A Review and Comparative Analysis of Vulnerability Scanning Tools for Wireless LANs

Abstract

The 21st century has been characterized by the widespread proliferation and use of wireless networks, notably, Wireless LANs, that enhanced access to information and resources to businesses and the society at large. However, WLANs are vulnerable to a range of security issues such as replay and KRACK attacks. In addition, the underlying security protocols used within WLANs, including Wired-Equivalent Privacy and the different versions of the Wi-Fi Protected Access have had security vulnerabilities that led to deprecation of few previous versions. As such, in the process of hardening security of such networks, vulnerability assessment is important and for this, various vulnerability scanners are available on the market. This paper critically reviews and analyses key vulnerability scanners for the context of WLANs. As part of the investigation, four tools, notably Nessus Vulnerability Scanner, OpenVAS, Nexpose and GFI LanGuard are reviewed, and insights are provided following practical utilization. As key findings, different vulnerability scanners were found to address different kinds and number of vulnerabilities, where some of them can be more granular than others, even in terms of output provided to the user. Moreover, the scan duration was not consistent across tools and does not corelate with the number of vulnerabilities detected.