
- Use of standard/default usernames and passwords
- Publicly visible SSIDs
- Unsecured credentials for authentication
- Unencrypted data in transmission, etc..
Additionally, we make sure that you use a virtual private network (VPN) for secure access, and that you have a network Access Control List or ACL to prevent unauthorized users and devices from accessing your network.
Authentication and Encryption
We also ascertain that the authentication and encryption processes and protocols you have in place are designed for maximum security. Our auditors check if the security protocol you are using – whether it is WPA, WPA2 or WPA3 – is correctly configured and if you are leveraging all the security features that it offers. Overall, we help you pick the best combination of authentication and encryption options and decide on an authentication server if you aren’t already using one and would like to.
We start the audit exercise by identifying all your wireless networks or WLANs and their access points. Our process is akin to a penetration test in that we attempt to figure out the security algorithm you use and attempt to break into the network(s). This helps us find the weak spots in your network and security setup and suggest fixes for these. After the audit is complete, we put together a detailed audit report listing all the vulnerabilities that were detected during the process and ways to mitigate these. The report also includes general recommendations for securing your wireless network against external attacks and all the configuration changes that will further strengthen your wireless security posture.