You are here:
  1. Home
  2. Cyber Security
  3. Services
  4. Penetration Tests
  5. Wireless Audit

Wireless Audit

Penetration testing of
wireless networks

Publicly accessible and unsecured WiFi networks are one of the most popular and promising attack vectors. Our specialized experience in WiFi security audits addresses exactly this challenge. Our WiFi security audits provide a thorough analysis and assessment of your wireless IT infrastructure to uncover vulnerabilities and recommend preventative measures. We use state-of-the-art security standards and customized solutions to protect your network from cyber attacks.

Reasons for a wireless audit

Wireless network security audits are critical to identifying and fixing potential vulnerabilities in wireless networks. A thorough review can identify security vulnerabilities such as insecure configurations, outdated firmware or inadequate encryption methods. These vulnerabilities could be exploited by attackers to gain unauthorized access to the network or intercept sensitive data. By conducting security audits, organizations can proactively implement security measures to protect their network from potential threats and ensure the integrity of their data.

Goal

The primary goal of a wireless audit is to
evaluate the security of the wireless network,
identify vulnerabilities and potential security risks,
to verify compliance with security policies and standards,
To present suggestions for improvements to increase network security.

In addition to the scope of the test, the specific test objectives and their prioritization are determined individually in advance in consultation with the client and the investigation is adapted accordingly.

Implementation

Conducting a WLAN audit can be divided into the following phases:

  1. Preparation: Defining the audit scope, selecting the areas to be audited and setting the objectives.
  2. Data collection: Use of tools to collect network data, such as security settings, SSID configurations, encryption protocols, and device authentications.
  3. Analysis: Evaluating the collected data for security risks, performance issues, and configuration errors.
  4. Reporting: Preparation of a detailed audit report containing the findings, identified weaknesses and recommendations for improvement.
  5. Debriefing: Discussion of the audit results with stakeholders and planning the implementation of the recommended actions.

Test focuses

The security analysis of WLAN access points typically includes the following checkpoints:
Checking the WiFi security standard used (WEP/WPA/WPA2/WPA3)
Checking the authentication mechanism (WPA-PSK, WPA-Enterprise)
Rotation of access data (WPA-PSK), distribution of certificates (WPA-Enterprise)
Vulnerability to deauthentication attacks, recording of login data with WPA-PSK
Vulnerability of access points to brute-force attacks on network PINs (WPS)
Recording packets in unencrypted WLAN networks
Breakout from a guest WLAN (isolation client devices)
Creation of Rogue Access Points/Evil Twins

Security consulting

General or application-specific topics in the area of IT security, best practices or know-how for raising awareness or for solution approaches can be communicated on the basis of knowledge gained and identified vulnerabilities.

Developer training

If various attack scenarios or recommended measures are unknown from the developer’s point of view, targeted training content can be used to impart basic knowledge for secure application programming.

Next Steps

After the audit has been completed, there are various starting points for efficiently continuing the previous activities:
implementation of the recommended safety measures
Planning regular audits to continuously evaluate and adapt the WLAN network
Training employees in security awareness and best practices in using WLAN