Ask the Expert

Is there a best practice for monitoring and detecting foreign wireless devices

Until we're comfortable with wireless security, our company has a "no wireless on site" policy (with the exception of Admin testing). Without connecting a wireless device to our hardwired network, is there a recommended means for continuous monitoring/detecting of "foreign" wireless devices brought on site by either employees or guests? (I won't rule out a standalone PC with a wireless card.)

    Requires Free Membership to View

Rouge wireless access points certainly present an interesting challenge for security professionals. The combination of ubiquitous network jacks and extremely inexpensive wireless hardware simply make it too easy for an employee to set up his or her own "private" wireless network to do "what those IT guys won't handle."

If your company is of relatively limited size and it's practical to walk around every once in a while, you might want to use the RF scanning approach. There's a free product called NetStumbler available to assist you with this task.

There are also various products that claim to perform rouge access point detection from the wired network. I've never worked with any of these personally, but you might want to try looking at the WiSentry product. One of the biggest advantages of this approach is that you'll be able to detect activity from access points that don't broadcast their SSIDs. Tools like NetStumbler are unable to detect these sneaky APs.

This was first published in April 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: